aboutsummaryrefslogtreecommitdiff
path: root/id.server/data/abnahme-test/conf/moa
diff options
context:
space:
mode:
authorrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2003-10-24 08:34:56 +0000
committerrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2003-10-24 08:34:56 +0000
commitdd45e938564249a5e6897bd92dd29808d8990868 (patch)
tree372d8a4b128cff09262ad09d6a4cf5765d672d61 /id.server/data/abnahme-test/conf/moa
parent59f78a67d7357fd31de68fc2b623f95b3d654ebc (diff)
downloadmoa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.gz
moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.bz2
moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.zip
MOA-ID version 1.1 (initial)
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/data/abnahme-test/conf/moa')
-rw-r--r--id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml136
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cerbin0 -> 876 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cerbin0 -> 987 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cerbin0 -> 965 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cerbin0 -> 1321 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cerbin0 -> 1321 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.derbin0 -> 1886 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cerbin0 -> 965 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jarbin0 -> 933730 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jarbin0 -> 78440 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12bin0 -> 2467 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12bin0 -> 1234 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12bin0 -> 2797 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12bin0 -> 3077 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12bin0 -> 3077 bytes
-rw-r--r--id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml19
-rw-r--r--id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml3
-rw-r--r--id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml19
-rw-r--r--id.server/data/abnahme-test/conf/moa/runAbnahme.bat12
-rw-r--r--id.server/data/abnahme-test/conf/moa/server.xml423
20 files changed, 612 insertions, 0 deletions
diff --git a/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml b/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml
new file mode 100644
index 000000000..82c45565d
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml
@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="ISO-8859-1"?>
+<MOAConfiguration xmlns="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa-spss="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <CanonicalizationAlgorithm name="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <DigestMethodAlgorithm name="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <GenericConfiguration name="IAIKIXSILinit.properties" value="aValidFileName"/>
+ <GenericConfiguration name="autoAddCertificates" value="true"/>
+ <GenericConfiguration name="useAuthorityInfoAccess" value="true"/>
+ <GenericConfiguration name="maxRevocationAge" value="0"/>
+ <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="aValidPathName"/>
+ <GenericConfiguration name="archiveRevocationInfo" value="false"/>
+ <GenericConfiguration name="DataBaseArchiveParameter.JDBCUrl" value="jdbc:postgresql://10.16.46.108/moa?user=moa&amp;password=moatest"/>
+ <GenericConfiguration name="test.ReferenceBase" value="test"/>
+ <!--
+ <HardwareCryptoModule name="validPathToPKCS11Lib" slotID="validSlotID" userPIN="validPIN"/>
+ <HardwareKeyModule name="validPathToPKCS11Lib" slotID="validSlotID" userPIN="validPIN"/>
+
+ <HardwareKeyModule id="HSM" name="cryptoki.dll" slotID="0" userPIN="0000"/>-->
+ <SoftwareKeyModule id="SWKeyModule1" filename="keys/test-ee2003_normal(buergerkarte).p12" password="buergerkarte"/>
+ <SoftwareKeyModule id="SWKeyModule2" filename="keys/normal-eeExpired.p12" password=""/>
+ <SoftwareKeyModule id="SWKeyModule3" filename="keys/ecc(ego).p12" password="ego"/>
+ <SoftwareKeyModule id="SWKeyModule4" filename="keys/DSA.512.p12" password="topSecret"/>
+ <KeyGroup id="HSMRSAKEY">
+ <Key>
+ <KeyModuleID>HSM</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>C=AT,OU=MOA,O=BRZ,CN=HSMRSAKEY</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>1</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroup id="PKCS12RSAKey1">
+ <!--PKCS12RSAKey1 maps to test-ee2003_normal(buergerkarte).p12-->
+ <Key>
+ <KeyModuleID>SWKeyModule1</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroup id="PKCS12RSAKeyExpired">
+ <!--PKCS12RSAKey1 maps to sicher-demo(buergerkarte).p12-->
+ <Key>
+ <KeyModuleID>SWKeyModule2</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>10</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroup id="PKCS12ECDSAKey1">
+ <!--PKCS12ECDSAKey1 maps to ecc(ego).p12-->
+ <Key>
+ <KeyModuleID>SWKeyModule3</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK ECDSA Test,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>68172</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroup id="DSAinPKCS12">
+ <!--DSAinPKCS12 maps to DSA.512.p12-->
+ <Key>
+ <KeyModuleID>SWKeyModule4</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK DSA Test CA,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>761791</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroup id="allKeys">
+ <Key>
+ <KeyModuleID>SWKeyModule1</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ <Key>
+ <KeyModuleID>SWKeyModule2</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ <Key>
+ <KeyModuleID>SWKeyModule3</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK ECDSA Test,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>68172</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ <Key>
+ <KeyModuleID>SWKeyModule4</KeyModuleID>
+ <KeyCertIssuerSerial>
+ <dsig:X509IssuerName>CN=IAIK DSA Test CA,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>761791</dsig:X509SerialNumber>
+ </KeyCertIssuerSerial>
+ </Key>
+ </KeyGroup>
+ <KeyGroupMapping>
+ <KeyGroup id="PKCS12RSAKey1"/>
+ <KeyGroup id="PKCS12RSAKeyExpired"/>
+ <KeyGroup id="PKCS12ECDSAKey1"/>
+ <KeyGroup id="DSAinPKCS12"/>
+ <KeyGroup id="HSMRSAKEY"/>
+ </KeyGroupMapping>
+ <KeyGroupMapping>
+ <X509IssuerSerial>
+ <dsig:X509IssuerName>CN=TestUser,OU=MOA,O=BRZ,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>12345678</dsig:X509SerialNumber>
+ </X509IssuerSerial>
+ <KeyGroup id="allKeys"/>
+ </KeyGroupMapping>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <CRLArchive duration="365"/>
+ <CRLDistributionPoint>
+ <CAIssuerDN>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</CAIssuerDN>
+ <DistributionPoint uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/>
+ </CRLDistributionPoint>
+ <CRLDistributionPoint>
+ <CAIssuerDN>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</CAIssuerDN>
+ <DistributionPoint reasonCodes="keyCompromise affiliationChanged" uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/>
+ <DistributionPoint reasonCodes="certificateHold" uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/>
+ </CRLDistributionPoint>
+ <VerifyTransformsInfoProfile id="TransformsInfoProfile1MOAID" filename="profiles/TransformsInfoProfile1MOAID.xml"/>
+ <VerifyTransformsInfoProfile id="TransformsInfoProfile2MOAID" filename="profiles/TransformsInfoProfile2MOAID.xml"/>
+ <VerifyTransformsInfoProfile id="TransformsInfoProfile3MOAID" filename="profiles/TransformsInfoProfile3MOAID.xml"/>
+ <TrustProfile id="TrustProfile1" uri="C:/Programme/ApacheGroup/abnahme/conf/moa/trustprofiles/TrustProfile1"/>
+ <TrustProfile id="TrustProfile2" uri="C:/Programme/ApacheGroup/abnahme/conf/moa/trustprofiles/TrustProfile2"/>
+</MOAConfiguration>
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer
new file mode 100644
index 000000000..18e6bc109
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer
new file mode 100644
index 000000000..1cdc15c6e
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer
new file mode 100644
index 000000000..b5b39633d
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer
new file mode 100644
index 000000000..81f6fa658
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer
new file mode 100644
index 000000000..99936caa8
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der b/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der
new file mode 100644
index 000000000..3a3aa543d
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer
new file mode 100644
index 000000000..b5b39633d
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar b/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar
new file mode 100644
index 000000000..f25d73cd7
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar b/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar
new file mode 100644
index 000000000..c1fa1d645
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12 b/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12
new file mode 100644
index 000000000..8f7a201ac
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12 b/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12
new file mode 100644
index 000000000..f84e793c5
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12 b/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12
new file mode 100644
index 000000000..ff65f9fde
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12 b/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12
new file mode 100644
index 000000000..efaeb9b98
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12 b/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12
new file mode 100644
index 000000000..efaeb9b98
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12
Binary files differ
diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml
new file mode 100644
index 000000000..c4f5a52af
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms></VerifyTransformsInfoProfile>
diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml
new file mode 100644
index 000000000..dc4a97716
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml
@@ -0,0 +1,3 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms></VerifyTransformsInfoProfile>
diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml
new file mode 100644
index 000000000..17c4d8d54
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms></VerifyTransformsInfoProfile>
diff --git a/id.server/data/abnahme-test/conf/moa/runAbnahme.bat b/id.server/data/abnahme-test/conf/moa/runAbnahme.bat
new file mode 100644
index 000000000..8f635081c
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/runAbnahme.bat
@@ -0,0 +1,12 @@
+C:
+cd\programme
+cd apacheGroup
+cd abnahme
+rem set moa.id.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa-id\ConfigurationTest.xml
+set moa.spss.server.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa\ConfigurationTest.xml
+rem set CATALINA_OPTS=-Dmoa.id.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa-id\ConfigurationTest.xml -Dlog4j.configuration=file:/C:\Programme\ApacheGroup\abnahme\conf\log4j.properties -Dmoa.spss.server.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa\ConfigurationTest.xml
+set MOA_ROOT=C:\Programme\ApacheGroup\abnahme\
+set CATALINA_OPTS=-Dmoa.spss.server.configuration=%MOA_ROOT%conf\moa\ConfigurationTest.xml -Dlog4j.configuration=file:/%MOA_ROOT%conf\moa\log4j.properties -Dmoa.id.configuration=%MOA_ROOT%conf\moa-id\ConfigurationTest.xml
+set CATALINA_HOME=C:\Programme\ApacheGroup\abnahme
+
+call bin\catalina run \ No newline at end of file
diff --git a/id.server/data/abnahme-test/conf/moa/server.xml b/id.server/data/abnahme-test/conf/moa/server.xml
new file mode 100644
index 000000000..75afa9955
--- /dev/null
+++ b/id.server/data/abnahme-test/conf/moa/server.xml
@@ -0,0 +1,423 @@
+<!-- Example Server Configuration File -->
+<!-- Note that component elements are nested corresponding to their
+ parent-child relationships with each other -->
+
+<!-- A "Server" is a singleton element that represents the entire JVM,
+ which may contain one or more "Service" instances. The Server
+ listens for a shutdown command on the indicated port.
+
+ Note: A "Server" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+<Server port="8005" shutdown="SHUTDOWN" debug="0">
+
+
+ <!-- Comment these entries out to disable JMX MBeans support -->
+ <!-- You may also configure custom components (e.g. Valves/Realms) by
+ including your own mbean-descriptor file(s), and setting the
+ "descriptors" attribute to point to a ';' seperated list of paths
+ (in the ClassLoader sense) of files to add to the default list.
+ e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml"
+ -->
+ <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
+ debug="0"/>
+ <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener"
+ debug="0"/>
+
+ <!-- Global JNDI resources -->
+ <GlobalNamingResources>
+
+ <!-- Test entry for demonstration purposes -->
+ <Environment name="simpleValue" type="java.lang.Integer" value="30"/>
+
+ <!-- Editable user database that can also be used by
+ UserDatabaseRealm to authenticate users -->
+ <Resource name="UserDatabase" auth="Container"
+ type="org.apache.catalina.UserDatabase"
+ description="User database that can be updated and saved">
+ </Resource>
+ <ResourceParams name="UserDatabase">
+ <parameter>
+ <name>factory</name>
+ <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value>
+ </parameter>
+ <parameter>
+ <name>pathname</name>
+ <value>conf/tomcat-users.xml</value>
+ </parameter>
+ </ResourceParams>
+
+ </GlobalNamingResources>
+
+ <!-- A "Service" is a collection of one or more "Connectors" that share
+ a single "Container" (and therefore the web applications visible
+ within that Container). Normally, that Container is an "Engine",
+ but this is not required.
+
+ Note: A "Service" is not itself a "Container", so you may not
+ define subcomponents such as "Valves" or "Loggers" at this level.
+ -->
+
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Tomcat-Standalone">
+
+ <!-- A "Connector" represents an endpoint by which requests are received
+ and responses are returned. Each Connector passes requests on to the
+ associated "Container" (normally an Engine) for processing.
+
+ By default, a non-SSL HTTP/1.1 Connector is established on port 8080.
+ You can also enable an SSL HTTP/1.1 Connector on port 8443 by
+ following the instructions below and uncommenting the second Connector
+ entry. SSL support requires the following steps (see the SSL Config
+ HOWTO in the Tomcat 4.0 documentation bundle for more detailed
+ instructions):
+ * Download and install JSSE 1.0.2 or later, and put the JAR files
+ into "$JAVA_HOME/jre/lib/ext".
+ * Execute:
+ %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows)
+ $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix)
+ with a password value of "changeit" for both the certificate and
+ the keystore itself.
+
+ By default, DNS lookups are enabled when a web application calls
+ request.getRemoteHost(). This can have an adverse impact on
+ performance, so you can disable it by setting the
+ "enableLookups" attribute to "false". When DNS lookups are disabled,
+ request.getRemoteHost() will return the String version of the
+ IP address of the remote client.
+ -->
+
+ <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8080" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443"
+ acceptCount="100" debug="0" connectionTimeout="20000"
+ useURIValidationHack="false" disableUploadTimeout="true" />
+ <!-- Note : To disable connection timeouts, set connectionTimeout value
+ to -1 -->
+
+ <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
+
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100" debug="0" scheme="https" secure="true" useURIValidationHack="false" disableUploadTimeout="false">
+ <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" clientAuth="false" protocol="TLS" keystoreFile="server.keystore" keystorePass="changeit"/>
+ </Connector>
+
+
+ <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8009" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443"
+ acceptCount="10" debug="0" connectionTimeout="0"
+ useURIValidationHack="false"
+ protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
+
+ <!-- Define an AJP 1.3 Connector on port 8009 -->
+ <!--
+ <Connector className="org.apache.ajp.tomcat4.Ajp13Connector"
+ port="8009" minProcessors="5" maxProcessors="75"
+ acceptCount="10" debug="0"/>
+ -->
+
+ <!-- Define a Proxied HTTP/1.1 Connector on port 8082 -->
+ <!-- See proxy documentation for more information about using this. -->
+ <!--
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8082" minProcessors="5" maxProcessors="75"
+ enableLookups="true"
+ acceptCount="100" debug="0" connectionTimeout="20000"
+ proxyPort="80" useURIValidationHack="false"
+ disableUploadTimeout="true" />
+ -->
+
+ <!-- Define a non-SSL legacy HTTP/1.1 Test Connector on port 8083 -->
+ <!--
+ <Connector className="org.apache.catalina.connector.http.HttpConnector"
+ port="8083" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443"
+ acceptCount="10" debug="0" />
+ -->
+
+ <!-- Define a non-SSL HTTP/1.0 Test Connector on port 8084 -->
+ <!--
+ <Connector className="org.apache.catalina.connector.http10.HttpConnector"
+ port="8084" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443"
+ acceptCount="10" debug="0" />
+ -->
+
+ <!-- An Engine represents the entry point (within Catalina) that processes
+ every request. The Engine implementation for Tomcat stand alone
+ analyzes the HTTP headers included with the request, and passes them
+ on to the appropriate Host (virtual host). -->
+
+ <!-- You should set jvmRoute to support load-balancing via JK/JK2 ie :
+ <Engine name="Standalone" defaultHost="localhost" debug="0" jmvRoute="jvm1">
+ -->
+
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Standalone" defaultHost="localhost" debug="0">
+
+ <!-- The request dumper valve dumps useful debugging information about
+ the request headers and cookies that were received, and the response
+ headers and cookies that were sent, for all requests received by
+ this instance of Tomcat. If you care only about requests to a
+ particular virtual host, or a particular application, nest this
+ element inside the corresponding <Host> or <Context> entry instead.
+
+ For a similar mechanism that is portable to all Servlet 2.3
+ containers, check out the "RequestDumperFilter" Filter in the
+ example application (the source for this filter may be found in
+ "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters").
+
+ Request dumping is disabled by default. Uncomment the following
+ element to enable it. -->
+ <!--
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
+
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Because this Realm is here, an instance will be shared globally -->
+
+ <!-- This Realm uses the UserDatabase configured in the global JNDI
+ resources under the key "UserDatabase". Any edits
+ that are performed against this UserDatabase are immediately
+ available for use by the Realm. -->
+ <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
+ debug="0" resourceName="UserDatabase"/>
+
+ <!-- Comment out the old realm but leave here for now in case we
+ need to go back quickly -->
+ <!--
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ -->
+
+ <!-- Replace the above Realm with one of the following to get a Realm
+ stored in a database and accessed via JDBC -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="org.gjt.mm.mysql.Driver"
+ connectionURL="jdbc:mysql://localhost/authority"
+ connectionName="test" connectionPassword="test"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="oracle.jdbc.driver.OracleDriver"
+ connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL"
+ connectionName="scott" connectionPassword="tiger"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!--
+ <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99"
+ driverName="sun.jdbc.odbc.JdbcOdbcDriver"
+ connectionURL="jdbc:odbc:CATALINA"
+ userTable="users" userNameCol="user_name" userCredCol="user_pass"
+ userRoleTable="user_roles" roleNameCol="role_name" />
+ -->
+
+ <!-- Define the default virtual host -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
+
+ <!-- Normally, users must authenticate themselves to each web app
+ individually. Uncomment the following entry if you would like
+ a user to be authenticated the first time they encounter a
+ resource protected by a security constraint, and then have that
+ user identity maintained across *all* web applications contained
+ in this virtual host. -->
+ <!--
+ <Valve className="org.apache.catalina.authenticator.SingleSignOn"
+ debug="0"/>
+ -->
+
+ <!-- Access log processes all requests for this virtual host. By
+ default, log files are created in the "logs" directory relative to
+ $CATALINA_HOME. If you wish, you can specify a different
+ directory with the "directory" attribute. Specify either a relative
+ (to $CATALINA_HOME) or absolute path to the desired directory.
+ -->
+ <!--
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log." suffix=".txt"
+ pattern="common" resolveHosts="false"/>
+ -->
+
+ <!-- Logger shared by all Contexts related to this virtual host. By
+ default (when using FileLogger), log files are created in the "logs"
+ directory relative to $CATALINA_HOME. If you wish, you can specify
+ a different directory with the "directory" attribute. Specify either a
+ relative (to $CATALINA_HOME) or absolute path to the desired
+ directory.-->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+
+ <!-- Define properties for each web application. This is only needed
+ if you want to set non-default properties, or have web application
+ document roots in places other than the virtual host's appBase
+ directory. -->
+
+ <!-- Tomcat Root Context -->
+ <!--
+ <Context path="" docBase="ROOT" debug="0"/>
+ -->
+
+ <!-- Tomcat Examples Context -->
+ <Context path="/examples" docBase="examples" debug="0"
+ reloadable="true" crossContext="true">
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="localhost_examples_log." suffix=".txt"
+ timestamp="true"/>
+ <Ejb name="ejb/EmplRecord" type="Entity"
+ home="com.wombat.empl.EmployeeRecordHome"
+ remote="com.wombat.empl.EmployeeRecord"/>
+
+ <!-- If you wanted the examples app to be able to edit the
+ user database, you would uncomment the following entry.
+ Of course, you would want to enable security on the
+ application as well, so this is not done by default!
+ The database object could be accessed like this:
+
+ Context initCtx = new InitialContext();
+ Context envCtx = (Context) initCtx.lookup("java:comp/env");
+ UserDatabase database =
+ (UserDatabase) envCtx.lookup("userDatabase");
+ -->
+<!--
+ <ResourceLink name="userDatabase" global="UserDatabase"
+ type="org.apache.catalina.UserDatabase"/>
+-->
+
+
+ <!-- PersistentManager: Uncomment the section below to test Persistent
+ Sessions.
+
+ saveOnRestart: If true, all active sessions will be saved
+ to the Store when Catalina is shutdown, regardless of
+ other settings. All Sessions found in the Store will be
+ loaded on startup. Sessions past their expiration are
+ ignored in both cases.
+ maxActiveSessions: If 0 or greater, having too many active
+ sessions will result in some being swapped out. minIdleSwap
+ limits this. -1 or 0 means unlimited sessions are allowed.
+ If it is not possible to swap sessions new sessions will
+ be rejected.
+ This avoids thrashing when the site is highly active.
+ minIdleSwap: Sessions must be idle for at least this long
+ (in seconds) before they will be swapped out due to
+ activity.
+ 0 means sessions will almost always be swapped out after
+ use - this will be noticeably slow for your users.
+ maxIdleSwap: Sessions will be swapped out if idle for this
+ long (in seconds). If minIdleSwap is higher, then it will
+ override this. This isn't exact: it is checked periodically.
+ -1 means sessions won't be swapped out for this reason,
+ although they may be swapped out for maxActiveSessions.
+ If set to >= 0, guarantees that all sessions found in the
+ Store will be loaded on startup.
+ maxIdleBackup: Sessions will be backed up (saved to the Store,
+ but left in active memory) if idle for this long (in seconds),
+ and all sessions found in the Store will be loaded on startup.
+ If set to -1 sessions will not be backed up, 0 means they
+ should be backed up shortly after being used.
+
+ To clear sessions from the Store, set maxActiveSessions, maxIdleSwap,
+ and minIdleBackup all to -1, saveOnRestart to false, then restart
+ Catalina.
+ -->
+ <!--
+ <Manager className="org.apache.catalina.session.PersistentManager"
+ debug="0"
+ saveOnRestart="true"
+ maxActiveSessions="-1"
+ minIdleSwap="-1"
+ maxIdleSwap="-1"
+ maxIdleBackup="-1">
+ <Store className="org.apache.catalina.session.FileStore"/>
+ </Manager>
+ -->
+ <Environment name="maxExemptions" type="java.lang.Integer"
+ value="15"/>
+ <Parameter name="context.param.name" value="context.param.value"
+ override="false"/>
+ <Resource name="jdbc/EmployeeAppDb" auth="SERVLET"
+ type="javax.sql.DataSource"/>
+ <ResourceParams name="jdbc/EmployeeAppDb">
+ <parameter><name>username</name><value>sa</value></parameter>
+ <parameter><name>password</name><value></value></parameter>
+ <parameter><name>driverClassName</name>
+ <value>org.hsql.jdbcDriver</value></parameter>
+ <parameter><name>url</name>
+ <value>jdbc:HypersonicSQL:database</value></parameter>
+ </ResourceParams>
+ <Resource name="mail/Session" auth="Container"
+ type="javax.mail.Session"/>
+ <ResourceParams name="mail/Session">
+ <parameter>
+ <name>mail.smtp.host</name>
+ <value>localhost</value>
+ </parameter>
+ </ResourceParams>
+ <ResourceLink name="linkToGlobalResource"
+ global="simpleValue"
+ type="java.lang.Integer"/>
+ </Context>
+
+ </Host>
+
+ </Engine>
+
+ </Service>
+
+ <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0
+ as its servlet container. Please read the README.txt file coming with
+ the WebApp Module distribution on how to build it.
+ (Or check out the "jakarta-tomcat-connectors/webapp" CVS repository)
+
+ To configure the Apache side, you must ensure that you have the
+ "ServerName" and "Port" directives defined in "httpd.conf". Then,
+ lines like these to the bottom of your "httpd.conf" file:
+
+ LoadModule webapp_module libexec/mod_webapp.so
+ WebAppConnection warpConnection warp localhost:8008
+ WebAppDeploy examples warpConnection /examples/
+
+ The next time you restart Apache (after restarting Tomcat, if needed)
+ the connection will be established, and all applications you make
+ visible via "WebAppDeploy" directives can be accessed through Apache.
+ -->
+
+ <!-- Define an Apache-Connector Service -->
+<!--
+ <Service name="Tomcat-Apache">
+
+ <Connector className="org.apache.catalina.connector.warp.WarpConnector"
+ port="8008" minProcessors="5" maxProcessors="75"
+ enableLookups="true" appBase="webapps"
+ acceptCount="10" debug="0"/>
+
+ <Engine className="org.apache.catalina.connector.warp.WarpEngine"
+ name="Apache" debug="0">
+
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="apache_log." suffix=".txt"
+ timestamp="true"/>
+
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+
+ </Engine>
+
+ </Service>
+-->
+
+</Server>