diff options
author | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-03-15 16:07:52 +0000 |
---|---|---|
committer | rudolf <rudolf@d688527b-c9ab-4aba-bd8d-4036d912da1d> | 2004-03-15 16:07:52 +0000 |
commit | 56ed4518d7978c064af5f240494bf587136c93b0 (patch) | |
tree | f7d9a57b7915d3b269d2550c9282138b624efa57 /id.server/data/deploy | |
parent | 747a8963ec0ffde4c6883dd1c42ad758a88b084c (diff) | |
download | moa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.tar.gz moa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.tar.bz2 moa-id-spss-56ed4518d7978c064af5f240494bf587136c93b0.zip |
RSCH
git-svn-id: https://joinup.ec.europa.eu/svn/moa-idspss/trunk@99 d688527b-c9ab-4aba-bd8d-4036d912da1d
Diffstat (limited to 'id.server/data/deploy')
-rw-r--r-- | id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml | 21 | ||||
-rw-r--r-- | id.server/data/deploy/tomcat/server.mod_jk.xml | 157 | ||||
-rw-r--r-- | id.server/data/deploy/tomcat/server.xml | 58 |
3 files changed, 106 insertions, 130 deletions
diff --git a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml index e55e32679..12366b5ac 100644 --- a/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml +++ b/id.server/data/deploy/conf/moa-id/SampleMOAIDConfiguration.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"> - <!-- fuer MOA-ID-AUTH --> + <!-- Konfiguration fuer MOA-ID-AUTH --> <AuthComponent> <!-- URL und akzeptierte TLS-Server-Zertifikate des verwendeten BKU-Auswahl Service --> <BKUSelection BKUSelectionAlternative="HTMLComplete"> @@ -17,13 +17,14 @@ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/SignatureVerification"> --> <!-- <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates> --> <!-- <ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> --> - <!-- </ConnectionParameter> --> + <!-- </ConnectionParameter> + --> <!-- TrustProfile fuer den IdentityLink der Buergerkarte; muss in MOA-SP konfiguriert sein --> <VerifyIdentityLink> <TrustProfileID>MOAIDBuergerkartePersonenbindung</TrustProfileID> </VerifyIdentityLink> - <VerifyAuthBlock> - <!-- TrustProfile fuer die Signatur des AUTH-Blocks der Buergerkarte; muss in MOA-SP konfiguriert sein --> + <!-- TrustProfile fuer die Signatur des AUTH-Blocks der Buergerkarte; muss in MOA-SP konfiguriert sein --> + <VerifyAuthBlock> <TrustProfileID>MOAIDBuergerkarteAuthentisierungsDaten</TrustProfileID> <!-- VerifyTransformsInfoProfile mit den Transformationen fuer die Anzeige der Anmeldedaten im Secure Viewer; muss in MOA-SP konfiguriert sein --> <VerifyTransformsInfoProfileID>MOAIDTransformAuthBlock</VerifyTransformsInfoProfileID> @@ -34,7 +35,7 @@ <X509SubjectName>CN=zmr,OU=BMI-IV-2,O=BMI,C=AT</X509SubjectName> </IdentityLinkSigners> </AuthComponent> - <!-- fuer MOA-ID-PROXY --> + <!-- Konfiguration fuer MOA-ID-PROXY --> <ProxyComponent> <!-- URL und akzeptierte TLS-Server-Zertifikate des MOA-ID-AUTH Web Service --> <AuthComponent> @@ -48,7 +49,7 @@ <!-- Demo Online-Applikation: Zugriff auf www.cio.gv.at ueber MOA-ID-PROXY --> <OnlineApplication publicURLPrefix="https://localhost:8443/"> <!-- fuer MOA-ID-AUTH --> - <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> + <AuthComponent provideStammzahl="false" provideAUTHBlock="false" provideIdentityLink="false"/> <!-- fuer MOA-ID-PROXY --> <ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600"> <!-- <ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600" loginParameterResolverImpl="at.gv.egovernment.moa.id.proxy.DefaultLoginParameterResolver" loginParameterResolverConfiguration="" connectionBuilderImpl="at.gv.egovernment.moa.id.proxy.DefaultConnectionBuilder"> --> @@ -66,13 +67,13 @@ <dsig:X509SerialNumber>536</dsig:X509SerialNumber> </TrustAnchor> </ChainingModes> - <!-- fuer MOA-ID-AUTH: Rootzertifikate des Servers MOA-SP, falls ueber HTTPS angesprochen --> - <!-- fuer MOA-ID-PROXY: Rootzertifikate des Servers MOA-ID-AUTH, falls ueber HTTPS angesprochen, - und aller Online-Applikationen, die ueber HTTPS angesprochen werden --> + <!-- fuer MOA-ID-AUTH: CA-Zertifikat des Servers MOA-SP, falls dieses Service ueber HTTPS angesprochen wird + fuer MOA-ID-PROXY: CA-Zertifikat des Servers MOA-ID-AUTH, falls dieses Service ueber HTTPS angesprochen wird + zusaeztlich: CA-Zertifikat aller Online-Applikationen, die ueber HTTPS angesprochen werden --> <TrustedCACertificates>certs/ca-certs</TrustedCACertificates> <!-- Cache-Verzeichnis fuer-Zertifikate --> - <!-- Hinweis: wenn TC in linux oder unix betrieben wird vollständigen pfad für DirectoryCertStoreParameters.RootDir verwenden --> + <!-- Hinweis: wenn TC in linux oder unix betrieben wird vollstaendigen pfad fuer DirectoryCertStoreParameters.RootDir verwenden --> <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="certs/certstore"/> <!-- Time-Out fuer die Anmeldung von Beginn bis zum Anlegen der Anmeldedaten, in Sekunden --> <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/> diff --git a/id.server/data/deploy/tomcat/server.mod_jk.xml b/id.server/data/deploy/tomcat/server.mod_jk.xml index 61100b260..b32cf7844 100644 --- a/id.server/data/deploy/tomcat/server.mod_jk.xml +++ b/id.server/data/deploy/tomcat/server.mod_jk.xml @@ -1,7 +1,6 @@ <!-- Alternate Example-less Configuration File --> <!-- Note that component elements are nested corresponding to their parent-child relationships with each other --> - <!-- A "Server" is a singleton element that represents the entire JVM, which may contain one or more "Service" instances. The Server listens for a shutdown command on the indicated port. @@ -9,18 +8,13 @@ Note: A "Server" is not itself a "Container", so you may not define subcomponents such as "Valves" or "Loggers" at this level. --> - <Server port="8005" shutdown="SHUTDOWN" debug="0"> - - - <!-- Uncomment this entry to enable JMX MBeans support --> -<!-- + <!-- Uncomment this entry to enable JMX MBeans support --> + <!-- <Listener className="org.apache.catalina.mbeans.ServerLifecycleListener" debug="0" port="-1" login="admin" password="admin"/> --> - - - <!-- A "Service" is a collection of one or more "Connectors" that share + <!-- A "Service" is a collection of one or more "Connectors" that share a single "Container" (and therefore the web applications visible within that Container). Normally, that Container is an "Engine", but this is not required. @@ -28,11 +22,9 @@ Note: A "Service" is not itself a "Container", so you may not define subcomponents such as "Valves" or "Loggers" at this level. --> - - <!-- Define the Tomcat Stand-Alone Service --> - <Service name="Tomcat-Standalone"> - - <!-- A "Connector" represents an endpoint by which requests are received + <!-- Define the Tomcat Stand-Alone Service --> + <Service name="Tomcat-Standalone"> + <!-- A "Connector" represents an endpoint by which requests are received and responses are returned. Each Connector passes requests on to the associated "Container" (normally an Engine) for processing. @@ -57,24 +49,19 @@ request.getRemoteHost() will return the String version of the IP address of the remote client. --> - - <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> - <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" - port="8009" minProcessors="5" maxProcessors="75" - enableLookups="true" redirectPort="8443" - acceptCount="10" debug="0" connectionTimeout="0" - useURIValidationHack="false" - protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/> - - <!-- An Engine represents the entry point (within Catalina) that processes + <!-- Define a Coyote/JK2 AJP 1.3 Connector on port 8009 --> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8009" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" acceptCount="10" debug="0" + connectionTimeout="0" useURIValidationHack="false" + protocolHandlerClassName="org.apache.jk.server.JkCoyoteHandler"/> + <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them on to the appropriate Host (virtual host). --> - - <!-- Define the top level container in our container hierarchy --> - <Engine name="Standalone" defaultHost="localhost" debug="0"> - - <!-- The request dumper valve dumps useful debugging information about + <!-- Define the top level container in our container hierarchy --> + <Engine name="Standalone" defaultHost="localhost" debug="0"> + <!-- The request dumper valve dumps useful debugging information about the request headers and cookies that were received, and the response headers and cookies that were sent, for all requests received by this instance of Tomcat. If you care only about requests to a @@ -88,74 +75,59 @@ Request dumping is disabled by default. Uncomment the following element to enable it. --> - <!-- + <!-- <Valve className="org.apache.catalina.valves.RequestDumperValve"/> --> - - <!-- Global logger unless overridden at lower levels --> - <Logger className="org.apache.catalina.logger.FileLogger" - prefix="catalina_log." suffix=".txt" - timestamp="true"/> - - <!-- Because this Realm is here, an instance will be shared globally --> - - <Realm className="org.apache.catalina.realm.MemoryRealm" /> - - <!-- Replace the above Realm with one of the following to get a Realm + <!-- Global logger unless overridden at lower levels --> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="catalina_log." suffix=".txt" timestamp="true"/> + <!-- Because this Realm is here, an instance will be shared globally --> + <Realm className="org.apache.catalina.realm.MemoryRealm" /> + <!-- Replace the above Realm with one of the following to get a Realm stored in a database and accessed via JDBC --> - - <!-- Define the default virtual host --> - <Host name="localhost" debug="0" appBase="webapps" - unpackWARs="true" autoDeploy="true"> - - <!-- Normally, users must authenticate themselves to each web app + <!-- Define the default virtual host --> + <Host name="localhost" debug="0" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + <!-- Normally, users must authenticate themselves to each web app individually. Uncomment the following entry if you would like a user to be authenticated the first time they encounter a resource protected by a security constraint, and then have that user identity maintained across *all* web applications contained in this virtual host. --> - <!-- + <!-- <Valve className="org.apache.catalina.authenticator.SingleSignOn" debug="0"/> --> - - <!-- Access log processes all requests for this virtual host. By + <!-- Access log processes all requests for this virtual host. By default, log files are created in the "logs" directory relative to $CATALINA_HOME. If you wish, you can specify a different directory with the "directory" attribute. Specify either a relative (to $CATALINA_HOME) or absolute path to the desired directory. --> - <Valve className="org.apache.catalina.valves.AccessLogValve" - directory="logs" prefix="localhost_access_log." suffix=".txt" - pattern="common"/> - - <!-- Logger shared by all Contexts related to this virtual host. By + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" prefix="localhost_access_log." + suffix=".txt" pattern="common"/> + <!-- Logger shared by all Contexts related to this virtual host. By default (when using FileLogger), log files are created in the "logs" directory relative to $CATALINA_HOME. If you wish, you can specify a different directory with the "directory" attribute. Specify either a relative (to $CATALINA_HOME) or absolute path to the desired directory.--> - <Logger className="org.apache.catalina.logger.FileLogger" - directory="logs" prefix="localhost_log." suffix=".txt" - timestamp="true"/> - - <!-- Define properties for each web application. This is only needed + <Logger className="org.apache.catalina.logger.FileLogger" + directory="logs" prefix="localhost_log." suffix=".txt" + timestamp="true"/> + <!-- Define properties for each web application. This is only needed if you want to set non-default properties, or have web application document roots in places other than the virtual host's appBase directory. --> - - <!-- Tomcat Root Context --> - <!-- + <!-- Tomcat Root Context --> + <!-- <Context path="" docBase="ROOT" debug="0"/> --> - - </Host> - - </Engine> - - </Service> - - <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0 + </Host> + </Engine> + </Service> + <!-- The MOD_WEBAPP connector is used to connect Apache 1.3 with Tomcat 4.0 as its servlet container. Please read the README.txt file coming with the WebApp Module distribution on how to build it. (Or check out the "jakarta-tomcat-connectors/webapp" CVS repository) @@ -172,30 +144,19 @@ the connection will be established, and all applications you make visible via "WebAppDeploy" directives can be accessed through Apache. --> - - <!-- Define an Apache-Connector Service --> - <Service name="Tomcat-Apache"> - - <Connector className="org.apache.catalina.connector.warp.WarpConnector" - port="8008" minProcessors="5" maxProcessors="75" - enableLookups="true" - acceptCount="10" debug="0"/> - - <!-- Replace "localhost" with what your Apache "ServerName" is set to --> - <Engine className="org.apache.catalina.connector.warp.WarpEngine" - name="Apache" debug="0" appBase="webapps"> - - <!-- Global logger unless overridden at lower levels --> - <Logger className="org.apache.catalina.logger.FileLogger" - prefix="apache_log." suffix=".txt" - timestamp="true"/> - - <!-- Because this Realm is here, an instance will be shared globally --> - <Realm className="org.apache.catalina.realm.MemoryRealm" /> - - </Engine> - - </Service> - -</Server> - + <!-- Define an Apache-Connector Service --> + <Service name="Tomcat-Apache"> + <Connector className="org.apache.catalina.connector.warp.WarpConnector" + port="8008" minProcessors="5" maxProcessors="75" + enableLookups="true" acceptCount="10" debug="0"/> + <!-- Replace "localhost" with what your Apache "ServerName" is set to --> + <Engine className="org.apache.catalina.connector.warp.WarpEngine" + name="Apache" debug="0" appBase="webapps"> + <!-- Global logger unless overridden at lower levels --> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="apache_log." suffix=".txt" timestamp="true"/> + <!-- Because this Realm is here, an instance will be shared globally --> + <Realm className="org.apache.catalina.realm.MemoryRealm" /> + </Engine> + </Service> +</Server>
\ No newline at end of file diff --git a/id.server/data/deploy/tomcat/server.xml b/id.server/data/deploy/tomcat/server.xml index c99136fa2..2fd7b6439 100644 --- a/id.server/data/deploy/tomcat/server.xml +++ b/id.server/data/deploy/tomcat/server.xml @@ -50,18 +50,22 @@ IP address of the remote client. --> <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 --> - <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" port="8080" minProcessors="5" maxProcessors="75" enableLookups="true" redirectPort="8443" acceptCount="100" debug="0" connectionTimeout="20000" useURIValidationHack="false" disableUploadTimeout="true"/> - <!-- Note : To disable connection timeouts, set connectionTimeout value - to -1 --> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8080" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8443" acceptCount="100" + debug="0" connectionTimeout="20000" useURIValidationHack="false" + disableUploadTimeout="true"/> + <!-- Note : To disable connection timeouts, set connectionTimeout value to -1 --> <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> - <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" - port="8443" minProcessors="5" maxProcessors="75" - enableLookups="uri" - acceptCount="100" debug="0" scheme="https" secure="true" - useURIValidationHack="false" disableUploadTimeout="true"> - <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" - clientAuth="false" protocol="TLS"/> - </Connector> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8443" minProcessors="5" maxProcessors="75" + enableLookups="uri" acceptCount="100" debug="0" scheme="https" + secure="true" useURIValidationHack="false" + disableUploadTimeout="true"> + <Factory + className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" + clientAuth="false" protocol="TLS"/> + </Connector> <!-- An Engine represents the entry point (within Catalina) that processes every request. The Engine implementation for Tomcat stand alone analyzes the HTTP headers included with the request, and passes them @@ -83,14 +87,16 @@ Request dumping is disabled by default. Uncomment the following element to enable it. --> <!-- - <Valve className="org.apache.catalina.valves.RequestDumperValve"/> - --> + <Valve className="org.apache.catalina.valves.RequestDumperValve"/> + --> <!-- Global logger unless overridden at lower levels --> - <Logger className="org.apache.catalina.logger.FileLogger" prefix="catalina_log." suffix=".txt" timestamp="true"/> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="catalina_log." suffix=".txt" timestamp="true"/> <!-- Because this Realm is here, an instance will be shared globally --> <Realm className="org.apache.catalina.realm.MemoryRealm"/> <!-- Define the default virtual host --> - <Host name="localhost" debug="0" appBase="webapps" unpackWARs="true" autoDeploy="true"> + <Host name="localhost" debug="0" appBase="webapps" + unpackWARs="true" autoDeploy="true"> <!-- Normally, users must authenticate themselves to each web app individually. Uncomment the following entry if you would like a user to be authenticated the first time they encounter a @@ -107,19 +113,23 @@ directory with the "directory" attribute. Specify either a relative (to $CATALINA_HOME) or absolute path to the desired directory. --> - <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs" prefix="localhost_access_log." suffix=".txt" pattern="common"/> + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" prefix="localhost_access_log." + suffix=".txt" pattern="common"/> <!-- Logger shared by all Contexts related to this virtual host. By default (when using FileLogger), log files are created in the "logs" directory relative to $CATALINA_HOME. If you wish, you can specify a different directory with the "directory" attribute. Specify either a relative (to $CATALINA_HOME) or absolute path to the desired directory.--> - <Logger className="org.apache.catalina.logger.FileLogger" directory="logs" prefix="localhost_log." suffix=".txt" timestamp="true"/> + <Logger className="org.apache.catalina.logger.FileLogger" + directory="logs" prefix="localhost_log." suffix=".txt" + timestamp="true"/> <!-- Define properties for each web application. This is only needed if you want to set non-default properties, or have web application document roots in places other than the virtual host's appBase directory. --> - <!-- Tomcat Root Context --> + <!-- Tomcat Root Context --> <!-- <Context path="" docBase="../moa-id-proxy.war" debug="0"/> --> @@ -145,13 +155,17 @@ --> <!-- Define an Apache-Connector Service --> <Service name="Tomcat-Apache"> - <Connector className="org.apache.catalina.connector.warp.WarpConnector" port="8008" minProcessors="5" maxProcessors="75" enableLookups="true" acceptCount="10" debug="0"/> + <Connector className="org.apache.catalina.connector.warp.WarpConnector" + port="8008" minProcessors="5" maxProcessors="75" + enableLookups="true" acceptCount="10" debug="0"/> <!-- Replace "localhost" with what your Apache "ServerName" is set to --> - <Engine className="org.apache.catalina.connector.warp.WarpEngine" name="Apache" debug="0" appBase="webapps"> + <Engine className="org.apache.catalina.connector.warp.WarpEngine" + name="Apache" debug="0" appBase="webapps"> <!-- Global logger unless overridden at lower levels --> - <Logger className="org.apache.catalina.logger.FileLogger" prefix="apache_log." suffix=".txt" timestamp="true"/> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="apache_log." suffix=".txt" timestamp="true"/> <!-- Because this Realm is here, an instance will be shared globally --> <Realm className="org.apache.catalina.realm.MemoryRealm"/> </Engine> </Service> -</Server> +</Server>
\ No newline at end of file |