build 'requesterId' for private-sector SP's based on hashed unique AppIds

set 'requesterId' and 'providerName' to static value for any type of SP

1 files changed, 19 insertions, 2 deletions

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index b13b6c18..b92102ed 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -51,10 +51,23 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
 eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
-eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+
+## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate
 eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
-eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+## use hashed version of unique SP-Identifier as requesterId
+eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true
+
+## user static requesterId for all SP's in case of LU
+eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
+
+ 
+## set provider name for all public SPs
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
+
+
 
 eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
 
@@ -92,6 +105,10 @@ eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
 eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false
 eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
 
+
+
+
+
 ##without mandates
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true