## Set Spring-Boot profile-configuration to 2.3 style spring.config.use-legacy-processing=true ## ApplicationServer configuration server.servlet.contextPath=/ms_connector #server.port=7080 app.build.artifactId=ms_connector ############################################################################# ## SpringBoot Admin client spring.boot.admin.client.enabled=false ############################################################################# ## SpringBoot Actuator management.endpoints.web.exposure.include=health,info ############################################################################# ## Common parts of MS-speccific eIDAS application configuration #eidas.ms.context.url.prefix= eidas.ms.context.url.request.validation=false #eidas.ms.configRootDir=file:/.../config/ eidas.ms.context.use.clustermode=true eidas.ms.core.logging.level.info.errorcodes=auth.21 ##Monitoring eidas.ms.monitoring.eIDASNode.metadata.url= ##Specific logger configuration eidas.ms.technicallog.write.MDS.into.techlog=true eidas.ms.revisionlog.write.MDS.into.revisionlog=true eidas.ms.revisionlog.logIPAddressOfUser=true ##Directory for static Web content eidas.ms.webcontent.static.directory=webcontent/ eidas.ms.webcontent.templates=templates/ eidas.ms.webcontent.properties=properties/messages eidas.ms.webcontent.templates.countryselection=countrySelection.html ## extended validation of pending-request Id's eidas.ms.core.pendingrequestid.maxlifetime=300 eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256 #eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret ## HTTP-client defaults eidas.ms.client.http.connection.timeout.socket=15 eidas.ms.client.http.connection.timeout.connection=15 eidas.ms.client.http.connection.timeout.request=15 ## Common PVP2 S-Profile (SAML2) configuration #eidas.ms.pvp2.metadata.organisation.name=JUnit #eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit #eidas.ms.pvp2.metadata.organisation.url=http://junit.test #eidas.ms.pvp2.metadata.contact.givenname=Max #eidas.ms.pvp2.metadata.contact.surname=Mustermann #eidas.ms.pvp2.metadata.contact.email=max@junit.test ##only for advanced config eidas.ms.configuration.pvp.scheme.validation=true eidas.ms.configuration.pvp.enable.entitycategories=false ############################################################################# ## MS-speccific eIDAS-Connector configuration ## eIDAS Ref. Implementation connector ### eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector eidas.ms.auth.eIDAS.eid.testidentity.default=false #eidas.ms.auth.eIDAS.node_v2.forward.endpoint= eidas.ms.auth.eIDAS.node_v2.forward.method=POST eidas.ms.auth.eIDAS.node_v2.countrycode=AT eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.* ## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true ## use hashed version of unique SP-Identifier as requesterId eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true ## user static requesterId for all SP's in case of LU eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true ## set provider name for all public SPs eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false ## set NameIdPolicy to 'unspecified' as work-around for DE Middleware v1.2.x eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high #eidas.ms.auth.eIDAS.szrclient.useTestService=true #eidas.ms.auth.eIDAS.szrclient.endpoint.prod= #eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr #eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/junit.jks #eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=password #eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path= #eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password= eidas.ms.auth.eIDAS.szrclient.timeout.connection=15 eidas.ms.auth.eIDAS.szrclient.timeout.response=30 eidas.ms.auth.eIDAS.szrclient.params.vkz= eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject=false # tech. AuthBlock signing for E-ID process #eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s #eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair #eidas.ms.auth.eIDAS.authblock.keystore.path=keys/teststore.jks #eidas.ms.auth.eIDAS.authblock.keystore.type=jks #eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair #eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s #Raw eIDAS Id data storage eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true eidas.ms.auth.eIDAS.szrclient.workarounds.use.getidentitylink.for.ida=true eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false ##without mandates eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false ##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT ----- eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true ## PVP2 S-Profile end-point configuration #eidas.ms.pvp2.keystore.type=jks #eidas.ms.pvp2.keystore.path=keys/junit.jks #eidas.ms.pvp2.keystore.password=password #eidas.ms.pvp2.key.metadata.alias=meta #eidas.ms.pvp2.key.metadata.password=password #eidas.ms.pvp2.key.signing.alias=sig #eidas.ms.pvp2.key.signing.password=password eidas.ms.pvp2.metadata.validity=24 ## Service Provider configuration #eidas.ms.sp.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata #eidas.ms.sp.0.pvp2.metadata.truststore=keys/junit.jks #eidas.ms.sp.0.pvp2.metadata.truststore.password=password #eidas.ms.sp.0.friendlyName=jUnit test #eidas.ms.sp.0.pvp2.metadata.url= #eidas.ms.sp.0.policy.allowed.requested.targets=.* #eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false ##only for advanced config eidas.ms.configuration.sp.disableRegistrationRequirement=false ############################################################################# ## MS-speccific eIDAS-Proxy-Service configuration #### eIDAS ms-specific Proxy-Service configuration eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy #eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint= # Mandate configuration eidas.ms.auth.eIDAS.proxy.mandates.enabled=false #eidas.ms.auth.eIDAS.proxy.mandates.profiles.natural.default= #eidas.ms.auth.eIDAS.proxy.mandates.profiles.legal.default= ## special foreign eIDAS-Connector configuration #eidas.ms.connector.0.uniqueID=https://demo.egiz.gv.at/demoportal_moaid-2.0/sp/eidas/metadata #eidas.ms.connector.0.countryCode=CC #eidas.ms.connector.0.mandates.enabled=false #eidas.ms.connector.0.mandates.natural= #eidas.ms.connector.0.mandates.legal= #eidas.ms.connector.0.auth.idaustria.entityId= ## PVP2 S-Profile communication with ID Austria System # EntityId and optional metadata of ID Austria System #eidas.ms.modules.idaustriaauth.idp.entityId= #eidas.ms.modules.idaustriaauth.idp.metadataUrl= # SAML2 client configuration eidas.ms.modules.idaustriaauth.keystore.type=jks #eidas.ms.modules.idaustriaauth.keystore.name= #eidas.ms.modules.idaustriaauth.keystore.path= #eidas.ms.modules.idaustriaauth.keystore.password= #eidas.ms.modules.idaustriaauth.metadata.sign.alias= #eidas.ms.modules.idaustriaauth.metadata.sign.password= #eidas.ms.modules.idaustriaauth.request.sign.alias= #eidas.ms.modules.idaustriaauth.request.sign.password= #eidas.ms.modules.idaustriaauth.response.encryption.alias= #eidas.ms.modules.idaustriaauth.response.encryption.password= # TrustStore to validate SAML2 metadata from ID Austria #eidas.ms.modules.idaustriaauth.truststore.type=jks #eidas.ms.modules.idaustriaauth.truststore.name= #eidas.ms.modules.idaustriaauth.truststore.path= #eidas.ms.modules.idaustriaauth.truststore.password=