aboutsummaryrefslogtreecommitdiff
path: root/connector/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'connector/src/main')
-rw-r--r--connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java6
-rw-r--r--connector/src/main/resources/application.properties90
-rw-r--r--connector/src/main/resources/specific_eIDAS_connector.beans.xml58
3 files changed, 105 insertions, 49 deletions
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java
index 428f5f56..6616db23 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/SpringBootApplicationInitializer.java
@@ -47,10 +47,10 @@ public class SpringBootApplicationInitializer extends SpringBootServletInitializ
// initialize status messenger
LogMessageProviderFactory.setStatusMessager(ctx.getBean(IStatusMessenger.class));
- log.info("Initialization of MS-specific eIDAS-Implementation finished.");
+ log.info("Initialization of MS-specific eIDAS-Connector finished.");
} catch (final Throwable e) {
- log.error("MS-specific eIDAS-Implementation initialization FAILED!", e);
+ log.error("MS-specific eIDAS-Connector initialization FAILED!", e);
throw e;
}
@@ -80,7 +80,7 @@ public class SpringBootApplicationInitializer extends SpringBootServletInitializ
// initialize status messenger
LogMessageProviderFactory.setStatusMessager(internalContext.getBean(IStatusMessenger.class));
- log.info("Initialization of MS-specific eIDAS-Implementation finished.");
+ log.info("Initialization of MS-specific eIDAS-Connector finished.");
return internalContext;
}
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index e7437840..74e86aed 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -8,6 +8,7 @@ server.servlet.contextPath=/ms_connector
app.build.artifactId=ms_connector
+
#############################################################################
## SpringBoot Admin client
spring.boot.admin.client.enabled=false
@@ -16,9 +17,9 @@ spring.boot.admin.client.enabled=false
## SpringBoot Actuator
management.endpoints.web.exposure.include=health,info
-
#############################################################################
-## MS-speccific eIDAS-Connector configuration
+## Common parts of MS-speccific eIDAS application configuration
+
#eidas.ms.context.url.prefix=
eidas.ms.context.url.request.validation=false
#eidas.ms.configRootDir=file:/.../config/
@@ -48,6 +49,29 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
#eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+## HTTP-client defaults
+eidas.ms.client.http.connection.timeout.socket=15
+eidas.ms.client.http.connection.timeout.connection=15
+eidas.ms.client.http.connection.timeout.request=15
+
+
+## Common PVP2 S-Profile (SAML2) configuration
+#eidas.ms.pvp2.metadata.organisation.name=JUnit
+#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
+#eidas.ms.pvp2.metadata.organisation.url=http://junit.test
+#eidas.ms.pvp2.metadata.contact.givenname=Max
+#eidas.ms.pvp2.metadata.contact.surname=Mustermann
+#eidas.ms.pvp2.metadata.contact.email=max@junit.test
+
+##only for advanced config
+eidas.ms.configuration.pvp.scheme.validation=true
+eidas.ms.configuration.pvp.enable.entitycategories=false
+
+
+
+#############################################################################
+## MS-speccific eIDAS-Connector configuration
+
## eIDAS Ref. Implementation connector ###
eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
eidas.ms.auth.eIDAS.eid.testidentity.default=false
@@ -70,8 +94,9 @@ eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
## set provider name for all public SPs
eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
+## set NameIdPolicy to 'unspecified' as work-around for DE Middleware v1.2.x
+eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
-#eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=
eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
#eidas.ms.auth.eIDAS.szrclient.useTestService=true
@@ -139,13 +164,6 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
#eidas.ms.pvp2.key.signing.password=password
eidas.ms.pvp2.metadata.validity=24
-#eidas.ms.pvp2.metadata.organisation.name=JUnit
-#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
-#eidas.ms.pvp2.metadata.organisation.url=http://junit.test
-#eidas.ms.pvp2.metadata.contact.givenname=Max
-#eidas.ms.pvp2.metadata.contact.surname=Mustermann
-#eidas.ms.pvp2.metadata.contact.email=max@junit.test
-
## Service Provider configuration
#eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata
@@ -159,5 +177,53 @@ eidas.ms.pvp2.metadata.validity=24
##only for advanced config
eidas.ms.configuration.sp.disableRegistrationRequirement=false
-eidas.ms.configuration.pvp.scheme.validation=true
-eidas.ms.configuration.pvp.enable.entitycategories=false \ No newline at end of file
+
+
+
+#############################################################################
+## MS-speccific eIDAS-Proxy-Service configuration
+
+#### eIDAS ms-specific Proxy-Service configuration
+eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy
+#eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=
+
+# Mandate configuration
+eidas.ms.auth.eIDAS.proxy.mandates.enabled=false
+#eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default=
+#eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default=
+
+
+## special foreign eIDAS-Connector configuration
+#eidas.ms.connector.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata
+#eidas.ms.connector.0.countryCode=CC
+#eidas.ms.connector.0.mandates.enabled=false
+#eidas.ms.connector.0.mandates.natural=
+#eidas.ms.connector.0.mandates.legal=
+#eidas.ms.connector.0.auth.idaustria.entityId=
+
+
+## PVP2 S-Profile communication with ID Austria System
+# EntityId and optional metadata of ID Austria System
+#eidas.ms.modules.idaustriaauth.idp.entityId=
+#eidas.ms.modules.idaustriaauth.idp.metadataUrl=
+
+# SAML2 client configuration
+eidas.ms.modules.idaustriaauth.keystore.type=jks
+#eidas.ms.modules.idaustriaauth.keystore.name=
+#eidas.ms.modules.idaustriaauth.keystore.path=
+#eidas.ms.modules.idaustriaauth.keystore.password=
+#eidas.ms.modules.idaustriaauth.metadata.sign.alias=
+#eidas.ms.modules.idaustriaauth.metadata.sign.password=
+#eidas.ms.modules.idaustriaauth.request.sign.alias=
+#eidas.ms.modules.idaustriaauth.request.sign.password=
+#eidas.ms.modules.idaustriaauth.response.encryption.alias=
+#eidas.ms.modules.idaustriaauth.response.encryption.password=
+
+# TrustStore to validate SAML2 metadata from ID Austria
+#eidas.ms.modules.idaustriaauth.truststore.type=jks
+#eidas.ms.modules.idaustriaauth.truststore.name=
+#eidas.ms.modules.idaustriaauth.truststore.path=
+#eidas.ms.modules.idaustriaauth.truststore.password=
+
+
+
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 42fa6360..46cf1f5b 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -14,70 +14,60 @@
<import resource="specific_eIDAS_core.beans.xml"/>
<bean id="processEngineSignalController"
- class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
+ class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
<bean id="saml2MetadataGeneration"
class="at.asitplus.eidas.specific.connector.health.Saml2MetadataHealthIndicator">
- <property name="pvpIdpCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
+ <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
</bean>
<bean id="PVPEndPointConfiguration"
- class="at.asitplus.eidas.specific.connector.config.PvpEndPointConfiguration" />
+ class="at.asitplus.eidas.specific.connector.config.PvpEndPointConfiguration" />
<bean id="PVPEndPointCredentialProvider"
- class="at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider" />
+ class="at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider" />
<bean id="PVPMetadataConfigurationFactory"
- class="at.asitplus.eidas.specific.connector.provider.PvpMetadataConfigurationFactory" />
+ class="at.asitplus.eidas.specific.connector.provider.PvpMetadataConfigurationFactory" />
<bean id="pvp2SProfileEndpoint"
- class="at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint">
- <property name="pvpIdpCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- <property name="metadataProvider">
- <ref bean="PVPMetadataProvider" />
- </property>
+ class="at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint">
+ <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
+ <property name="metadataProvider" ref="PVPMetadataProvider" />
+
</bean>
<bean id="AuthnRequestValidator"
- class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
+ class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
- <bean id="SAMLVerificationEngine"
- class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" />
+ <!-- bean id="SAMLVerificationEngine"
+ class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" /-->
<bean id="pvpMetadataService"
- class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
- <property name="pvpIdpCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
+ <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
</bean>
<bean id="PVPAuthenticationRequestAction"
- class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
- <property name="pvpIdpCredentials">
- <ref bean="PVPEndPointCredentialProvider" />
- </property>
- <property name="metadataProvider">
- <ref bean="PVPMetadataProvider" />
- </property>
+ class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
+ <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
+ <property name="metadataProvider" ref="PVPMetadataProvider" />
</bean>
<bean id="PVPMetadataProvider"
- class="at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider" />
+ class="at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider" />
<bean id="PVPSubjectNameGenerator"
- class="at.asitplus.eidas.specific.connector.builder.PvpSubjectNameGenerator" />
+ class="at.asitplus.eidas.specific.connector.builder.PvpSubjectNameGenerator" />
+
<!-- Tasks -->
<bean id="GenerateCountrySelectionFrameTask"
- class="at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask"
- scope="prototype" />
+ class="at.asitplus.eidas.specific.connector.processes.tasks.GenerateCountrySelectionFrameTask"
+ scope="prototype" />
<bean id="EvaluateCountrySelectionTask"
- class="at.asitplus.eidas.specific.connector.processes.tasks.EvaluateCountrySelectionTask"
- scope="prototype" />
+ class="at.asitplus.eidas.specific.connector.processes.tasks.EvaluateCountrySelectionTask"
+ scope="prototype" />
</beans> \ No newline at end of file