From 0f0dcfc7a01c4b3a8b15b12b5257f08797fd0926 Mon Sep 17 00:00:00 2001 From: Thomas <> Date: Fri, 3 Jun 2022 16:04:40 +0200 Subject: refactor(connector): move MS-Connector from new directory 'connector' to 'ms_specific_connector' --- .../src/main/resources/application.properties | 288 +++++++++++++++++++++ 1 file changed, 288 insertions(+) create mode 100644 ms_specific_connector/src/main/resources/application.properties (limited to 'ms_specific_connector/src/main/resources/application.properties') diff --git a/ms_specific_connector/src/main/resources/application.properties b/ms_specific_connector/src/main/resources/application.properties new file mode 100644 index 00000000..700f4d74 --- /dev/null +++ b/ms_specific_connector/src/main/resources/application.properties @@ -0,0 +1,288 @@ +## Set Spring-Boot profile-configuration to 2.3 style +spring.config.use-legacy-processing=true + +## ApplicationServer configuration +server.servlet.contextPath=/ms_connector +#server.port=7080 + +app.build.artifactId=ms_connector + + + +############################################################################# +## SpringBoot Admin client +spring.boot.admin.client.enabled=false + +############################################################################# +## SpringBoot Actuator +management.endpoints.web.exposure.include=health,info + +############################################################################# +## Common parts of MS-speccific eIDAS application configuration + +#eidas.ms.context.url.prefix= +eidas.ms.context.url.request.validation=false +#eidas.ms.configRootDir=file:/.../config/ +eidas.ms.context.use.clustermode=true +eidas.ms.core.logging.level.info.errorcodes=auth.21 + +##Monitoring +eidas.ms.monitoring.eIDASNode.metadata.url= + + +##Specific logger configuration +eidas.ms.technicallog.write.MDS.into.techlog=true +eidas.ms.revisionlog.write.MDS.into.revisionlog=true +eidas.ms.revisionlog.logIPAddressOfUser=true + + +##Directory for static Web content +eidas.ms.webcontent.static.directory=webcontent/ +eidas.ms.webcontent.templates=templates/ +eidas.ms.webcontent.properties=properties/messages +eidas.ms.webcontent.templates.countryselection=countrySelection.html + + +## extended validation of pending-request Id's +eidas.ms.core.pendingrequestid.maxlifetime=300 +eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 +#eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret + + +## HTTP-client defaults +eidas.ms.client.http.connection.timeout.socket=15 +eidas.ms.client.http.connection.timeout.connection=15 +eidas.ms.client.http.connection.timeout.request=15 + + +## Common PVP2 S-Profile (SAML2) configuration +#eidas.ms.pvp2.metadata.organisation.name=JUnit +#eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit +#eidas.ms.pvp2.metadata.organisation.url=http://junit.test +#eidas.ms.pvp2.metadata.contact.givenname=Max +#eidas.ms.pvp2.metadata.contact.surname=Mustermann +#eidas.ms.pvp2.metadata.contact.email=max@junit.test + +##only for advanced config +eidas.ms.configuration.pvp.scheme.validation=true +eidas.ms.configuration.pvp.enable.entitycategories=false + + + +############################################################################# +## MS-speccific eIDAS-Connector configuration + +## eIDAS Ref. Implementation connector ### +eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector +eidas.ms.auth.eIDAS.eid.testidentity.default=false + +#eidas.ms.auth.eIDAS.node_v2.forward.endpoint= +eidas.ms.auth.eIDAS.node_v2.forward.method=POST +eidas.ms.auth.eIDAS.node_v2.countrycode=AT +eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.* + +## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate +eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true + +## use hashed version of unique SP-Identifier as requesterId +eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true + +## user static requesterId for all SP's in case of LU +eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true + + +## set provider name for all public SPs +eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false + +## set NameIdPolicy to 'unspecified' as work-around for DE Middleware v1.2.x +eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified + +eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high + +#eidas.ms.auth.eIDAS.szrclient.useTestService=true +#eidas.ms.auth.eIDAS.szrclient.endpoint.prod= +#eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.type=jks +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks +#eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password +#eidas.ms.auth.eIDAS.szrclient.ssl.key.alias= +#eidas.ms.auth.eIDAS.szrclient.ssl.key.password= + +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.type= +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= +#eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= +eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.szrclient.timeout.response=30 +eidas.ms.auth.eIDAS.szrclient.params.vkz= + +eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false +eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject=false + + +# tech. AuthBlock signing for E-ID process +#eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s +#eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks +#eidas.ms.auth.eIDAS.authblock.keystore.type=jks +#eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair +#eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s + + + +#### matching###### +# ZMR communication +#eidas.ms.auth.eIDAS.zmrclient.endpoint=http://localhost:1234/demozmr +#eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.type=jks +#eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.path=keys/junit.jks +#eidas.ms.auth.eIDAS.zmrclient.ssl.keyStore.password=password +#eidas.ms.auth.eIDAS.zmrclient.ssl.key.alias= +#eidas.ms.auth.eIDAS.zmrclient.ssl.key.password= + +#eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.type= +#eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.path= +#eidas.ms.auth.eIDAS.zmrclient.ssl.trustStore.password= + +eidas.ms.auth.eIDAS.zmrclient.timeout.connection=15 +eidas.ms.auth.eIDAS.zmrclient.timeout.response=30 + +#eidas.ms.auth.eIDAS.zmrclient.req.organisation.behoerdennr=jUnit123456 +eidas.ms.auth.eIDAS.zmrclient.req.update.reason.code=PERS_AENDERN +eidas.ms.auth.eIDAS.zmrclient.req.update.reason.text=KITT for eIDAS Matching +eidas.ms.auth.eIDAS.zmrclient.debug.logfullmessages=false + + +# ERnP communication +#eidas.ms.auth.eIDAS.ernpclient.endpoint=http://localhost:1718/demoernp +#eidas.ms.auth.eIDAS.ernpclient.req.organisation.behoerdennr=jUnit123456 +#eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.type=jks +#eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.path=../keystore/junit_test.jks +#eidas.ms.auth.eIDAS.ernpclient.ssl.keyStore.password=password +#eidas.ms.auth.eIDAS.ernpclient.ssl.key.alias=meta +#eidas.ms.auth.eIDAS.ernpclient.ssl.key.password=password + +# SAML2 ID Austria client for matching +#eidas.ms.modules.idaustriaclient.keystore.type=jks +#eidas.ms.modules.idaustriaclient.keystore.path= +#eidas.ms.modules.idaustriaclient.keystore.password= +#eidas.ms.modules.idaustriaclient.metadata.sign.alias= +#eidas.ms.modules.idaustriaclient.metadata.sign.password= +#eidas.ms.modules.idaustriaclient.request.sign.alias= +#eidas.ms.modules.idaustriaclient.request.sign.password= +#eidas.ms.modules.idaustriaclient.response.encryption.alias= +#eidas.ms.modules.idaustriaclient.response.encryption.password= + +#eidas.ms.modules.idaustriaclient.truststore.type=jks +#eidas.ms.modules.idaustriaclient.truststore.path= +#eidas.ms.modules.idaustriaclient.truststore.password= + +#eidas.ms.modules.idaustriaclient.idaustria.idp.entityId= +#eidas.ms.modules.idaustriaclient.idaustria.idp.metadataUrl= + + + + + +#Raw eIDAS Id data storage +eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true +eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida=true + +eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true +eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true + +eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false +eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false + + +##without mandates +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true + +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false +eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false + +##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true +eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true + + +## PVP2 S-Profile end-point configuration +#eidas.ms.pvp2.keystore.type=jks +#eidas.ms.pvp2.keystore.path=keys/junit.jks +#eidas.ms.pvp2.keystore.password=password +#eidas.ms.pvp2.key.metadata.alias=meta +#eidas.ms.pvp2.key.metadata.password=password +#eidas.ms.pvp2.key.signing.alias=sig +#eidas.ms.pvp2.key.signing.password=password +eidas.ms.pvp2.metadata.validity=24 + + +## Service Provider configuration +#eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +#eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks +#eidas.ms.sp.0.pvp2.metadata.truststore.password=password +#eidas.ms.sp.0.friendlyName=jUnit test +#eidas.ms.sp.0.pvp2.metadata.url= +#eidas.ms.sp.0.policy.allowed.requested.targets=.* +#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false + + +##only for advanced config +eidas.ms.configuration.sp.disableRegistrationRequirement=false + + + +############################################################################# +## MS-speccific eIDAS-Proxy-Service configuration + +#### eIDAS ms-specific Proxy-Service configuration +eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy +#eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= + +# Mandate configuration +eidas.ms.auth.eIDAS.proxy.mandates.enabled=false +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default= +#eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default= + + +## special foreign eIDAS-Connector configuration +#eidas.ms.connector.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata +#eidas.ms.connector.0.countryCode=CC +#eidas.ms.connector.0.mandates.enabled=false +#eidas.ms.connector.0.mandates.natural= +#eidas.ms.connector.0.mandates.legal= +#eidas.ms.connector.0.auth.idaustria.entityId= + + +## PVP2 S-Profile communication with ID Austria System +# EntityId and optional metadata of ID Austria System +#eidas.ms.modules.idaustriaauth.idp.entityId= +#eidas.ms.modules.idaustriaauth.idp.metadataUrl= + +# SAML2 client configuration +eidas.ms.modules.idaustriaauth.keystore.type=jks +#eidas.ms.modules.idaustriaauth.keystore.name= +#eidas.ms.modules.idaustriaauth.keystore.path= +#eidas.ms.modules.idaustriaauth.keystore.password= +#eidas.ms.modules.idaustriaauth.metadata.sign.alias= +#eidas.ms.modules.idaustriaauth.metadata.sign.password= +#eidas.ms.modules.idaustriaauth.request.sign.alias= +#eidas.ms.modules.idaustriaauth.request.sign.password= +#eidas.ms.modules.idaustriaauth.response.encryption.alias= +#eidas.ms.modules.idaustriaauth.response.encryption.password= + +# TrustStore to validate SAML2 metadata from ID Austria +#eidas.ms.modules.idaustriaauth.truststore.type=jks +#eidas.ms.modules.idaustriaauth.truststore.name= +#eidas.ms.modules.idaustriaauth.truststore.path= +#eidas.ms.modules.idaustriaauth.truststore.password= + + + -- cgit v1.2.3