From 9d1d6626032aa59eb169e310ed239b94c0bc5447 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 16:02:01 +0200 Subject: chore(config): split default configuration into MS-Connector and MS-Proxy-Servie --- .../ms-proxyservice/default_config.properties | 115 +++++++++++++++++++++ 1 file changed, 115 insertions(+) create mode 100644 basicConfig/ms-proxyservice/default_config.properties (limited to 'basicConfig/ms-proxyservice/default_config.properties') diff --git a/basicConfig/ms-proxyservice/default_config.properties b/basicConfig/ms-proxyservice/default_config.properties new file mode 100644 index 00000000..b14c0221 --- /dev/null +++ b/basicConfig/ms-proxyservice/default_config.properties @@ -0,0 +1,115 @@ +## Basic service configuration +eidas.ms.context.url.prefix= +eidas.ms.core.configRootDir=file:./ + + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +############################################# +#### eIDAS Ref. Implementation connector #### +eidas.ms.auth.eIDAS.eid.testidentity.default=false + +## eIDAS Request configuration +eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria + +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.node_v2.forward.endpoint= + + +############################################# +#### eIDAS identity-matching ###### +# ZMR communication +eidas.ms.auth.eIDAS.zmrclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.zmrsrv-a/soap/ZMRService +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/.... +eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= +eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= +eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr= + +# ERnP communication +eidas.ms.auth.eIDAS.ernpclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.erpsrv-a/srv/rest/ +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=keys/.... +eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias= +eidas.ms.auth.eIDAS.ernpclient.ssl.key.password= +eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr= + +# SAML2 ID Austria client for matching +eidas.ms.modules.idaustriaclient.keystore.type=jks +eidas.ms.modules.idaustriaclient.keystore.path=keys/... +eidas.ms.modules.idaustriaclient.keystore.password= +eidas.ms.modules.idaustriaclient.metadata.sign.alias= +eidas.ms.modules.idaustriaclient.metadata.sign.password= +eidas.ms.modules.idaustriaclient.request.sign.alias= +eidas.ms.modules.idaustriaclient.request.sign.password= +eidas.ms.modules.idaustriaclient.response.encryption.alias= +eidas.ms.modules.idaustriaclient.response.encryption.password= + +eidas.ms.modules.idaustriaclient.truststore.type=jks +eidas.ms.modules.idaustriaclient.truststore.path=keys/id_austria_truststore.jks +eidas.ms.modules.idaustriaclient.truststore.password=trustIda + +eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=https://eid2.oesterreich.gv.at/auth/idp/shibboleth + + + +############################################# +#### SZR communication ###### +eidas.ms.auth.eIDAS.szrclient.useTestService=true +eidas.ms.auth.eIDAS.szrclient.endpoint.prod=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-p/SZR +eidas.ms.auth.eIDAS.szrclient.endpoint.test=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-a/SZR +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=pkcs12 +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... +eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= +eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= +eidas.ms.auth.eIDAS.szrclient.ssl.key.password= + + +############################################# +#### IDA-AuthBlock configuration ###### +eidas.ms.auth.eIDAS.authblock.keystore.type=jks +eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + +################################################# +#### PVP2 S-Profile end-point configuration #### +eidas.ms.pvp2.keystore.type=jks +eidas.ms.pvp2.keystore.path=keys/..... +eidas.ms.pvp2.keystore.password= +eidas.ms.pvp2.key.metadata.alias= +eidas.ms.pvp2.key.metadata.password= +eidas.ms.pvp2.key.signing.alias= +eidas.ms.pvp2.key.signing.password= +eidas.ms.pvp2.metadata.validity=24 + +eidas.ms.pvp2.metadata.organisation.name=JUnit +eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +eidas.ms.pvp2.metadata.organisation.url=http://junit.test +eidas.ms.pvp2.metadata.contact.givenname=Max +eidas.ms.pvp2.metadata.contact.surname=Mustermann +eidas.ms.pvp2.metadata.contact.email=max@junit.test + + +## Service Provider configuration +eidas.ms.sp.0.uniqueID= +eidas.ms.sp.0.pvp2.metadata.truststore= +eidas.ms.sp.0.pvp2.metadata.truststore.password= +eidas.ms.sp.0.newEidMode=false + -- cgit v1.2.3 From 559858cf7916b3bb13613623b9b5697b3dcc34d9 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 16:23:27 +0200 Subject: doc(config): update default configurations --- .../ms-proxyservice/default_config.properties | 122 +++++++-------------- 1 file changed, 38 insertions(+), 84 deletions(-) (limited to 'basicConfig/ms-proxyservice/default_config.properties') diff --git a/basicConfig/ms-proxyservice/default_config.properties b/basicConfig/ms-proxyservice/default_config.properties index b14c0221..27126cb6 100644 --- a/basicConfig/ms-proxyservice/default_config.properties +++ b/basicConfig/ms-proxyservice/default_config.properties @@ -3,14 +3,14 @@ eidas.ms.context.url.prefix= eidas.ms.core.configRootDir=file:./ -##Monitoring -eidas.ms.monitoring.eIDASNode.metadata.url= +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages -##Specific logger configuration -eidas.ms.technicallog.write.MDS.into.techlog=true -eidas.ms.revisionlog.write.MDS.into.revisionlog=true -eidas.ms.revisionlog.logIPAddressOfUser=true +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= ## extended validation of pending-request Id's @@ -19,86 +19,31 @@ eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ############################################# #### eIDAS Ref. Implementation connector #### -eidas.ms.auth.eIDAS.eid.testidentity.default=false - -## eIDAS Request configuration -eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= -eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector -eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +# Mandate configuration +eidas.ms.auth.eIDAS.proxy.mandates.enabled=false +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default= +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default= -############################################# -#### eIDAS identity-matching ###### -# ZMR communication -eidas.ms.auth.eIDAS.zmrclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.zmrsrv-a/soap/ZMRService -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= -eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr= - -# ERnP communication -eidas.ms.auth.eIDAS.ernpclient.endpoint=https://stportal.bmi.gv.at/at.gv.bmi.erpsrv-a/srv/rest/ -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=keys/.... -eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias= -eidas.ms.auth.eIDAS.ernpclient.ssl.key.password= -eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr= - -# SAML2 ID Austria client for matching -eidas.ms.modules.idaustriaclient.keystore.type=jks -eidas.ms.modules.idaustriaclient.keystore.path=keys/... -eidas.ms.modules.idaustriaclient.keystore.password= -eidas.ms.modules.idaustriaclient.metadata.sign.alias= -eidas.ms.modules.idaustriaclient.metadata.sign.password= -eidas.ms.modules.idaustriaclient.request.sign.alias= -eidas.ms.modules.idaustriaclient.request.sign.password= -eidas.ms.modules.idaustriaclient.response.encryption.alias= -eidas.ms.modules.idaustriaclient.response.encryption.password= - -eidas.ms.modules.idaustriaclient.truststore.type=jks -eidas.ms.modules.idaustriaclient.truststore.path=keys/id_austria_truststore.jks -eidas.ms.modules.idaustriaclient.truststore.password=trustIda - -eidas.ms.modules.idaustriaclient.idaustria.idp.entityId=https://eid2.oesterreich.gv.at/auth/idp/shibboleth +## special foreign eIDAS-Connector configuration +#eidas.ms.connector.0.uniqueID= +#eidas.ms.connector.0.countryCode=CC +#eidas.ms.connector.0.mandates.enabled=false +#eidas.ms.connector.0.mandates.natural= +#eidas.ms.connector.0.mandates.legal= +#eidas.ms.connector.0.auth.idaustria.entityId= -############################################# -#### SZR communication ###### -eidas.ms.auth.eIDAS.szrclient.useTestService=true -eidas.ms.auth.eIDAS.szrclient.endpoint.prod=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-p/SZR -eidas.ms.auth.eIDAS.szrclient.endpoint.test=https://stportal.bmi.gv.at/at.gv.bmi.sz2-n-a/SZR -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=pkcs12 -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/..... -eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password= -eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= -eidas.ms.auth.eIDAS.szrclient.ssl.key.password= +## PVP2 S-Profile communication with ID Austria System +# EntityId and optional metadata of ID Austria System +eidas.ms.modules.idaustriaauth.idp.entityId=https://eid.oesterreich.gv.at/auth/idp/shibboleth -############################################# -#### IDA-AuthBlock configuration ###### -eidas.ms.auth.eIDAS.authblock.keystore.type=jks -eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks -eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s -eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair -eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s - - -################################################# -#### PVP2 S-Profile end-point configuration #### -eidas.ms.pvp2.keystore.type=jks -eidas.ms.pvp2.keystore.path=keys/..... -eidas.ms.pvp2.keystore.password= -eidas.ms.pvp2.key.metadata.alias= -eidas.ms.pvp2.key.metadata.password= -eidas.ms.pvp2.key.signing.alias= -eidas.ms.pvp2.key.signing.password= -eidas.ms.pvp2.metadata.validity=24 - +# Common SAML2 configuration eidas.ms.pvp2.metadata.organisation.name=JUnit eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit eidas.ms.pvp2.metadata.organisation.url=http://junit.test @@ -106,10 +51,19 @@ eidas.ms.pvp2.metadata.contact.givenname=Max eidas.ms.pvp2.metadata.contact.surname=Mustermann eidas.ms.pvp2.metadata.contact.email=max@junit.test - -## Service Provider configuration -eidas.ms.sp.0.uniqueID= -eidas.ms.sp.0.pvp2.metadata.truststore= -eidas.ms.sp.0.pvp2.metadata.truststore.password= -eidas.ms.sp.0.newEidMode=false +# SAML2 client configuration +eidas.ms.modules.idaustriaauth.keystore.type=jks +eidas.ms.modules.idaustriaauth.keystore.path=keys/.... +eidas.ms.modules.idaustriaauth.keystore.password= +eidas.ms.modules.idaustriaauth.metadata.sign.alias= +eidas.ms.modules.idaustriaauth.metadata.sign.password= +eidas.ms.modules.idaustriaauth.request.sign.alias= +eidas.ms.modules.idaustriaauth.request.sign.password= +eidas.ms.modules.idaustriaauth.response.encryption.alias= +eidas.ms.modules.idaustriaauth.response.encryption.password= + +# TrustStore IDA SAML2 Metadaten +eidas.ms.modules.idaustriaauth.truststore.type=jks +eidas.ms.modules.idaustriaauth.truststore.path=keys/truststore_ida.jks +eidas.ms.modules.idaustriaauth.truststore.password=password -- cgit v1.2.3