diff options
author | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-16 18:34:17 +0200 |
---|---|---|
committer | Thomas Lenz <tlenz@iaik.tugraz.at> | 2018-07-16 18:34:17 +0200 |
commit | 43b57a3c903669fc9de36c46e99773bac97a2102 (patch) | |
tree | 1e5cd74c040f79709d0265acb134bb50085848e3 /id/server/data/deploy | |
parent | 05d5c29bb3be38d40484f9c5bb5fdbdc131cba9f (diff) | |
parent | 4ae32fabc822b3c8ed51d380969f7db682d1bfae (diff) | |
download | moa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.tar.gz moa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.tar.bz2 moa-id-spss-43b57a3c903669fc9de36c46e99773bac97a2102.zip |
Merge branch 'huge_refactoring' into development_preview
# Conflicts:
# id/server/doc/handbook/config/config.html
# id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameterDecorator.java
# id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
# id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
# id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
Diffstat (limited to 'id/server/data/deploy')
14 files changed, 601 insertions, 749 deletions
diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html index fe9bc2166..4e548e58c 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html @@ -4,7 +4,7 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> @@ -26,8 +26,8 @@ <div id="mandateLogin" class="$MANDATEVISIBLE"> <div> <input tabindex="1" type="checkbox" name="Mandate" - id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED> - <label for="mandateCheckBox" class="verticalcenter">in + id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED> + <label for="mandateCheckBox" class="mandate">in Vertretung anmelden</label> <!--a href="info_mandates.html" target="_blank" @@ -37,31 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" /> + <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/> - <!-- Remove support for Online BKU and swith the card button to local BKU--> - <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /--> + <!-- Remove support for Online BKU and swith the card button to local BKU--> + <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /--> - <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="$bkuLocal" /> - <input type="hidden" name="useMandate" id="useMandate" /> - <input type="hidden" name="SSO" id="useSSO" /> - <input type="hidden" name="ccc" id="ccc" /> - <input type="hidden" name="pendingid" value="$pendingReqID" /> - <input type="submit" value=" Karte " tabindex="4" role="button"> - </form> + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Karte " tabindex="5" role="button" /> + </form> - <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe> + <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe> - <!-- BKU detection with static template--> - <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe--> - - </div> - <div id="bkuhandy"> - <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" /> - <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" /> - </div> - </div> + <!-- BKU detection with static template--> + <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe--> + </div> + + <div id="bkuhandy"> + <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" /> + <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" /> + </div> + + + <div id="bkueulogin" class="$eIDASVisible"> + <img id="eIDASImage" class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" /> + <form method="get" id="moaideIDASform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> + <input type="hidden" name="useeIDAS" value="true" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input id="buttonEULogin" name="bkuButtonEULogin" type="submit" role="button" value="EULogin" /> + </form> + </div> <!--div id="localBKU"> <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> @@ -80,7 +90,11 @@ <!--div id="ssoSessionTransferBlock"> <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - + + + + + <!-- <div id="stork" align="center" class="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -88,9 +102,9 @@ $countryList </select> <button id="eIDASButton" name="bkuButton" type="button">Proceed</button> - <!--a href="info_stork.html" target="_blank" class="infobutton">i</a--> + a href="info_stork.html" target="_blank" class="infobutton">i</a </p> - </div> + </div>--> <div id="metroDetected" class="unvisible"> <p>Anscheinend verwenden Sie Internet Explorer im diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css index c8de82c50..40e8eae7a 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css @@ -1,687 +1,368 @@ @charset "utf-8"; - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: left; + background-color: #E6E6E6; + } + + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #page { + display: block; + margin: 0 auto; + margin-top: 5%; + position: relative; + background: rgb(255,255,255); + } - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - /*width: 250px;*/ - text-align: center; - } + #page1 { + padding-top: 1%; + text-align: center; + } - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - #alert_area { - width: 500px; - padding-left: 80px; - } - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - /*margin-top: 30px;*/ - margin: auto; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - + #main { + float:left; + width: 100%; + text-align: center; + } + + h2#tabheader{ + font-size: 1.0em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + #bkulogin { + min-width: 200px; + min-height: 155px; + margin-bottom: 5%; + } + #mandateLogin { + padding-bottom: 1%; + padding-top: 2%; + position: relative; + text-align: left; } - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } + .unvisible { + visibility: hidden; } - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } + .OA_header { + /* background-color: white;*/ + font-size: 2.1em; + margin-bottom: 1%; + margin-top: 1%; + } - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 1%; + margin-bottom: 1%; } - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } + #processInfoArea { + margin-bottom: 4%; + margin-top: 4%; + } + + #processSelectionArea { + width: 550px; + margin-left: 25px; + margin-top: 35px; + } + + .processSelectionButtonArea { + float: none; + margin-bottom: 5%; + height: 35px; + } + + .processSelectionButton { + background: #ababab; + cursor: pointer; + height: 40px; + width: 200px; + float: right; + } + + .buttonDescription { + float: left; + margin-left: 10px; + padding-bottom: 0.4em; + text-align: left; + width: 60%; + } + + #processContent { + margin-top: 10%; } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } + + #eIDASSelection { + width: 120px; + margin-right: 5px; } + #bkukarte { + float:left; + width:33%; + text-align:center; + margin-top: 2%; + } - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: $MAIN_BACKGOUNDCOLOR; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #alert_area { - visibility: visible; - width: 250px; - } - #alert_area > p:first-child { - display: none; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 155px; - } + #bkuhandy { + float:left; + width:33%; + text-align:center; + margin-top: 2%; + } + + #bkueulogin { + display:block; + float:left; + text-align:center; + width:33%; + margin-top: 2%; + } + + .bkuimage { + width: 55%; + } + + input { + width:auto; + cursor: pointer; - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button],input[type=submit] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - #if($FONTTYPE) - font-family: $FONTTYPE; - #end - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } + } + + #localBKU input { + display: inline-block; + + } - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + /*text-decoration: underline;*/ + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + - #ssoSessionTransferBlock { + #ssoSessionTransferBlock { clear: both; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - clear: both; - } + } + + #stork { + clear: both; + } - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } + - .verticalcenter { + .verticalcenter { vertical-align: middle; } + + .mandate{ + float: left; + margin-left: 2%; + font-size: 1.3em; + } - #mandateLogin div { + #mandateLogin div { clear: both; margin-top: -1%; position: relative; top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { + } + + #localBKU { padding-bottom: 4%; /*padding-top: 4%;*/ position: relative; clear: both; text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 60%; - height: auto; - margin-bottom: 10%; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: $BUTTON_BACKGROUNDCOLOR; - color: $BUTTON_COLOR; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: $BUTTON_BACKGROUNDCOLOR_FOCUS; - color: $BUTTON_COLOR; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: $BUTTON_COLOR; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - + } + + #selectArea { + width:90%; + padding-left: 4% + } - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : $MAIN_BACKGOUNDCOLOR; + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + #leftcontent { + width: 70%; + margin-bottom: 4%; + text-align: left; + border: 1px solid rgb(0,0,0); + margin:auto; + } + .hell { + background-color : $MAIN_BACKGOUNDCOLOR; color: $MAIN_COLOR; - } + } - .dunkel { - background-color: $HEADER_BACKGROUNDCOLOR; + .dunkel { + background-color: $HEADER_BACKGROUNDCOLOR; color: $HEADER_COLOR; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; + } + + +@media screen and (min-width: 650px) { + + #page { + width: 650px; + height: 460px; + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.85em; + /*border-radius: 5px;*/ + } + + #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ + font-size: 0.85em; + width:65% + } + + #mandateLogin { + font-size: 0.85em; + } + + #alert_area { + width: 500px; + padding-left: 80px; + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; } - #processInfoArea { - margin-bottom: 15px; + + #stork h2 { + font-size: 1.0em; + margin-bottom: 2%; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; margin-top: 15px; - } - #processSelectionArea { - width: 550px; - margin-left: 25px; - margin-top: 35px; - } - .processSelectionButtonArea { - float: none; - margin-bottom: 20px; - height: 35px; - } - .processSelectionButton { - background: #ababab; - cursor: pointer; - height: 30px; - width: 200px; - float: right; - border-style: solid; - border-bottom-width: 2px; - border-right-width: 2px; - border-left-width: 1px; - border-top-width: 1px; - border-color: #000000; - } - .buttonDescription { - float: left; - margin-left: 10px; - padding-top: 4px; - text-align: left; - width: 330px; - } - #processContent { - margin-top: 25px; - } - #eIDASButton { - /*color:#FFF;*/ - } - #eIDASSelection { - width: 120px; - margin-right: 5px; - } - .unvisible { + width: 100px; + height: 30px + } + + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } +} + + + +@media screen and (max-width: 649px) { + + body { + background-color:#fff; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; display: none; - }
\ No newline at end of file + } + + .OA_header { + margin-bottom: 0%; + margin-top: 0%; + font-size: 0pt; + visibility: hidden; + } + + #alert_area { + visibility: visible; + width: 250px; + } + + #alert_area > p:first-child { + display: none; + visibility: hidden; + } + + + h2#tabheader{ + font-size: 1.5em; + position: relative; + } + .mandate{ + font-size: 1.0em; + } + + #leftcontent { + float: left; + width:auto; + border:none; + visibility:visible; + margin-bottom: 2%; + } + .bkuimage { + width: 40%; + } + + #bkukarte { + box-sizing: border-box; + } + + #bkuhandy { + box-sizing: border-box; + } + + #bkueulogin { + box-sizing: border-box; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + input[type=button],input[type=submit] { + width:65%; + } +}
\ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js index 313f14b4a..15b82614c 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js @@ -84,9 +84,9 @@ function isIE() { /* setSSOSelection(); */ var ccc = "AT"; - var countrySelection = document.getElementById("eIDASSelection"); + var countrySelection = document.getElementById("cccSelection"); if (countrySelection != null) { - ccc = document.getElementById("eIDASSelection").value; + ccc = document.getElementById("cccSelection").value; } var iFrameURL = "$contextPath$submitEndpoint" + "?"; iFrameURL += "&pendingid=" + "$pendingReqID"; @@ -238,7 +238,22 @@ function isIE() { } function setUseMandateFlag(e) { /*document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);*/ - e.setAttribute("aria-checked", e.checked); + e.target.setAttribute("aria-checked", e.target.checked); + if (e.target.checked) { + var image = document.getElementById("eIDASImage"); + var srcatt = image.getAttribute("src"); + var last = srcatt.substring(srcatt.lastIndexOf('/')+1); + srcatt = srcatt.replace(last,'eIDAS_small_deactivated.png'); + image.setAttribute("src",srcatt); + document.getElementById("buttonEULogin").disabled=true; + } else { + var image = document.getElementById("eIDASImage"); + var srcatt = image.getAttribute("src"); + var last = srcatt.substring(srcatt.lastIndexOf('/')+1); + srcatt = srcatt.replace(last,'eIDAS_small.png'); + image.setAttribute("src",srcatt); + document.getElementById("buttonEULogin").disabled=false + } } document.addEventListener('resize', onChangeChecks); @@ -246,7 +261,7 @@ function isIE() { document.querySelector('#mandateCheckBox').addEventListener('click', setUseMandateFlag); document.querySelector('#moaidform>input[type=submit]').addEventListener('click', setMandateSelection); document.querySelector('#bkuhandy>input[type=button]').addEventListener('click', bkuHandyClicked); - document.querySelector('#stork button[type=button]').addEventListener('click', storkClicked); + document.querySelector('#moaideIDASform>input[type=submit]').addEventListener('click', setMandateSelection); onChangeChecks(); }); diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html index fe9bc2166..4e548e58c 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html @@ -4,7 +4,7 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/> <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> @@ -26,8 +26,8 @@ <div id="mandateLogin" class="$MANDATEVISIBLE"> <div> <input tabindex="1" type="checkbox" name="Mandate" - id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED> - <label for="mandateCheckBox" class="verticalcenter">in + id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED> + <label for="mandateCheckBox" class="mandate">in Vertretung anmelden</label> <!--a href="info_mandates.html" target="_blank" @@ -37,31 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" /> + <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/> - <!-- Remove support for Online BKU and swith the card button to local BKU--> - <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /--> + <!-- Remove support for Online BKU and swith the card button to local BKU--> + <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /--> - <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="$bkuLocal" /> - <input type="hidden" name="useMandate" id="useMandate" /> - <input type="hidden" name="SSO" id="useSSO" /> - <input type="hidden" name="ccc" id="ccc" /> - <input type="hidden" name="pendingid" value="$pendingReqID" /> - <input type="submit" value=" Karte " tabindex="4" role="button"> - </form> + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Karte " tabindex="5" role="button" /> + </form> - <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe> + <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe> - <!-- BKU detection with static template--> - <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe--> - - </div> - <div id="bkuhandy"> - <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" /> - <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" /> - </div> - </div> + <!-- BKU detection with static template--> + <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe--> + </div> + + <div id="bkuhandy"> + <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" /> + <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" /> + </div> + + + <div id="bkueulogin" class="$eIDASVisible"> + <img id="eIDASImage" class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" /> + <form method="get" id="moaideIDASform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> + <input type="hidden" name="useeIDAS" value="true" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input id="buttonEULogin" name="bkuButtonEULogin" type="submit" role="button" value="EULogin" /> + </form> + </div> <!--div id="localBKU"> <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> @@ -80,7 +90,11 @@ <!--div id="ssoSessionTransferBlock"> <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - + + + + + <!-- <div id="stork" align="center" class="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> @@ -88,9 +102,9 @@ $countryList </select> <button id="eIDASButton" name="bkuButton" type="button">Proceed</button> - <!--a href="info_stork.html" target="_blank" class="infobutton">i</a--> + a href="info_stork.html" target="_blank" class="infobutton">i</a </p> - </div> + </div>--> <div id="metroDetected" class="unvisible"> <p>Anscheinend verwenden Sie Internet Explorer im diff --git a/id/server/data/deploy/conf/moa-id/keys/sl20.jks b/id/server/data/deploy/conf/moa-id/keys/sl20.jks Binary files differnew file mode 100644 index 000000000..e1896b9e5 --- /dev/null +++ b/id/server/data/deploy/conf/moa-id/keys/sl20.jks diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties index 2c3b8a311..2914fcff1 100644 --- a/id/server/data/deploy/conf/moa-id/log4j.properties +++ b/id/server/data/deploy/conf/moa-id/log4j.properties @@ -5,6 +5,7 @@ org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFacto log4j.rootLogger=warn,stdout ### MOA-ID process log ### +log4j.logger.at.gv.egiz.eaaf=info,moaid log4j.logger.at.gv.egovernment.moa.id=info,moaid log4j.logger.at.gv.egovernment.moa.spss=info,moaid diff --git a/id/server/data/deploy/conf/moa-id/logback_config.xml b/id/server/data/deploy/conf/moa-id/logback_config.xml index c00e62e52..fa221fbc2 100644 --- a/id/server/data/deploy/conf/moa-id/logback_config.xml +++ b/id/server/data/deploy/conf/moa-id/logback_config.xml @@ -8,14 +8,11 @@ <!-- http://www.qos.ch/shop/products/professionalSupport --> <!-- --> <configuration> - <!-- Errors were reported during translation. --> - <!-- No class found for appender CONFIGTOOL R --> - <!-- Could not find transformer for null --> - <appender name="R" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender"> <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> <File>${catalina.base}/logs/moa-id.log</File> <encoder> - <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern> + <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern> </encoder> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> <maxIndex>1</maxIndex> @@ -25,14 +22,25 @@ <MaxFileSize>10000KB</MaxFileSize> </triggeringPolicy> </appender> - <appender name="CONFIGTOOL R"> - <!--No layout specified for appender named [CONFIGTOOL R] of class [null]--> + <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> + <File>${catalina.base}/logs/moa-spss.log</File> + <encoder> + <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern> + </encoder> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>1</maxIndex> + <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <MaxFileSize>10000KB</MaxFileSize> + </triggeringPolicy> </appender> <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender"> <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> <File>${catalina.base}/logs/moa-id-webgui.log</File> <encoder> - <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern> + <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern> </encoder> <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> <maxIndex>1</maxIndex> @@ -42,30 +50,56 @@ <MaxFileSize>10000KB</MaxFileSize> </triggeringPolicy> </appender> + <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender"> + <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender--> + <File>${catalina.base}/moa-id-reversion.log</File> + <encoder> + <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern> + </encoder> + <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy"> + <maxIndex>9999</maxIndex> + <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern> + </rollingPolicy> + <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy"> + <MaxFileSize>10000KB</MaxFileSize> + </triggeringPolicy> + </appender> <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender"> <encoder> - <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n</pattern> + <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern> </encoder> </appender> - <logger name="eu.stork" level="info"/> - <logger name="iaik.server" level="info"/> - <logger name="at.gv.egovernment.moa.id" level="info"> - <appender-ref ref="R"/> + <logger name="at.gv.egiz.eaaf" level="info"> + <appender-ref ref="moaid"/> + </logger> + <logger name="at.gv.egovernment.moa.spss" level="info"> + <appender-ref ref="moaspss"/> + </logger> + <logger name="pki" level="info"> + <appender-ref ref="moaspss"/> </logger> <logger name="at.gv.egovernment.moa.id.commons" level="info"> - <appender-ref ref="CONFIGTOOL R"/> + <appender-ref ref="CONFIGTOOL"/> </logger> - <logger name="org.hibernate" level="warn"/> - <logger name="at.gv.egiz.components.configuration" level="info"> + <logger name="at.gv.egovernment.moa.id.configuration" level="info"> <appender-ref ref="CONFIGTOOL"/> </logger> - <logger name="at.gv.egovernment.moa.id.proxy" level="info"/> + <logger name="at.gv.egiz.eventlog.plain.all" level="info"> + <appender-ref ref="reversion"/> + </logger> <logger name="at.gv.egovernment.moa.id.config.webgui" level="info"> <appender-ref ref="CONFIGTOOL"/> </logger> - <logger name="at.gv.egovernment.moa.spss" level="info"/> - <logger name="at.gv.egovernment.moa" level="info"/> - <root level="info"> + <logger name="at.gv.egiz.components.configuration" level="info"> + <appender-ref ref="CONFIGTOOL"/> + </logger> + <logger name="at.gv.egovernment.moa.id" level="info"> + <appender-ref ref="moaid"/> + </logger> + <logger name="iaik.server" level="info"> + <appender-ref ref="moaspss"/> + </logger> + <root level="warn"> <appender-ref ref="stdout"/> </root> </configuration> diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 24fe78261..6dddb454a 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -29,21 +29,26 @@ configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/moni #MOA-ID 3.x Advanced Logging configuration.advancedlogging.active=false -##Webservice Client Configuration -#MOA-SP webservice -#service.moasp.acceptedServerCertificates= -#service.moasp.clientKeyStore= -#service.moasp.clientKeyStorePassword= +######################## Externe Services ############################################ -#Online mandates webservice (MIS) +######## Online mandates webservice (MIS) ######## service.onlinemandates.acceptedServerCertificates= service.onlinemandates.clientKeyStore=keys/.... service.onlinemandates.clientKeyStorePassword= -#Foreign Identities (SZRGW) -service.foreignidentities.acceptedServerCertificates= -service.foreignidentities.clientKeyStore=keys/.... -service.foreignidentities.clientKeyStorePassword= +######## central eIDAS-node connector module ########## +modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 +modules.eidascentralauth.keystore.password=password +modules.eidascentralauth.metadata.sign.alias=pvp_metadata +modules.eidascentralauth.metadata.sign.password=password +modules.eidascentralauth.request.sign.alias=pvp_assertion +modules.eidascentralauth.request.sign.password=password +modules.eidascentralauth.response.encryption.alias=pvp_assertion +modules.eidascentralauth.response.encryption.password=password +modules.eidascentralauth.node.trustprofileID=centralnode_metadata + + +######################## Protokolle am IDP ############################################ ##Protocol configuration## #PVP2 @@ -63,9 +68,9 @@ protocols.oauth20.jwt.ks.password=password protocols.oauth20.jwt.ks.key.name=oauth protocols.oauth20.jwt.ks.key.password=password -##Database configuration## -configuration.database.byteBasedValues=false +######################## Datenbankkonfiguration ############################################ +configuration.database.byteBasedValues=false #Hibnerate configuration for MOA-ID 3.x session store moasession.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect @@ -147,11 +152,38 @@ advancedlogging.dbcp.testWhileIdle=false advancedlogging.dbcp.validationQuery=select 1 -################ Additonal eID-modul configuration #################################### -## This additional eID moduls add special functionality to MOA-ID-Auth. -## The configuration of this modules is only needed if this modules are in use. -######## -### eIDAS protocol configuration ### +################ Additonal eID-modul configuration ################################ +## This additional eID moduls add special functionality to MOA-ID-Auth. # +## The configuration of this modules is only needed if this modules are in use. # +################################################################################### + +######## SL2.0 authentication module ######## +modules.sl20.vda.urls.qualeID.endpoint.default=https://www.handy-signatur.at/securitylayer2 +modules.sl20.vda.urls.qualeID.endpoint.1=https://hs-abnahme.a-trust.at/securitylayer2 +modules.sl20.vda.urls.qualeID.endpoint.2=https://test1.a-trust.at/securitylayer2 +modules.sl20.security.keystore.path=keys/sl20.jks +modules.sl20.security.keystore.password=password +modules.sl20.security.sign.alias=signing +modules.sl20.security.sign.password=password +modules.sl20.security.encryption.alias=encryption +modules.sl20.security.encryption.password=password +modules.sl20.vda.authblock.id=default +modules.sl20.vda.authblock.transformation.id=SL20Authblock_v1.0,SL20Authblock_v1.0_SIC +modules.sl20.security.eID.validation.disable=false +modules.sl20.security.eID.signed.result.required=true +modules.sl20.security.eID.encryption.enabled=true +modules.sl20.security.eID.encryption.required=true + +######## user-restriction ########## +configuration.restrictions.sp.entityIds= +configuration.restrictions.sp.users.url= +configuration.restrictions.sp.users.sector= + +####### Direkte Fremd-bPK Berechnung ######## +configuration.foreignsectors.pubkey.xxxxTargetxxx= xxx BASE64-Cert xxx + +######## eIDAS protocol configuration ######## +######## This is ONLY required, if MOA-ID operates as an eIDAS node!!! ######## moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml @@ -160,7 +192,7 @@ moa.id.protocols.eIDAS.node.country=Austria moa.id.protocols.eIDAS.node.countrycode=AT moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high -### HBV Mandate-Service client module ### +######## HBV Mandate-Service client module ######## modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH modules.elga_mandate.service.metadata.trustprofileID= modules.elga_mandate.service.mandateprofiles= @@ -173,7 +205,7 @@ modules.elga_mandate.request.sign.password=password modules.elga_mandate.response.encryption.alias=pvp_assertion modules.elga_mandate.response.encryption.password=password -### SSO Interfederation client module ### +######## SSO Interfederation client module ######## modules.federatedAuth.keystore.path=keys/moa_idp[password].p12 modules.federatedAuth.keystore.password=password modules.federatedAuth.metadata.sign.alias=pvp_metadata @@ -183,8 +215,8 @@ modules.federatedAuth.request.sign.password=password modules.federatedAuth.response.encryption.alias=pvp_assertion modules.federatedAuth.response.encryption.password=password -#Redis Settings, if Redis is used as a backend for session data. -#has to be enabled with the following parameter +######## Redis Settings, if Redis is used as a backend for session data. +# has to be enabled with the following parameter #redis.active=true redis.use-pool=true redis.host-name=localhost diff --git a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml index 31fc8a16c..9dede486d 100644 --- a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml +++ b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml @@ -64,6 +64,10 @@ <cfg:Id>PVP_metadata</cfg:Id> <cfg:TrustAnchorsLocation>trustProfiles/PVP_metadata</cfg:TrustAnchorsLocation> </cfg:TrustProfile> + <cfg:TrustProfile> + <cfg:Id>centralnode_metadata</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/centralnode_metadata</cfg:TrustAnchorsLocation> + </cfg:TrustProfile> </cfg:PathValidation> <cfg:RevocationChecking> <cfg:EnableChecking>true</cfg:EnableChecking> @@ -125,5 +129,16 @@ <cfg:Id>MOAIDTransformAuthBlockTable_EN</cfg:Id> <cfg:Location>profiles/MOAIDTransformAuthBlockTable_EN.xml</cfg:Location> </cfg:VerifyTransformsInfoProfile> + + <!-- AuthBlock transformations for Security Layer v2.0 --> + <cfg:VerifyTransformsInfoProfile> + <cfg:Id>SL20Authblock_v1.0</cfg:Id> + <cfg:Location>profiles/SL20_authblock_v1.0.xml</cfg:Location> + </cfg:VerifyTransformsInfoProfile> + <cfg:VerifyTransformsInfoProfile> + <cfg:Id>SL20Authblock_v1.0_SIC</cfg:Id> + <cfg:Location>profiles/SL20_authblock_v1.0_SIC.xml</cfg:Location> + </cfg:VerifyTransformsInfoProfile> + </cfg:SignatureVerification> </cfg:MOAConfiguration> diff --git a/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml new file mode 100644 index 000000000..e67b1f5ce --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="saml2" version="1.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><xsl:output method="xml" xml:space="default" /><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Signatur der Anmeldedaten</title><style media="screen" type="text/css"> + .normalstyle { font-size: medium; } + .italicstyle { font-size: medium; font-style: italic; } + .titlestyle { text-decoration:underline; font-weight:bold; font-size: medium; } + .h4style { font-size: large; } + .hidden {display: none; } + </style></head><body><h4 class="h4style">Anmeldedaten:</h4><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue)"><tr><td class="italicstyle">Vorname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue)"><tr><td class="italicstyle">Nachname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">Vollmacht: </td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Identifikator: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderUniqueId']/saml2:AttributeValue" /></td></tr><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue)"><tr><td class="italicstyle">Name: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue)"><tr><td class="italicstyle">Staat: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue" /></td></tr></xsl:if></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,9,2)" /><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,6,2)" /><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,1,4)" /></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,12,2)" /><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,15,2)" /><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,18,2)" /></td></tr><tr><td class="italicstyle">TransaktionsToken: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/@ID" /></td></tr><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle"> + Vollmachten-Referenz: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue" /></td></tr></xsl:if><tr class="hidden"><td class="italicstyle">DataURL: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience" /></td></tr><xsl:if test="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"><tr class="hidden"><td class="italicstyle">AuthBlockValidTo: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter" /></td></tr></xsl:if></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></dsig:Transforms></VerifyTransformsInfoProfile> diff --git a/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml new file mode 100644 index 000000000..741013cd1 --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml @@ -0,0 +1,8 @@ +<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="saml2" version="1.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><xsl:output method="xml" xmlns:xml="http://www.w3.org/XML/1998/namespace" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Signatur der Anmeldedaten</title><style media="screen" type="text/css"> + .normalstyle { font-size: medium; } + .italicstyle { font-size: medium; font-style: italic; } + .titlestyle { text-decoration:underline; font-weight:bold; font-size: medium; } + .h4style { font-size: large; } + .hidden {display: none; } + </style></head><body><h4 class="h4style">Anmeldedaten:</h4><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue)"><tr><td class="italicstyle">Vorname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue)"><tr><td class="italicstyle">Nachname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">Vollmacht: </td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Identifikator: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderUniqueId']/saml2:AttributeValue"/></td></tr><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue)"><tr><td class="italicstyle">Name: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue)"><tr><td class="italicstyle">Staat: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue"/></td></tr></xsl:if></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,18,2)"/></td></tr><tr><td class="italicstyle">TransaktionsTokken: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/@ID"/></td></tr><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle"> + Vollmachten-Referenz: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"/></td></tr></xsl:if><tr class="hidden"><td class="italicstyle">DataURL: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience"/></td></tr><xsl:if test="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"><tr class="hidden"><td class="italicstyle">AuthBlockValidTo: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"/></td></tr></xsl:if></table></body></html></xsl:template></xsl:stylesheet></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms></VerifyTransformsInfoProfile> diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt new file mode 100644 index 000000000..2babcef6a --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEFTCCAn0CBFtIcMwwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCQVQxDTAL +BgNVBAoMBEVHSVoxMTAvBgNVBAMMKG5hdGlvbmFsIGNlbnRyYWwgZUlEQVMgbm9k +ZSAtIHRlc3RzeXN0ZW0wHhcNMTgwNzEzMDkyODQ0WhcNMjEwNDA3MDkyODQ0WjBP +MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjExMC8GA1UEAwwobmF0aW9uYWwg +Y2VudHJhbCBlSURBUyBub2RlIC0gdGVzdHN5c3RlbTCCAaIwDQYJKoZIhvcNAQEB +BQADggGPADCCAYoCggGBALK4bdf5OremKkj0+xCjU0eN7RUd1A2VqoGnvFUst7xj +LQ1PspHiDf9Pm2cwOIJabSnuZ01hYAGz9X+lU3Z3fwhVc+tEsuzsaAml/LPw3i3+ +ppoSTJDMiDvhCoUKTzJ8HBQj2gTvXNlqPljyGneuCJ+uBMr7Okq/XjMTJj2xzvut +rHS3qIO+/w+OkY967QLVRXh0bdFqYqnyAnlYcWJPIwjanOJtE2difPYqers7ZW1F +9djP0+IZRoyaook5rpLYvuQTHuvulgIE3zGlTuOx3sk8zMyInMndqi75Eh+ROnnd +SZE7gN3u5CfFpuO5pxFa2jj1h/AnR39Tg8/sU+Se+AwHrNvee3IWhxk5LkelYevf +eCQos7Dv2ASE9XMCCs7FoE47w8fDalECh09MFKDiotpklbq3OrPg9NQ4D//k0GXl +W5jYUKP/Wq/+suAI6mfhSnNkjOGMcMlzNTmwxGD/v7Py6OVA+YcJQsqYalLrqbvT +2tXVmYBVO3oqafg+kfevfwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBgQCioM8k0EEB +FtY4QyxOYFufPDLw9PNPct01ltnTVjNEEt/L6/8zYlDwrDeULEkJS7mV9zV3657N +PQ5IPT/Ib93Uk/RPi0iOA2CGWIMaDQIODN3BUYr+zPUqhbKS6OWOhTgV8GiRCUbx +rT1uc1AiacP63pga3TJX8k8WFnfW+Dqm2MfWWlxr4X2YB9VUW55X5sBNy035jYhE +pp8NCK/fTAhoEQNCG+rm3T9qhT6YyOnbW2kXU747+ZwXT2qA5o4ya/9+6dDc+LUl +HCEm4X7c6bcGvCfNezB4k56FzbAJlOLf2VDGzvEQBf0hsB+kElezm1VBlEkZ4Mjz +pBpHBMoR21SwTpcvrbR4ig0Bk1eEHNK44sw0F32K5yww3gnJftMIZtPhjhk8UdG2 +/H6vs9s/to2Vj4V6wN4o79RTULoQ8RjL6MPWEWzwOvOZXJAo2XJEECvDivSjIJvN +C0lfrK3zI3LH3c1JR6q2EfeCZ50wTJMFoChSaqunJQXKo81g6wNhP00= +-----END CERTIFICATE----- diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh index 9e292540a..d717ecd25 100644 --- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -4,6 +4,9 @@ export JAVA_HOME= <insert java home directory (no trailing path separator)> export CATALINA_HOME= <insert Tomcat home directory (no trailing path separator)>
export CATALINA_BASE=$CATALINA_HOME
+FILE_ENCODING=-Dfile.encoding=UTF-8
+RAND_FILE=-Djava.security.egd=file:///dev/urandom
+
LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml
@@ -21,7 +24,7 @@ PROXY_OPT=-Dmoa.id.proxy.configuration=$CATALINA_BASE/conf/moa-id-proxy/MOAIDCon #TRUST_STORE_PASS_OPT=-Djavax.net.ssl.trustStorePassword=changeit
#TRUST_STORE_TYPE_OPT=-Djavax.net.ssl.trustStoreType=jks
-export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m"
+export CATALINA_OPTS="$FILE_ENCODING $RAND_FILE $CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m"
echo CATALINA_HOME: $CATALINA_HOME
echo CATALINA_BASE: $CATALINA_BASE
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat index 325ae1f20..afdd907c8 100644 --- a/id/server/data/deploy/tomcat/win32/startTomcat.bat +++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat @@ -9,6 +9,9 @@ set CATALINA_HOME=<Tomcat home directory> rem ----------------------------------------------------------------------------------------------
+set FILE_ENCODING=-Dfile.encoding=UTF-8
+set RAND_FILE=-Djava.security.egd=file:///dev/urandom
+
set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties
set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml
@@ -20,7 +23,7 @@ set DEMOOA_OPT=-Dmoa.id.demoOA=%CATALINA_HOME%/conf/moa-id-oa/oa.properties set STORK_OPT=-Deu.stork.samlengine.config.location=%CATALINA_HOME%/conf/moa-id/stork/
set PROXY_OPT=-Dmoa.id.proxy.configuration=%CATALINA_HOME%/conf/moa-id-proxy/MOAIDConfiguration.xml
-set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m
+set PARAMS_MOA=%FILE_ENCODING %RAND_FILE %CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m
rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks
rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit
|