aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/main/resources
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-02-18 13:47:14 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-02-18 13:47:14 +0100
commitbf086cff8ef680b73ca0300147c3c3b70ab32ae0 (patch)
tree1174cdc916982f5f879cde1fc587147a7dced63d /id/server/idserverlib/src/main/resources
parent570527d48e3bf03444cdda08a4c1bcf8e7d4ff42 (diff)
parent271e22add71f0260f5d421844a2171a09093f505 (diff)
downloadmoa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.tar.gz
moa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.tar.bz2
moa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.zip
Merge branch 'datentechnik_modularization' into moa-id-2.2-merge
Conflicts: id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java id/server/stork2-commons/pom.xml id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/.svn/entries id/server/stork2-commons/src/main/resources/.svn/entries id/server/stork2-saml-engine/pom.xml pom.xml
Diffstat (limited to 'id/server/idserverlib/src/main/resources')
-rw-r--r--id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule2
-rw-r--r--id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml44
-rw-r--r--id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd53
-rw-r--r--id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties8
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html2
-rw-r--r--id/server/idserverlib/src/main/resources/resources/templates/slo_template.html2
7 files changed, 109 insertions, 4 deletions
diff --git a/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule
new file mode 100644
index 000000000..865096055
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.auth.modules.AuthModule
@@ -0,0 +1,2 @@
+# The default moaid process
+at.gv.egovernment.moa.id.auth.modules.internal.DefaultAuthModuleImpl
diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
new file mode 100644
index 000000000..3860ddef4
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/auth/modules/internal/DefaultAuthentication.process.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="DefaultAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+<!--
+ - National authentication with Austrian Citizen Card and mobile signature with our without mandate.
+ - Legacy authentication for foreign citizens using MOCCA supported signature cards.
+-->
+ <pd:Task id="createIdentityLinkForm" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CreateIdentityLinkFormTask" />
+ <pd:Task id="verifyIdentityLink" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyIdentityLinkTask" async="true" />
+ <pd:Task id="verifyAuthBlock" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyAuthenticationBlockTask" async="true" />
+ <pd:Task id="verifyCertificate" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.VerifyCertificateTask" async="true" />
+ <pd:Task id="getMISSessionID" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetMISSessionIDTask" async="true" />
+ <pd:Task id="certificateReadRequest" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.CertificateReadRequestTask" />
+ <pd:Task id="prepareAuthBlockSignature" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.PrepareAuthBlockSignatureTask" />
+ <pd:Task id="getForeignID" class="at.gv.egovernment.moa.id.auth.modules.internal.tasks.GetForeignIDTask" async="true" />
+
+ <!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
+ <pd:StartEvent id="start" />
+
+ <pd:Transition from="start" to="createIdentityLinkForm" />
+
+ <pd:Transition from="createIdentityLinkForm" to="verifyIdentityLink" />
+
+ <pd:Transition from="verifyIdentityLink" to="certificateReadRequest" conditionExpression="!ctx['identityLinkAvailable'] || ctx['useMandate']" />
+ <pd:Transition from="verifyIdentityLink" to="prepareAuthBlockSignature" />
+
+ <pd:Transition from="prepareAuthBlockSignature" to="verifyAuthBlock" />
+ <!-- Note: verifyAuthBlock still creates a MIS session and redirects the user to the MIS gui. This should be separated from the auth block verification. -->
+
+ <pd:Transition from="certificateReadRequest" to="verifyCertificate" />
+ <!-- Note: verifyCertificate still creates the auth block to be signed which should be separated from certificat verification. -->
+
+ <pd:Transition from="verifyCertificate" to="verifyAuthBlock" conditionExpression="ctx['useMandate']" />
+ <pd:Transition from="verifyCertificate" to="getForeignID" />
+
+ <pd:Transition from="verifyAuthBlock" to="getMISSessionID" conditionExpression="ctx['useMandate']" />
+ <pd:Transition from="verifyAuthBlock" to="end" />
+
+ <pd:Transition from="getMISSessionID" to="end" />
+ <pd:Transition from="getForeignID" to="end" />
+
+ <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd
new file mode 100644
index 000000000..d6ab7ae46
--- /dev/null
+++ b/id/server/idserverlib/src/main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd
@@ -0,0 +1,53 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+ targetNamespace="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ elementFormDefault="qualified" version="1.0">
+
+ <xsd:element name="ProcessDefinition">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element name="StartEvent" type="tns:StartEventType" />
+ <xsd:element name="Task" type="tns:TaskType" />
+ <xsd:element name="Transition" type="tns:TransitionType" />
+ <xsd:element name="EndEvent" type="tns:EndEventType" />
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="id" type="xsd:ID" use="required" />
+ </xsd:complexType>
+ </xsd:element>
+
+ <xsd:complexType name="ProcessNodeType" abstract="true">
+ <xsd:attribute name="id" type="xsd:ID" use="required" />
+ </xsd:complexType>
+
+ <xsd:complexType name="StartEventType">
+ <xsd:complexContent>
+ <xsd:extension base="tns:ProcessNodeType" />
+ </xsd:complexContent>
+ </xsd:complexType>
+
+ <xsd:complexType name="TransitionType">
+ <xsd:attribute name="from" type="xsd:IDREF" use="required" />
+ <xsd:attribute name="to" type="xsd:IDREF" use="required" />
+ <xsd:attribute name="id" type="xsd:ID" />
+ <xsd:attribute name="conditionExpression" type="xsd:string" />
+ </xsd:complexType>
+
+ <xsd:complexType name="EndEventType">
+ <xsd:complexContent>
+ <xsd:extension base="tns:ProcessNodeType" />
+ </xsd:complexContent>
+ </xsd:complexType>
+
+ <xsd:complexType name="TaskType">
+ <xsd:complexContent>
+ <xsd:extension base="tns:ProcessNodeType">
+ <xsd:attribute name="async" type="xsd:boolean" default="false"/>
+ <xsd:attribute name="class" type="xsd:string" />
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+
+</xsd:schema>
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 8fda4566c..ad01644a1 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -229,6 +229,9 @@ stork.18=STORK-SAML Engine konnte nicht initialisiert werden.
stork.19=Das erforderliche Attribut ist f\u00FCr naturliche Personen nicht vorhanden\: {0}
stork.20=Fehler bei der Datenkonversion - eingegebens Datum fehlerhaft
stork.21=Der angeforderte QAA-level {0} ist h\u00F6her als der QAA-level der Authentifizierung {1}
+stork.22=Der STORK Authentifizierung erfordert die Auswahl des Herkunftslandes der Betroffenen.
+stork.23=Die STORK Authentifizierung f\u00FCr "{0}" wird nicht unterst\u00FCtzt.
+stork.24=Die STORK Authentifizierungsantwort enth\uFFFDlt leere Angaben zum Geschlecht.
pvp2.00={0} ist kein gueltiger consumer service index
pvp2.01=Fehler beim kodieren der PVP2 Antwort
@@ -266,4 +269,7 @@ oauth20.09=Zertifikat fuer JSON Web-Token ist falsch konfiguriert. Fehler bei "{
slo.00=Sie konnten erfolgreich von allen Online-Applikation abgemeldet werden.
slo.01=Sie konnten NICHT erfolgreich von allen Online-Applikationen abgemeldet werden\!<BR>Bitte schlie\u00DFen Sie aus sicherheitsgr\u00FCnden Ihren Browser.
-slo.02=Es wurde keine aktive SSO Session gefunden oder Sie sind bei keiner Online-Applikation angemeldet. \ No newline at end of file
+slo.02=Es wurde keine aktive SSO Session gefunden oder Sie sind bei keiner Online-Applikation angemeldet.
+
+process.01=Fehler beim Ausf\u00FChren des Prozesses.
+process.02=Fehler beim Erstellen eines geeigneten Prozesses f\u00FCr die SessionID {0}.
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
index 7e2ddc491..e293d8456 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
@@ -837,7 +837,7 @@
src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
style="border: 0; width: 88px; height: 31px"
- src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
alt="CSS ist valide!" />
</a>
</div>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
index e75bef70c..033a574b9 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
@@ -545,7 +545,7 @@ button:hover,button:focus,button:active,.sendButton:hover,.sendButton:focus,.sen
src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
style="border: 0; width: 88px; height: 31px"
- src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
alt="CSS ist valide!" />
</a>
</div>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
index b241e85cf..8976b2bd6 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/slo_template.html
@@ -436,7 +436,7 @@
src="$contextpath/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
</a> <a href="http://jigsaw.w3.org/css-validator/"> <img
style="border: 0; width: 88px; height: 31px"
- src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ src="https://jigsaw.w3.org/css-validator/images/vcss-blue"
alt="CSS ist valide!" />
</a>
</div>