aboutsummaryrefslogtreecommitdiff
path: root/id.server/data/deploy
diff options
context:
space:
mode:
authorrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2004-03-15 16:07:52 +0000
committerrudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d>2004-03-15 16:07:52 +0000
commit56ed4518d7978c064af5f240494bf587136c93b0 (patch)
treef7d9a57b7915d3b269d2550c9282138b624efa57 /id.server/data/deploy
parent747a8963ec0ffde4c6883dd1c42ad758a88b084c (diff)
downloadmoa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.tar.gz
moa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.tar.bz2
moa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.zip
RSCH
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@99 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/data/deploy')
-rw-r--r--id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml21
-rw-r--r--id.server/data/deploy/tomcat/server.mod_jk.xml157
-rw-r--r--id.server/data/deploy/tomcat/server.xml58
3 files changed, 106 insertions, 130 deletions
diff --git a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
index e55e32679..12366b5ac 100644
--- a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
+++ b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml
@@ -1,6 +1,6 @@
<?xml version="1.0" encoding="UTF-8"?>
<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
- <!-- fuer MOA-ID-AUTH -->
+ <!-- Konfiguration fuer MOA-ID-AUTH -->
<AuthComponent>
<!-- URL und akzeptierte TLS-Server-Zertifikate des verwendeten BKU-Auswahl Service -->
<BKUSelection BKUSelectionAlternative="HTMLComplete">
@@ -17,13 +17,14 @@
<ConnectionParameter URL="http://localhost:8080/moa-spss/services/SignatureVerification"> -->
<!-- <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates> -->
<!-- <ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
- <!-- </ConnectionParameter> -->
+ <!-- </ConnectionParameter>
+ -->
<!-- TrustProfile fuer den IdentityLink der Buergerkarte; muss in MOA-SP konfiguriert sein -->
<VerifyIdentityLink>
<TrustProfileID>MOAIDBuergerkartePersonenbindung</TrustProfileID>
</VerifyIdentityLink>
- <VerifyAuthBlock>
- <!-- TrustProfile fuer die Signatur des AUTH-Blocks der Buergerkarte; muss in MOA-SP konfiguriert sein -->
+ <!-- TrustProfile fuer die Signatur des AUTH-Blocks der Buergerkarte; muss in MOA-SP konfiguriert sein -->
+ <VerifyAuthBlock>
<TrustProfileID>MOAIDBuergerkarteAuthentisierungsDaten</TrustProfileID>
<!-- VerifyTransformsInfoProfile mit den Transformationen fuer die Anzeige der Anmeldedaten im Secure Viewer; muss in MOA-SP konfiguriert sein -->
<VerifyTransformsInfoProfileID>MOAIDTransformAuthBlock</VerifyTransformsInfoProfileID>
@@ -34,7 +35,7 @@
<X509SubjectName>CN=zmr,OU=BMI-IV-2,O=BMI,C=AT</X509SubjectName>
</IdentityLinkSigners>
</AuthComponent>
- <!-- fuer MOA-ID-PROXY -->
+ <!-- Konfiguration fuer MOA-ID-PROXY -->
<ProxyComponent>
<!-- URL und akzeptierte TLS-Server-Zertifikate des MOA-ID-AUTH Web Service -->
<AuthComponent>
@@ -48,7 +49,7 @@
<!-- Demo Online-Applikation: Zugriff auf www.cio.gv.at ueber MOA-ID-PROXY -->
<OnlineApplication publicURLPrefix="https://localhost:8443/">
<!-- fuer MOA-ID-AUTH -->
- <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <AuthComponent provideStammzahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
<!-- fuer MOA-ID-PROXY -->
<ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600">
<!-- <ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600" loginParameterResolverImpl="at.gv.egovernment.moa.id.proxy.DefaultLoginParameterResolver" loginParameterResolverConfiguration="" connectionBuilderImpl="at.gv.egovernment.moa.id.proxy.DefaultConnectionBuilder"> -->
@@ -66,13 +67,13 @@
<dsig:X509SerialNumber>536</dsig:X509SerialNumber>
</TrustAnchor>
</ChainingModes>
- <!-- fuer MOA-ID-AUTH: Rootzertifikate des Servers MOA-SP, falls ueber HTTPS angesprochen -->
- <!-- fuer MOA-ID-PROXY: Rootzertifikate des Servers MOA-ID-AUTH, falls ueber HTTPS angesprochen,
- und aller Online-Applikationen, die ueber HTTPS angesprochen werden -->
+ <!-- fuer MOA-ID-AUTH: CA-Zertifikat des Servers MOA-SP, falls dieses Service ueber HTTPS angesprochen wird
+ fuer MOA-ID-PROXY: CA-Zertifikat des Servers MOA-ID-AUTH, falls dieses Service ueber HTTPS angesprochen wird
+ zusaeztlich: CA-Zertifikat aller Online-Applikationen, die ueber HTTPS angesprochen werden -->
<TrustedCACertificates>certs/ca-certs</TrustedCACertificates>
<!-- Cache-Verzeichnis fuer-Zertifikate -->
- <!-- Hinweis: wenn TC in linux oder unix betrieben wird vollständigen pfad für DirectoryCertStoreParameters.RootDir verwenden -->
+ <!-- Hinweis: wenn TC in linux oder unix betrieben wird vollstaendigen pfad fuer DirectoryCertStoreParameters.RootDir verwenden -->
<GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="certs/certstore"/>
<!-- Time-Out fuer die Anmeldung von Beginn bis zum Anlegen der Anmeldedaten, in Sekunden -->
<GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/>
diff --git a/id.server/data/deploy/tomcat/server.mod_jk.xml b/id.server/data/deploy/tomcat/server.mod_jk.xml
index 61100b260..b32cf7844 100644
--- a/id.server/data/deploy/tomcat/server.mod_jk.xml
+++ b/id.server/data/deploy/tomcat/server.mod_jk.xml
@@ -1,7 +1,6 @@
<!-- Alternate Example-less Configuration File -->
<!-- Note that component elements are nested corresponding to their
parent-child relationships with each other -->
-
<!-- A "Server" is a singleton element that represents the entire JVM,
which may contain one or more "Service" instances. The Server
listens for a shutdown command on the indicated port.
@@ -9,18 +8,13 @@
Note: A "Server" is not itself a "Container", so you may not
define subcomponents such as "Valves" or "Loggers" at this level.
-->
-
<Server port="8005" shutdown="SHUTDOWN" debug="0">
-
-
- <!-- Uncomment this entry to enable JMX MBeans support -->
-<!--
+ <!-- Uncomment this entry to enable JMX MBeans support -->
+ <!--
<Listener className="org.apache.catalina.mbeans.ServerLifecycleListener"
debug="0" port="-1" login="admin" password="admin"/>
-->
-
-
- <!-- A "Service" is a collection of one or more "Connectors" that share
+ <!-- A "Service" is a collection of one or more "Connectors" that share
a single "Container" (and therefore the web applications visible
within that Container). Normally, that Container is an "Engine",
but this is not required.
@@ -28,11 +22,9 @@
Note: A "Service" is not itself a "Container", so you may not
define subcomponents such as "Valves" or "Loggers" at this level.
-->
-
- <!-- Define the Tomcat Stand-Alone Service -->
- <Service name="Tomcat-Standalone">
-
- <!-- A "Connector" represents an endpoint by which requests are received
+ <!-- Define the Tomcat Stand-Alone Service -->
+ <Service name="Tomcat-Standalone">
+ <!-- A "Connector" represents an endpoint by which requests are received
and responses are returned. Each Connector passes requests on to the
associated "Container" (normally an Engine) for processing.
@@ -57,24 +49,19 @@
request.getRemoteHost() will return the String version of the
IP address of the remote client.
-->
-
- <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
- <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
- port="8009" minProcessors="5" maxProcessors="75"
- enableLookups="true" redirectPort="8443"
- acceptCount="10" debug="0" connectionTimeout="0"
- useURIValidationHack="false"
- protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
-
- <!-- An Engine represents the entry point (within Catalina) that processes
+ <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8009" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443" acceptCount="10" debug="0"
+ connectionTimeout="0" useURIValidationHack="false"
+ protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/>
+ <!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
on to the appropriate Host (virtual host). -->
-
- <!-- Define the top level container in our container hierarchy -->
- <Engine name="Standalone" defaultHost="localhost" debug="0">
-
- <!-- The request dumper valve dumps useful debugging information about
+ <!-- Define the top level container in our container hierarchy -->
+ <Engine name="Standalone" defaultHost="localhost" debug="0">
+ <!-- The request dumper valve dumps useful debugging information about
the request headers and cookies that were received, and the response
headers and cookies that were sent, for all requests received by
this instance of Tomcat. If you care only about requests to a
@@ -88,74 +75,59 @@
Request dumping is disabled by default. Uncomment the following
element to enable it. -->
- <!--
+ <!--
<Valve className="org.apache.catalina.valves.RequestDumperValve"/>
-->
-
- <!-- Global logger unless overridden at lower levels -->
- <Logger className="org.apache.catalina.logger.FileLogger"
- prefix="catalina_log." suffix=".txt"
- timestamp="true"/>
-
- <!-- Because this Realm is here, an instance will be shared globally -->
-
- <Realm className="org.apache.catalina.realm.MemoryRealm" />
-
- <!-- Replace the above Realm with one of the following to get a Realm
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ <!-- Replace the above Realm with one of the following to get a Realm
stored in a database and accessed via JDBC -->
-
- <!-- Define the default virtual host -->
- <Host name="localhost" debug="0" appBase="webapps"
- unpackWARs="true" autoDeploy="true">
-
- <!-- Normally, users must authenticate themselves to each web app
+ <!-- Define the default virtual host -->
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
+ <!-- Normally, users must authenticate themselves to each web app
individually. Uncomment the following entry if you would like
a user to be authenticated the first time they encounter a
resource protected by a security constraint, and then have that
user identity maintained across *all* web applications contained
in this virtual host. -->
- <!--
+ <!--
<Valve className="org.apache.catalina.authenticator.SingleSignOn"
debug="0"/>
-->
-
- <!-- Access log processes all requests for this virtual host. By
+ <!-- Access log processes all requests for this virtual host. By
default, log files are created in the "logs" directory relative to
$CATALINA_HOME. If you wish, you can specify a different
directory with the "directory" attribute. Specify either a relative
(to $CATALINA_HOME) or absolute path to the desired directory.
-->
- <Valve className="org.apache.catalina.valves.AccessLogValve"
- directory="logs" prefix="localhost_access_log." suffix=".txt"
- pattern="common"/>
-
- <!-- Logger shared by all Contexts related to this virtual host. By
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log."
+ suffix=".txt" pattern="common"/>
+ <!-- Logger shared by all Contexts related to this virtual host. By
default (when using FileLogger), log files are created in the "logs"
directory relative to $CATALINA_HOME. If you wish, you can specify
a different directory with the "directory" attribute. Specify either a
relative (to $CATALINA_HOME) or absolute path to the desired
directory.-->
- <Logger className="org.apache.catalina.logger.FileLogger"
- directory="logs" prefix="localhost_log." suffix=".txt"
- timestamp="true"/>
-
- <!-- Define properties for each web application. This is only needed
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
+ <!-- Define properties for each web application. This is only needed
if you want to set non-default properties, or have web application
document roots in places other than the virtual host's appBase
directory. -->
-
- <!-- Tomcat Root Context -->
- <!--
+ <!-- Tomcat Root Context -->
+ <!--
<Context path="" docBase="ROOT" debug="0"/>
-->
-
- </Host>
-
- </Engine>
-
- </Service>
-
- <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0
+ </Host>
+ </Engine>
+ </Service>
+ <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0
as its servlet container. Please read the README.txt file coming with
the WebApp Module distribution on how to build it.
(Or check out the "jakarta-tomcat-connectors/webapp" CVS repository)
@@ -172,30 +144,19 @@
the connection will be established, and all applications you make
visible via "WebAppDeploy" directives can be accessed through Apache.
-->
-
- <!-- Define an Apache-Connector Service -->
- <Service name="Tomcat-Apache">
-
- <Connector className="org.apache.catalina.connector.warp.WarpConnector"
- port="8008" minProcessors="5" maxProcessors="75"
- enableLookups="true"
- acceptCount="10" debug="0"/>
-
- <!-- Replace "localhost" with what your Apache "ServerName" is set to -->
- <Engine className="org.apache.catalina.connector.warp.WarpEngine"
- name="Apache" debug="0" appBase="webapps">
-
- <!-- Global logger unless overridden at lower levels -->
- <Logger className="org.apache.catalina.logger.FileLogger"
- prefix="apache_log." suffix=".txt"
- timestamp="true"/>
-
- <!-- Because this Realm is here, an instance will be shared globally -->
- <Realm className="org.apache.catalina.realm.MemoryRealm" />
-
- </Engine>
-
- </Service>
-
-</Server>
-
+ <!-- Define an Apache-Connector Service -->
+ <Service name="Tomcat-Apache">
+ <Connector className="org.apache.catalina.connector.warp.WarpConnector"
+ port="8008" minProcessors="5" maxProcessors="75"
+ enableLookups="true" acceptCount="10" debug="0"/>
+ <!-- Replace "localhost" with what your Apache "ServerName" is set to -->
+ <Engine className="org.apache.catalina.connector.warp.WarpEngine"
+ name="Apache" debug="0" appBase="webapps">
+ <!-- Global logger unless overridden at lower levels -->
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="apache_log." suffix=".txt" timestamp="true"/>
+ <!-- Because this Realm is here, an instance will be shared globally -->
+ <Realm className="org.apache.catalina.realm.MemoryRealm" />
+ </Engine>
+ </Service>
+</Server> \ No newline at end of file
diff --git a/id.server/data/deploy/tomcat/server.xml b/id.server/data/deploy/tomcat/server.xml
index c99136fa2..2fd7b6439 100644
--- a/id.server/data/deploy/tomcat/server.xml
+++ b/id.server/data/deploy/tomcat/server.xml
@@ -50,18 +50,22 @@
IP address of the remote client.
-->
<!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 -->
- <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8080" minProcessors="5" maxProcessors="75" enableLookups="true" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" useURIValidationHack="false" disableUploadTimeout="true"/>
- <!-- Note : To disable connection timeouts, set connectionTimeout value
- to -1 -->
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8080" minProcessors="5" maxProcessors="75"
+ enableLookups="true" redirectPort="8443" acceptCount="100"
+ debug="0" connectionTimeout="20000" useURIValidationHack="false"
+ disableUploadTimeout="true"/>
+ <!-- Note : To disable connection timeouts, set connectionTimeout value to -1 -->
<!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
- <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
- port="8443" minProcessors="5" maxProcessors="75"
- enableLookups="uri"
- acceptCount="100" debug="0" scheme="https" secure="true"
- useURIValidationHack="false" disableUploadTimeout="true">
- <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
- clientAuth="false" protocol="TLS"/>
- </Connector>
+ <Connector className="org.apache.coyote.tomcat4.CoyoteConnector"
+ port="8443" minProcessors="5" maxProcessors="75"
+ enableLookups="uri" acceptCount="100" debug="0" scheme="https"
+ secure="true" useURIValidationHack="false"
+ disableUploadTimeout="true">
+ <Factory
+ className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory"
+ clientAuth="false" protocol="TLS"/>
+ </Connector>
<!-- An Engine represents the entry point (within Catalina) that processes
every request. The Engine implementation for Tomcat stand alone
analyzes the HTTP headers included with the request, and passes them
@@ -83,14 +87,16 @@
Request dumping is disabled by default. Uncomment the following
element to enable it. -->
<!--
- <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
- -->
+ <Valve className="org.apache.catalina.valves.RequestDumperValve"/>
+ -->
<!-- Global logger unless overridden at lower levels -->
- <Logger className="org.apache.catalina.logger.FileLogger" prefix="catalina_log." suffix=".txt" timestamp="true"/>
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="catalina_log." suffix=".txt" timestamp="true"/>
<!-- Because this Realm is here, an instance will be shared globally -->
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
<!-- Define the default virtual host -->
- <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="true">
+ <Host name="localhost" debug="0" appBase="webapps"
+ unpackWARs="true" autoDeploy="true">
<!-- Normally, users must authenticate themselves to each web app
individually. Uncomment the following entry if you would like
a user to be authenticated the first time they encounter a
@@ -107,19 +113,23 @@
directory with the "directory" attribute. Specify either a relative
(to $CATALINA_HOME) or absolute path to the desired directory.
-->
- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="common"/>
+ <Valve className="org.apache.catalina.valves.AccessLogValve"
+ directory="logs" prefix="localhost_access_log."
+ suffix=".txt" pattern="common"/>
<!-- Logger shared by all Contexts related to this virtual host. By
default (when using FileLogger), log files are created in the "logs"
directory relative to $CATALINA_HOME. If you wish, you can specify
a different directory with the "directory" attribute. Specify either a
relative (to $CATALINA_HOME) or absolute path to the desired
directory.-->
- <Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/>
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ directory="logs" prefix="localhost_log." suffix=".txt"
+ timestamp="true"/>
<!-- Define properties for each web application. This is only needed
if you want to set non-default properties, or have web application
document roots in places other than the virtual host's appBase
directory. -->
- <!-- Tomcat Root Context -->
+ <!-- Tomcat Root Context -->
<!--
<Context path="" docBase="../moa-id-proxy.war" debug="0"/>
-->
@@ -145,13 +155,17 @@
-->
<!-- Define an Apache-Connector Service -->
<Service name="Tomcat-Apache">
- <Connector className="org.apache.catalina.connector.warp.WarpConnector" port="8008" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="10" debug="0"/>
+ <Connector className="org.apache.catalina.connector.warp.WarpConnector"
+ port="8008" minProcessors="5" maxProcessors="75"
+ enableLookups="true" acceptCount="10" debug="0"/>
<!-- Replace "localhost" with what your Apache "ServerName" is set to -->
- <Engine className="org.apache.catalina.connector.warp.WarpEngine" name="Apache" debug="0" appBase="webapps">
+ <Engine className="org.apache.catalina.connector.warp.WarpEngine"
+ name="Apache" debug="0" appBase="webapps">
<!-- Global logger unless overridden at lower levels -->
- <Logger className="org.apache.catalina.logger.FileLogger" prefix="apache_log." suffix=".txt" timestamp="true"/>
+ <Logger className="org.apache.catalina.logger.FileLogger"
+ prefix="apache_log." suffix=".txt" timestamp="true"/>
<!-- Because this Realm is here, an instance will be shared globally -->
<Realm className="org.apache.catalina.realm.MemoryRealm"/>
</Engine>
</Service>
-</Server>
+</Server> \ No newline at end of file