diff options
author | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2003-10-24 08:34:56 +0000 |
---|---|---|
committer | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2003-10-24 08:34:56 +0000 |
commit | dd45e938564249a5e6897bd92dd29808d8990868 (patch) | |
tree | 372d8a4b128cff09262ad09d6a4cf5765d672d61 /id.server/data/abnahme-test/conf | |
parent | 59f78a67d7357fd31de68fc2b623f95b3d654ebc (diff) | |
download | moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.gz moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.tar.bz2 moa-id-spss-dd45e938564249a5e6897bd92dd29808d8990868.zip |
MOA-ID version 1.1 (initial)
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@19 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/data/abnahme-test/conf')
28 files changed, 865 insertions, 0 deletions
diff --git a/id.server/data/abnahme-test/conf/CopyConfigAbnahme.bat b/id.server/data/abnahme-test/conf/CopyConfigAbnahme.bat new file mode 100644 index 000000000..3e90dc52e --- /dev/null +++ b/id.server/data/abnahme-test/conf/CopyConfigAbnahme.bat @@ -0,0 +1,40 @@ +
+echo --------------------
+Echo Richte moa-sp ein
+echo --------------------
+md C:\programme\apacheGroup\abnahme\conf\moa
+md C:\programme\apacheGroup\abnahme\conf\moa\keys
+md C:\programme\apacheGroup\abnahme\conf\moa\profiles
+md C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles
+md C:\programme\apacheGroup\abnahme\conf\moa-id
+md C:\programme\apacheGroup\abnahme\conf\moa-id\Transforms
+
+
+copy moa\server.xml C:\programme\apacheGroup\abnahme\conf\server.xml
+copy server.keystore C:\programme\apacheGroup\abnahme\server.keystore
+
+copy log4j.properties C:\programme\apacheGroup\abnahme\conf\moa\log4j.properties
+copy moa\ConfigurationTest.xml C:\programme\apacheGroup\abnahme\conf\moa\ConfigurationTest.xml
+xcopy moa\common\*.* C:\programme\apacheGroup\abnahme\common\*.* /s/e
+del C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile1 /S/Q
+del C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile2 /S/Q
+del C:\programme\apacheGroup\abnahme\conf\moa\profiles\*.* /S/Q
+del C:\programme\apacheGroup\abnahme\conf\moa\keys\*.* /S/Q
+copy moa\keys\*.* C:\programme\apacheGroup\abnahme\conf\moa\keys\*.*
+copy moa\profiles\*.* C:\programme\apacheGroup\abnahme\conf\moa\profiles\*.*
+xcopy moa\TrustProfile1\*.* C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile1\*.* /s/e
+xcopy moa\TrustProfile2\*.* C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile2\*.* /s/e
+rd C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile1\Cvs /S/Q
+rd C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\TrustProfile2\Cvs /S/Q
+rd C:\programme\apacheGroup\abnahme\conf\moa\trustprofiles\Cvs /S/Q
+rd C:\programme\apacheGroup\abnahme\common\moa\endorsed\Cvs /S/Q
+echo --------------------
+Echo Rrichte moa-auth ein
+echo --------------------
+copy moa-id\ConfigurationTest.xml C:\programme\apacheGroup\abnahme\conf\moa-id\ConfigurationTest.xml
+
+copy transforms\TransformsInfosHTML.xml C:\programme\apacheGroup\abnahme\conf\moa-id\Transforms\TransformsInfosHTML.xml
+echo --------------------
+Echo Kopiere Start-Skript
+echo --------------------
+copy moa\runAbnahme.bat C:\programme\apacheGroup\abnahme\runAbnahme.bat
diff --git a/id.server/data/abnahme-test/conf/OAConfBasicAuth.xml b/id.server/data/abnahme-test/conf/OAConfBasicAuth.xml new file mode 100644 index 000000000..61455f903 --- /dev/null +++ b/id.server/data/abnahme-test/conf/OAConfBasicAuth.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<!--Sample XML file generated by XMLSPY v5 U (http://www.xmlspy.com)--> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateful</LoginType> + <BasicAuth> + <UserID>MOAGivenName</UserID> + <Password>MOAFamilyName</Password> + </BasicAuth> +</Configuration> diff --git a/id.server/data/abnahme-test/conf/OAConfHeaderAuth.xml b/id.server/data/abnahme-test/conf/OAConfHeaderAuth.xml new file mode 100644 index 000000000..c92e055e9 --- /dev/null +++ b/id.server/data/abnahme-test/conf/OAConfHeaderAuth.xml @@ -0,0 +1,13 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<!--Sample XML file generated by XMLSPY v5 U (http://www.xmlspy.com)--> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateful</LoginType> + <HeaderAuth> + <Header Name="Param1" Value="MOAPublicAuthority"/> + <Header Name="Param2" Value="MOABKZ"/> + <Header Name="Param3" Value="MOAQualifiedCertificate"/> + <Header Name="Param4" Value="MOAZMRZahl"/> + <Header Name="Param5" Value="MOAIPAddress"/> + </HeaderAuth> +</Configuration> diff --git a/id.server/data/abnahme-test/conf/OAConfParamAuth.xml b/id.server/data/abnahme-test/conf/OAConfParamAuth.xml new file mode 100644 index 000000000..a70f6a6c0 --- /dev/null +++ b/id.server/data/abnahme-test/conf/OAConfParamAuth.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<!--Sample XML file generated by XMLSPY v5 U (http://www.xmlspy.com)--> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateful</LoginType> + <ParamAuth> + <Parameter Name="Param1" Value="MOADateOfBirth"/> + <Parameter Name="Param2" Value="MOAVPK"/> + </ParamAuth> +</Configuration> diff --git a/id.server/data/abnahme-test/conf/deploy_AUTH.bat b/id.server/data/abnahme-test/conf/deploy_AUTH.bat new file mode 100644 index 000000000..adb168f09 --- /dev/null +++ b/id.server/data/abnahme-test/conf/deploy_AUTH.bat @@ -0,0 +1,12 @@ +
+cd ..\..\..\..\build\scripts\
+Echo Entferne temporäre Projekt-Dateien und erstelle moa-id-auth.war
+call build id.server clean >null
+call build id.server dist-auth >null
+Echo Lösche altes .war-File vom Server und kopiere neu erzeugte Web-App
+del C:\programme\ApacheGroup\abnahme\webapps\moa-id-auth.war /Q/F/S
+rd C:\programme\ApacheGroup\abnahme\webapps\moa-id-auth /S/Q
+copy ..\..\id.server\tmp\dist\auth\moa-id-auth.war C:\programme\ApacheGroup\abnahme\webapps\moa-id-auth.war
+cd ..\..\id.server\data\abnahme-test\conf
+C:
+cd C:\programme\ApacheGroup\abnahme
diff --git a/id.server/data/abnahme-test/conf/log4j.properties b/id.server/data/abnahme-test/conf/log4j.properties new file mode 100644 index 000000000..86aa9c994 --- /dev/null +++ b/id.server/data/abnahme-test/conf/log4j.properties @@ -0,0 +1,41 @@ +# +# Sample log4j configuration for the MOA-SPSS web service +# + +# commons-logging setup +org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory + +# Define log4j root loggers for the 'moa.spss.server' and 'iaik.server' +# logging hierarchies. +# All logging output is written to the 'stdout' and 'R' appenders. +# Add JDBC if you also want to write it to the database +log4j.rootLogger=info, stdout, R +log4j.logger.moa.spss.server=info +log4j.logger.iaik.server=info +log4j.moa=debug + +# Configure the 'stdout appender' to write logging output to the console +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + +# Configure the rolling file appender 'R' to write logging output +# to the file 'moa-spss.log'. The file is rolled over every 1000KB, +# and a maximum history of 4 log files is being kept. +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=moa-spss.log +log4j.appender.R.MaxFileSize=1000KB +log4j.appender.R.MaxBackupIndex=4 +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + +# Configure the jdbc appender 'JDBC' to write logging output +# to the given PostgreSQL database +# a suitable table called 'spss_log' must have been created in the +# database using the command: +# create table spss_log (log_time timestamp, log_level varchar(5), log_msg varchar(256)) +log4j.appender.JDBC=org.apache.log4j.jdbc.JDBCAppender +log4j.appender.JDBC.driver=org.postgresql.Driver +log4j.appender.JDBC.URL=jdbc:postgresql://10.16.46.108/moa?user=moa&password=moatest +log4j.appender.JDBC.layout=org.apache.log4j.PatternLayout +log4j.appender.JDBC.sql=INSERT INTO spss_log (log_time, log_level, log_msg) VALUES ('%d{ yyyy-MM-dd HH:mm:ss.SSS}', '%5p', '%m')
\ No newline at end of file diff --git a/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml b/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml new file mode 100644 index 000000000..f2e23f2e2 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa-id/ConfigurationTest.xml @@ -0,0 +1,64 @@ +<?xml version="1.0" encoding="UTF-8"?> +<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> + <AuthComponent> + <SecurityLayer> + <TransformsInfo filename="file:/C:/Programme/ApacheGroup/abnahme/conf/moa-id/Transforms/TransformsInfosHTML.xml"/> + </SecurityLayer> + <MOA-SP> + <ConnectionParameter URL="http://localhost:8080/moa-spss/services/"> + <AcceptedServerCertificates>file:/C:/Programme/ApacheGroup/abnahme/conf/moa-id/certs/server-certs</AcceptedServerCertificates> + <!--<ClientKeyStore password="Keystore Pass">file:/c:/</ClientKeyStore> --> + </ConnectionParameter> + <VerifyIdentityLink> + <TrustProfileID>TrustProfile1</TrustProfileID> + </VerifyIdentityLink> + <VerifyAuthBlock> + <TrustProfileID>TrustProfile1</TrustProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID> + <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID> + </VerifyAuthBlock> + </MOA-SP> + <IdentityLinkSigners> + <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium fĂÂŒr öffentliche Leistung und Sport,C=AT</X509SubjectName> + <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName> + <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName> + <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName> + </IdentityLinkSigners> + </AuthComponent> + <ProxyComponent> + <AuthComponent> + <ConnectionParameter URL="http://moatestlinux:18080/moa-id-auth/services/GetAuthenticationData"> + <!-- <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates> + <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> --> + </ConnectionParameter> + </AuthComponent> + </ProxyComponent> + <OnlineApplication publicURLPrefix="https://localhost:9443/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:/c:/Programme/ApacheGroup/abnahme/conf/moa-id/oa/OAConf.xml" sessionTimeOut="600"> + <ConnectionParameter URL="https://moatestlinux:18443/oa/"> + <AcceptedServerCertificates>file:/C:/Programme/ApacheGroup/abnahme/conf/moa-id/oa/server-certs/tomcat</AcceptedServerCertificates> +<!-- <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore> --> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <OnlineApplication publicURLPrefix="https://10.16.126.28:9443/moa-id-proxy/"> + <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/> + <ProxyComponent configFileURL="file:/c:/Programme/ApacheGroup/abnahme/conf/moa-id/oa/OAConf.xml" sessionTimeOut="20"> + <ConnectionParameter URL="https://moatestlinux:18443/oa/"> + <AcceptedServerCertificates>file:/home/moa/id/abnahme/conf/moa-id/oa/server-certs/tomcat</AcceptedServerCertificates> + <!-- <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore> --> + </ConnectionParameter> + </ProxyComponent> + </OnlineApplication> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="/home/moa/id/abnahme/conf/moa-id/certs/cert-store-root"/> + <GenericConfiguration name="TLSTrustedCACertificates" value="file:/home/moa/id/abnahme/conf/moa-id/certs/ca-certs"/> + <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/> + <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/> +</MOA-IDConfiguration> diff --git a/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml b/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml new file mode 100644 index 000000000..82c45565d --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/ConfigurationTest.xml @@ -0,0 +1,136 @@ +<?xml version="1.0" encoding="ISO-8859-1"?> +<MOAConfiguration xmlns="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa-spss="http://reference.e-government.gv.at/namespace/moa/20020822#"> + <CanonicalizationAlgorithm name="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <DigestMethodAlgorithm name="http://www.w3.org/2000/09/xmldsig#sha1"/> + <GenericConfiguration name="IAIKIXSILinit.properties" value="aValidFileName"/> + <GenericConfiguration name="autoAddCertificates" value="true"/> + <GenericConfiguration name="useAuthorityInfoAccess" value="true"/> + <GenericConfiguration name="maxRevocationAge" value="0"/> + <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="aValidPathName"/> + <GenericConfiguration name="archiveRevocationInfo" value="false"/> + <GenericConfiguration name="DataBaseArchiveParameter.JDBCUrl" value="jdbc:postgresql://10.16.46.108/moa?user=moa&password=moatest"/> + <GenericConfiguration name="test.ReferenceBase" value="test"/> + <!-- + <HardwareCryptoModule name="validPathToPKCS11Lib" slotID="validSlotID" userPIN="validPIN"/> + <HardwareKeyModule name="validPathToPKCS11Lib" slotID="validSlotID" userPIN="validPIN"/> + + <HardwareKeyModule id="HSM" name="cryptoki.dll" slotID="0" userPIN="0000"/>--> + <SoftwareKeyModule id="SWKeyModule1" filename="keys/test-ee2003_normal(buergerkarte).p12" password="buergerkarte"/> + <SoftwareKeyModule id="SWKeyModule2" filename="keys/normal-eeExpired.p12" password=""/> + <SoftwareKeyModule id="SWKeyModule3" filename="keys/ecc(ego).p12" password="ego"/> + <SoftwareKeyModule id="SWKeyModule4" filename="keys/DSA.512.p12" password="topSecret"/> + <KeyGroup id="HSMRSAKEY"> + <Key> + <KeyModuleID>HSM</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>C=AT,OU=MOA,O=BRZ,CN=HSMRSAKEY</dsig:X509IssuerName> + <dsig:X509SerialNumber>1</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroup id="PKCS12RSAKey1"> + <!--PKCS12RSAKey1 maps to test-ee2003_normal(buergerkarte).p12--> + <Key> + <KeyModuleID>SWKeyModule1</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroup id="PKCS12RSAKeyExpired"> + <!--PKCS12RSAKey1 maps to sicher-demo(buergerkarte).p12--> + <Key> + <KeyModuleID>SWKeyModule2</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>10</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroup id="PKCS12ECDSAKey1"> + <!--PKCS12ECDSAKey1 maps to ecc(ego).p12--> + <Key> + <KeyModuleID>SWKeyModule3</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK ECDSA Test,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>68172</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroup id="DSAinPKCS12"> + <!--DSAinPKCS12 maps to DSA.512.p12--> + <Key> + <KeyModuleID>SWKeyModule4</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK DSA Test CA,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>761791</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroup id="allKeys"> + <Key> + <KeyModuleID>SWKeyModule1</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + <Key> + <KeyModuleID>SWKeyModule2</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + <Key> + <KeyModuleID>SWKeyModule3</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK ECDSA Test,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>68172</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + <Key> + <KeyModuleID>SWKeyModule4</KeyModuleID> + <KeyCertIssuerSerial> + <dsig:X509IssuerName>CN=IAIK DSA Test CA,OU=JavaSecurity,O=IAIK,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>761791</dsig:X509SerialNumber> + </KeyCertIssuerSerial> + </Key> + </KeyGroup> + <KeyGroupMapping> + <KeyGroup id="PKCS12RSAKey1"/> + <KeyGroup id="PKCS12RSAKeyExpired"/> + <KeyGroup id="PKCS12ECDSAKey1"/> + <KeyGroup id="DSAinPKCS12"/> + <KeyGroup id="HSMRSAKEY"/> + </KeyGroupMapping> + <KeyGroupMapping> + <X509IssuerSerial> + <dsig:X509IssuerName>CN=TestUser,OU=MOA,O=BRZ,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>12345678</dsig:X509SerialNumber> + </X509IssuerSerial> + <KeyGroup id="allKeys"/> + </KeyGroupMapping> + <ChainingModes systemDefaultMode="pkix"> + <TrustAnchor mode="chaining"> + <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName> + <dsig:X509SerialNumber>536</dsig:X509SerialNumber> + </TrustAnchor> + </ChainingModes> + <CRLArchive duration="365"/> + <CRLDistributionPoint> + <CAIssuerDN>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</CAIssuerDN> + <DistributionPoint uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/> + </CRLDistributionPoint> + <CRLDistributionPoint> + <CAIssuerDN>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</CAIssuerDN> + <DistributionPoint reasonCodes="keyCompromise affiliationChanged" uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/> + <DistributionPoint reasonCodes="certificateHold" uri="http://www.iaik.at/testCA/iaik_test_sig.crl"/> + </CRLDistributionPoint> + <VerifyTransformsInfoProfile id="TransformsInfoProfile1MOAID" filename="profiles/TransformsInfoProfile1MOAID.xml"/> + <VerifyTransformsInfoProfile id="TransformsInfoProfile2MOAID" filename="profiles/TransformsInfoProfile2MOAID.xml"/> + <VerifyTransformsInfoProfile id="TransformsInfoProfile3MOAID" filename="profiles/TransformsInfoProfile3MOAID.xml"/> + <TrustProfile id="TrustProfile1" uri="C:/Programme/ApacheGroup/abnahme/conf/moa/trustprofiles/TrustProfile1"/> + <TrustProfile id="TrustProfile2" uri="C:/Programme/ApacheGroup/abnahme/conf/moa/trustprofiles/TrustProfile2"/> +</MOAConfiguration> diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer Binary files differnew file mode 100644 index 000000000..18e6bc109 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Buergerkarte01Root.cer diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer Binary files differnew file mode 100644 index 000000000..1cdc15c6e --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/IAIK_TestRoot.cer diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer Binary files differnew file mode 100644 index 000000000..b5b39633d --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/Max_Mustermann.cer diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer Binary files differnew file mode 100644 index 000000000..81f6fa658 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA1.cer diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer Binary files differnew file mode 100644 index 000000000..99936caa8 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/TestPersonMOA4.cer diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der b/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der Binary files differnew file mode 100644 index 000000000..3a3aa543d --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile1/test-ee2003_normal_inkl_verwaltungs_oid.der diff --git a/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer b/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer Binary files differnew file mode 100644 index 000000000..b5b39633d --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/TrustProfile2/Max_Mustermann.cer diff --git a/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar b/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar Binary files differnew file mode 100644 index 000000000..f25d73cd7 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/common/endorsed/xercesImpl.jar diff --git a/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar b/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar Binary files differnew file mode 100644 index 000000000..c1fa1d645 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/common/endorsed/xmlParserAPIs.jar diff --git a/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12 b/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12 Binary files differnew file mode 100644 index 000000000..8f7a201ac --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/keys/DSA.512.p12 diff --git a/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12 b/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12 Binary files differnew file mode 100644 index 000000000..f84e793c5 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/keys/ecc(ego).p12 diff --git a/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12 b/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12 Binary files differnew file mode 100644 index 000000000..ff65f9fde --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/keys/normal-eeExpired.p12 diff --git a/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12 b/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12 Binary files differnew file mode 100644 index 000000000..efaeb9b98 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/keys/sicher-demo(buergerkarte).p12 diff --git a/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12 b/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12 Binary files differnew file mode 100644 index 000000000..efaeb9b98 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/keys/test-ee2003_normal(buergerkarte).p12 diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml new file mode 100644 index 000000000..c4f5a52af --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile1MOAID.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> +<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestĂ€tigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>GeschĂ€ftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='GeschĂ€ftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms></VerifyTransformsInfoProfile> diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml new file mode 100644 index 000000000..dc4a97716 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile2MOAID.xml @@ -0,0 +1,3 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) --> +<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id('refetsi')/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms></VerifyTransformsInfoProfile> diff --git a/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml new file mode 100644 index 000000000..17c4d8d54 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/profiles/TransformsInfoProfile3MOAID.xml @@ -0,0 +1,19 @@ +<?xml version="1.0" encoding="UTF-8"?> +<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> +<dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform"> +<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> +<html> +<body> +Bitte bestĂ€tigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> +<table border="1"> +<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr> +<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr> +<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr> +<tr><td><b>GeschĂ€ftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='GeschĂ€ftsbereich']/saml:AttributeValue"/></td></tr> +<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr> +</table> +</body> +</html> +</xsl:template> +</xsl:stylesheet></dsig:Transform></dsig:Transforms></VerifyTransformsInfoProfile> diff --git a/id.server/data/abnahme-test/conf/moa/runAbnahme.bat b/id.server/data/abnahme-test/conf/moa/runAbnahme.bat new file mode 100644 index 000000000..8f635081c --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/runAbnahme.bat @@ -0,0 +1,12 @@ +C:
+cd\programme
+cd apacheGroup
+cd abnahme
+rem set moa.id.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa-id\ConfigurationTest.xml
+set moa.spss.server.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa\ConfigurationTest.xml
+rem set CATALINA_OPTS=-Dmoa.id.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa-id\ConfigurationTest.xml -Dlog4j.configuration=file:/C:\Programme\ApacheGroup\abnahme\conf\log4j.properties -Dmoa.spss.server.configuration=C:\Programme\ApacheGroup\abnahme\conf\moa\ConfigurationTest.xml
+set MOA_ROOT=C:\Programme\ApacheGroup\abnahme\
+set CATALINA_OPTS=-Dmoa.spss.server.configuration=%MOA_ROOT%conf\moa\ConfigurationTest.xml -Dlog4j.configuration=file:/%MOA_ROOT%conf\moa\log4j.properties -Dmoa.id.configuration=%MOA_ROOT%conf\moa-id\ConfigurationTest.xml
+set CATALINA_HOME=C:\Programme\ApacheGroup\abnahme
+
+call bin\catalina run
\ No newline at end of file diff --git a/id.server/data/abnahme-test/conf/moa/server.xml b/id.server/data/abnahme-test/conf/moa/server.xml new file mode 100644 index 000000000..75afa9955 --- /dev/null +++ b/id.server/data/abnahme-test/conf/moa/server.xml @@ -0,0 +1,423 @@ +<!-- Example Server Configuration File --> +<!-- Note that component elements are nested corresponding to their + parent-child relationships with each other --> + +<!-- A "Server" is a singleton element that represents the entire JVM, + which may contain one or more "Service" instances. The Server + listens for a shutdown command on the indicated port. + + Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" or "Loggers" at this level. + --> + +<Server port="8005" shutdown="SHUTDOWN" debug="0"> + + + <!-- Comment these entries out to disable JMX MBeans support --> + <!-- You may also configure custom components (e.g. Valves/Realms) by + including your own mbean-descriptor file(s), and setting the + "descriptors" attribute to point to a ';' seperated list of paths + (in the ClassLoader sense) of files to add to the default list. + e.g. descriptors="/com/myfirm/mypackage/mbean-descriptor.xml" + --> + <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" + debug="0"/> + <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" + debug="0"/> + + <!-- Global JNDI resources --> + <GlobalNamingResources> + + <!-- Test entry for demonstration purposes --> + <Environment name="simpleValue" type="java.lang.Integer" value="30"/> + + <!-- Editable user database that can also be used by + UserDatabaseRealm to authenticate users --> + <Resource name="UserDatabase" auth="Container" + type="org.apache.catalina.UserDatabase" + description="User database that can be updated and saved"> + </Resource> + <ResourceParams name="UserDatabase"> + <parameter> + <name>factory</name> + <value>org.apache.catalina.users.MemoryUserDatabaseFactory</value> + </parameter> + <parameter> + <name>pathname</name> + <value>conf/tomcat-users.xml</value> + </parameter> + </ResourceParams> + + </GlobalNamingResources> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" (and therefore the web applications visible + within that Container). Normally, that Container is an "Engine", + but this is not required. + + Note: A "Service" is not itself a "Container", so you may not + define subcomponents such as "Valves" or "Loggers" at this level. + --> + + <!-- Define the Tomcat Stand-Alone Service --> + <Service name="Tomcat-Standalone"> + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Each Connector passes requests on to the + associated "Container" (normally an Engine) for processing. + + By default, a non-SSL HTTP/1.1 Connector is established on port 8080. + You can also enable an SSL HTTP/1.1 Connector on port 8443 by + following the instructions below and uncommenting the second Connector + entry. SSL support requires the following steps (see the SSL Config + HOWTO in the Tomcat 4.0 documentation bundle for more detailed + instructions): + * Download and install JSSE 1.0.2 or later, and put the JAR files + into "$JAVA_HOME/jre/lib/ext". + * Execute: + %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows) + $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix) + with a password value of "changeit" for both the certificate and + the keystore itself. + + By default, DNS lookups are enabled when a web application calls + request.getRemoteHost(). This can have an adverse impact on + performance, so you can disable it by setting the + "enableLookups" attribute to "false". When DNS lookups are disabled, + request.getRemoteHost() will return the String version of the + IP address of the remote client. + --> + + <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 --> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8080" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" + acceptCount="100" debug="0" connectionTimeout="20000" + useURIValidationHack="false" disableUploadTimeout="true" /> + <!-- Note : To disable connection timeouts, set connectionTimeout value + to -1 --> + + <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> + + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8443" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="100" debug="0" scheme="https" secure="true" useURIValidationHack="false" disableUploadTimeout="false"> + <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" clientAuth="false" protocol="TLS" keystoreFile="server.keystore" keystorePass="changeit"/> + </Connector> + + + <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8009" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" + acceptCount="10" debug="0" connectionTimeout="0" + useURIValidationHack="false" + protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/> + + <!-- Define an AJP 1.3 Connector on port 8009 --> + <!-- + <Connector className="org.apache.ajp.tomcat4.Ajp13Connector" + port="8009" minProcessors="5" maxProcessors="75" + acceptCount="10" debug="0"/> + --> + + <!-- Define a Proxied HTTP/1.1 Connector on port 8082 --> + <!-- See proxy documentation for more information about using this. --> + <!-- + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8082" minProcessors="5" maxProcessors="75" + enableLookups="true" + acceptCount="100" debug="0" connectionTimeout="20000" + proxyPort="80" useURIValidationHack="false" + disableUploadTimeout="true" /> + --> + + <!-- Define a non-SSL legacy HTTP/1.1 Test Connector on port 8083 --> + <!-- + <Connector className="org.apache.catalina.connector.http.HttpConnector" + port="8083" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" + acceptCount="10" debug="0" /> + --> + + <!-- Define a non-SSL HTTP/1.0 Test Connector on port 8084 --> + <!-- + <Connector className="org.apache.catalina.connector.http10.HttpConnector" + port="8084" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" + acceptCount="10" debug="0" /> + --> + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). --> + + <!-- You should set jvmRoute to support load-balancing via JK/JK2 ie : + <Engine name="Standalone" defaultHost="localhost" debug="0" jmvRoute="jvm1"> + --> + + <!-- Define the top level container in our container hierarchy --> + <Engine name="Standalone" defaultHost="localhost" debug="0"> + + <!-- The request dumper valve dumps useful debugging information about + the request headers and cookies that were received, and the response + headers and cookies that were sent, for all requests received by + this instance of Tomcat. If you care only about requests to a + particular virtual host, or a particular application, nest this + element inside the corresponding <Host> or <Context> entry instead. + + For a similar mechanism that is portable to all Servlet 2.3 + containers, check out the "RequestDumperFilter" Filter in the + example application (the source for this filter may be found in + "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters"). + + Request dumping is disabled by default. Uncomment the following + element to enable it. --> + <!-- + <Valve className="org.apache.catalina.valves.RequestDumperValve"/> + --> + + <!-- Global logger unless overridden at lower levels --> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="catalina_log." suffix=".txt" + timestamp="true"/> + + <!-- Because this Realm is here, an instance will be shared globally --> + + <!-- This Realm uses the UserDatabase configured in the global JNDI + resources under the key "UserDatabase". Any edits + that are performed against this UserDatabase are immediately + available for use by the Realm. --> + <Realm className="org.apache.catalina.realm.UserDatabaseRealm" + debug="0" resourceName="UserDatabase"/> + + <!-- Comment out the old realm but leave here for now in case we + need to go back quickly --> + <!-- + <Realm className="org.apache.catalina.realm.MemoryRealm" /> + --> + + <!-- Replace the above Realm with one of the following to get a Realm + stored in a database and accessed via JDBC --> + + <!-- + <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" + driverName="org.gjt.mm.mysql.Driver" + connectionURL="jdbc:mysql://localhost/authority" + connectionName="test" connectionPassword="test" + userTable="users" userNameCol="user_name" userCredCol="user_pass" + userRoleTable="user_roles" roleNameCol="role_name" /> + --> + + <!-- + <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" + driverName="oracle.jdbc.driver.OracleDriver" + connectionURL="jdbc:oracle:thin:@ntserver:1521:ORCL" + connectionName="scott" connectionPassword="tiger" + userTable="users" userNameCol="user_name" userCredCol="user_pass" + userRoleTable="user_roles" roleNameCol="role_name" /> + --> + + <!-- + <Realm className="org.apache.catalina.realm.JDBCRealm" debug="99" + driverName="sun.jdbc.odbc.JdbcOdbcDriver" + connectionURL="jdbc:odbc:CATALINA" + userTable="users" userNameCol="user_name" userCredCol="user_pass" + userRoleTable="user_roles" roleNameCol="role_name" /> + --> + + <!-- Define the default virtual host --> + <Host name="localhost" debug="0" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- Normally, users must authenticate themselves to each web app + individually. Uncomment the following entry if you would like + a user to be authenticated the first time they encounter a + resource protected by a security constraint, and then have that + user identity maintained across *all* web applications contained + in this virtual host. --> + <!-- + <Valve className="org.apache.catalina.authenticator.SingleSignOn" + debug="0"/> + --> + + <!-- Access log processes all requests for this virtual host. By + default, log files are created in the "logs" directory relative to + $CATALINA_HOME. If you wish, you can specify a different + directory with the "directory" attribute. Specify either a relative + (to $CATALINA_HOME) or absolute path to the desired directory. + --> + <!-- + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" prefix="localhost_access_log." suffix=".txt" + pattern="common" resolveHosts="false"/> + --> + + <!-- Logger shared by all Contexts related to this virtual host. By + default (when using FileLogger), log files are created in the "logs" + directory relative to $CATALINA_HOME. If you wish, you can specify + a different directory with the "directory" attribute. Specify either a + relative (to $CATALINA_HOME) or absolute path to the desired + directory.--> + <Logger className="org.apache.catalina.logger.FileLogger" + directory="logs" prefix="localhost_log." suffix=".txt" + timestamp="true"/> + + <!-- Define properties for each web application. This is only needed + if you want to set non-default properties, or have web application + document roots in places other than the virtual host's appBase + directory. --> + + <!-- Tomcat Root Context --> + <!-- + <Context path="" docBase="ROOT" debug="0"/> + --> + + <!-- Tomcat Examples Context --> + <Context path="/examples" docBase="examples" debug="0" + reloadable="true" crossContext="true"> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="localhost_examples_log." suffix=".txt" + timestamp="true"/> + <Ejb name="ejb/EmplRecord" type="Entity" + home="com.wombat.empl.EmployeeRecordHome" + remote="com.wombat.empl.EmployeeRecord"/> + + <!-- If you wanted the examples app to be able to edit the + user database, you would uncomment the following entry. + Of course, you would want to enable security on the + application as well, so this is not done by default! + The database object could be accessed like this: + + Context initCtx = new InitialContext(); + Context envCtx = (Context) initCtx.lookup("java:comp/env"); + UserDatabase database = + (UserDatabase) envCtx.lookup("userDatabase"); + --> +<!-- + <ResourceLink name="userDatabase" global="UserDatabase" + type="org.apache.catalina.UserDatabase"/> +--> + + + <!-- PersistentManager: Uncomment the section below to test Persistent + Sessions. + + saveOnRestart: If true, all active sessions will be saved + to the Store when Catalina is shutdown, regardless of + other settings. All Sessions found in the Store will be + loaded on startup. Sessions past their expiration are + ignored in both cases. + maxActiveSessions: If 0 or greater, having too many active + sessions will result in some being swapped out. minIdleSwap + limits this. -1 or 0 means unlimited sessions are allowed. + If it is not possible to swap sessions new sessions will + be rejected. + This avoids thrashing when the site is highly active. + minIdleSwap: Sessions must be idle for at least this long + (in seconds) before they will be swapped out due to + activity. + 0 means sessions will almost always be swapped out after + use - this will be noticeably slow for your users. + maxIdleSwap: Sessions will be swapped out if idle for this + long (in seconds). If minIdleSwap is higher, then it will + override this. This isn't exact: it is checked periodically. + -1 means sessions won't be swapped out for this reason, + although they may be swapped out for maxActiveSessions. + If set to >= 0, guarantees that all sessions found in the + Store will be loaded on startup. + maxIdleBackup: Sessions will be backed up (saved to the Store, + but left in active memory) if idle for this long (in seconds), + and all sessions found in the Store will be loaded on startup. + If set to -1 sessions will not be backed up, 0 means they + should be backed up shortly after being used. + + To clear sessions from the Store, set maxActiveSessions, maxIdleSwap, + and minIdleBackup all to -1, saveOnRestart to false, then restart + Catalina. + --> + <!-- + <Manager className="org.apache.catalina.session.PersistentManager" + debug="0" + saveOnRestart="true" + maxActiveSessions="-1" + minIdleSwap="-1" + maxIdleSwap="-1" + maxIdleBackup="-1"> + <Store className="org.apache.catalina.session.FileStore"/> + </Manager> + --> + <Environment name="maxExemptions" type="java.lang.Integer" + value="15"/> + <Parameter name="context.param.name" value="context.param.value" + override="false"/> + <Resource name="jdbc/EmployeeAppDb" auth="SERVLET" + type="javax.sql.DataSource"/> + <ResourceParams name="jdbc/EmployeeAppDb"> + <parameter><name>username</name><value>sa</value></parameter> + <parameter><name>password</name><value></value></parameter> + <parameter><name>driverClassName</name> + <value>org.hsql.jdbcDriver</value></parameter> + <parameter><name>url</name> + <value>jdbc:HypersonicSQL:database</value></parameter> + </ResourceParams> + <Resource name="mail/Session" auth="Container" + type="javax.mail.Session"/> + <ResourceParams name="mail/Session"> + <parameter> + <name>mail.smtp.host</name> + <value>localhost</value> + </parameter> + </ResourceParams> + <ResourceLink name="linkToGlobalResource" + global="simpleValue" + type="java.lang.Integer"/> + </Context> + + </Host> + + </Engine> + + </Service> + + <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0 + as its servlet container. Please read the README.txt file coming with + the WebApp Module distribution on how to build it. + (Or check out the "jakarta-tomcat-connectors/webapp" CVS repository) + + To configure the Apache side, you must ensure that you have the + "ServerName" and "Port" directives defined in "httpd.conf". Then, + lines like these to the bottom of your "httpd.conf" file: + + LoadModule webapp_module libexec/mod_webapp.so + WebAppConnection warpConnection warp localhost:8008 + WebAppDeploy examples warpConnection /examples/ + + The next time you restart Apache (after restarting Tomcat, if needed) + the connection will be established, and all applications you make + visible via "WebAppDeploy" directives can be accessed through Apache. + --> + + <!-- Define an Apache-Connector Service --> +<!-- + <Service name="Tomcat-Apache"> + + <Connector className="org.apache.catalina.connector.warp.WarpConnector" + port="8008" minProcessors="5" maxProcessors="75" + enableLookups="true" appBase="webapps" + acceptCount="10" debug="0"/> + + <Engine className="org.apache.catalina.connector.warp.WarpEngine" + name="Apache" debug="0"> + + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="apache_log." suffix=".txt" + timestamp="true"/> + + <Realm className="org.apache.catalina.realm.MemoryRealm" /> + + </Engine> + + </Service> +--> + +</Server> diff --git a/id.server/data/abnahme-test/conf/transforms/TransformsInfosHTML.xml b/id.server/data/abnahme-test/conf/transforms/TransformsInfosHTML.xml new file mode 100644 index 000000000..e003297f4 --- /dev/null +++ b/id.server/data/abnahme-test/conf/transforms/TransformsInfosHTML.xml @@ -0,0 +1,63 @@ +<sl10:TransformsInfo> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html> + <body> +Bitte bestÀtigen Sie mit Ihrer Unterschrift folgende Angaben: +<br/> + <table border="1"> + <tr> + <td> + <b>Name:</b> + </td> + <td> + <xsl:value-of select="//@Issuer"/> + </td> + </tr> + <tr> + <td> + <b>Zeit:</b> + </td> + <td> + <xsl:value-of select="//@IssueInstant"/> + </td> + </tr> + <tr> + <td> + <b>Applikation:</b> + </td> + <td> + <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td> + <b>GeschÀftsbereich:</b> + </td> + <td> + <xsl:value-of select="//saml:Attribute[@AttributeName='GeschÀftsbereich']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td> + <b>Anmeldeserver:</b> + </td> + <td> + <xsl:value-of select="//saml:NameIdentifier"/> + </td> + </tr> + </table> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> + </dsig:Transforms> + <sl10:FinalDataMetaInfo> + <sl10:MimeType>text/html</sl10:MimeType> + </sl10:FinalDataMetaInfo> +</sl10:TransformsInfo> |