aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-04-10 14:23:14 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-04-10 14:23:14 +0200
commit42819b8b0bc4a99a0e9ff47ea9d4b3228bc0648f (patch)
tree842d5ecf5ee93aba2e87c4e0b8cef62c3f582ca6 /id/server
parent47615b97181da1c25881bdd4e9b61256476ce5b4 (diff)
downloadmoa-id-spss-42819b8b0bc4a99a0e9ff47ea9d4b3228bc0648f.tar.gz
moa-id-spss-42819b8b0bc4a99a0e9ff47ea9d4b3228bc0648f.tar.bz2
moa-id-spss-42819b8b0bc4a99a0e9ff47ea9d4b3228bc0648f.zip
update handbook and default configuration
Diffstat (limited to 'id/server')
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/keys/application[password].p12 (renamed from id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.p12)bin7885 -> 7885 bytes
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.crt24
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/keys/request.crt (renamed from id/server/data/deploy/conf/moa-id-configuration/keys/assertion.crt)0
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties8
-rw-r--r--id/server/data/deploy/conf/moa-id-oa/keys/application[password].p12 (renamed from id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.p12)bin7885 -> 7885 bytes
-rw-r--r--id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.crt24
-rw-r--r--id/server/data/deploy/conf/moa-id-oa/oa.properties11
-rw-r--r--id/server/data/deploy/conf/moa-id/keys/moa_idp[password].p12bin0 -> 5346 bytes
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties11
-rw-r--r--id/server/doc/conf/Catalina/localhost/proxy.xml25
-rw-r--r--id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html846
-rw-r--r--id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html617
-rw-r--r--id/server/doc/conf/moa-id-configuration/keys/assertion.crt24
-rw-r--r--id/server/doc/conf/moa-id-configuration/keys/encryption.crt (renamed from id/server/data/deploy/conf/moa-id/keys/encryption.crt)0
-rw-r--r--id/server/doc/conf/moa-id-configuration/keys/metadata.crt24
-rw-r--r--id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12 (renamed from id/server/data/deploy/conf/moa-id/keys/moa_idp.p12)bin7885 -> 7885 bytes
-rw-r--r--id/server/doc/conf/moa-id-configuration/mail/activation_template.html39
-rw-r--r--id/server/doc/conf/moa-id-configuration/mail/admin_template.html40
-rw-r--r--id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html37
-rw-r--r--id/server/doc/conf/moa-id-configuration/mail/rejected_template.html37
-rw-r--r--id/server/doc/conf/moa-id-configuration/mail/verification_template.html43
-rw-r--r--id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties77
-rw-r--r--id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml7
-rw-r--r--id/server/doc/conf/moa-id-oa/keys/application[password].p12bin0 -> 7885 bytes
-rw-r--r--id/server/doc/conf/moa-id-oa/keys/assertion.crt24
-rw-r--r--id/server/doc/conf/moa-id-oa/keys/encryption.crt24
-rw-r--r--id/server/doc/conf/moa-id-oa/keys/metadata.crt24
-rw-r--r--id/server/doc/conf/moa-id-oa/oa.properties21
-rw-r--r--id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml67
-rw-r--r--id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp53
-rw-r--r--id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp13
-rw-r--r--id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp53
-rw-r--r--id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp13
-rw-r--r--id/server/doc/conf/moa-id/MOAIdentities.xsd59
-rw-r--r--id/server/doc/conf/moa-id/SampleIdentities.xml34
-rw-r--r--id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cerbin0 -> 1147 bytes
-rw-r--r--id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cerbin0 -> 1356 bytes
-rw-r--r--id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt33
-rw-r--r--id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html846
-rw-r--r--id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html617
-rw-r--r--id/server/doc/conf/moa-id/keys/assertion.crt24
-rw-r--r--id/server/doc/conf/moa-id/keys/encryption.crt24
-rw-r--r--id/server/doc/conf/moa-id/keys/metadata.crt24
-rw-r--r--id/server/doc/conf/moa-id/keys/moa_idp[password].p12bin0 -> 7885 bytes
-rw-r--r--id/server/doc/conf/moa-id/keys/storkDemoKeys.jksbin0 -> 9023 bytes
-rw-r--r--id/server/doc/conf/moa-id/log4j.properties27
-rw-r--r--id/server/doc/conf/moa-id/moa-id.properties117
-rw-r--r--id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt18
-rw-r--r--id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml87
-rw-r--r--id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml9
-rw-r--r--id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml10
-rw-r--r--id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml10
-rw-r--r--id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml9
-rw-r--r--id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml9
-rw-r--r--id/server/doc/conf/moa-id/stork/SamlEngine.xml70
-rw-r--r--id/server/doc/conf/moa-id/stork/SignModule_incoming.xml12
-rw-r--r--id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml12
-rw-r--r--id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml12
-rw-r--r--id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml94
-rw-r--r--id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml94
-rw-r--r--id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml94
-rw-r--r--id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml94
-rw-r--r--id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jksbin0 -> 3013 bytes
-rw-r--r--id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jksbin0 -> 4592 bytes
-rw-r--r--id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml161
-rw-r--r--id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml7
-rw-r--r--id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml161
-rw-r--r--id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml83
-rw-r--r--id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201bin0 -> 1385 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9bin0 -> 991 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330bin0 -> 995 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2bin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03bin0 -> 1205 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317bin0 -> 1262 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27bin0 -> 1171 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923Ebin0 -> 1747 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907Cbin0 -> 1272 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2Abin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2Bbin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22bin0 -> 1147 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6bin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748Ebin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724Abin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7Abin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515bin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92bin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374bin0 -> 1167 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914bin0 -> 1028 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FAbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8bin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29bin0 -> 2278 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6bin0 -> 1185 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cerbin0 -> 1485 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cerbin0 -> 1147 bytes
-rw-r--r--id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crtbin0 -> 1185 bytes
-rw-r--r--id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml159
-rw-r--r--id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml7
-rw-r--r--id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml159
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.derbin0 -> 1076 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12bin0 -> 4893 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystorebin0 -> 1202 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.derbin0 -> 1076 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12bin0 -> 4893 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystorebin0 -> 1202 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.derbin0 -> 1115 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystorebin0 -> 4481 bytes
-rw-r--r--id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystorebin0 -> 1078 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer16
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer21
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer32
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer31
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer43
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer21
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer33
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer31
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cerbin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cerbin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cerbin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cerbin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cerbin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cerbin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cerbin0 -> 1485 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.derbin0 -> 1747 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cerbin0 -> 1262 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cerbin0 -> 1028 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cerbin0 -> 991 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cerbin0 -> 995 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cerbin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cerbin0 -> 901 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cerbin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cerbin0 -> 1110 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cerbin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cerbin0 -> 1111 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cerbin0 -> 975 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cerbin0 -> 1485 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.derbin0 -> 1747 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cerbin0 -> 2278 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cerbin0 -> 1272 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cerbin0 -> 1205 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cerbin0 -> 1385 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cerbin0 -> 1167 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cerbin0 -> 1171 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cerbin0 -> 2278 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cerbin0 -> 979 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cerbin0 -> 1205 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cerbin0 -> 1385 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cerbin0 -> 1167 bytes
-rw-r--r--id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cerbin0 -> 1171 bytes
-rw-r--r--id/server/doc/handbook/application/application.html24
-rw-r--r--id/server/doc/handbook/config/config.html42
-rw-r--r--id/server/doc/handbook/install/install.html10
163 files changed, 5627 insertions, 39 deletions
diff --git a/id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.p12 b/id/server/data/deploy/conf/moa-id-configuration/keys/application[password].p12
index 78cab1e89..78cab1e89 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.p12
+++ b/id/server/data/deploy/conf/moa-id-configuration/keys/application[password].p12
Binary files differ
diff --git a/id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.crt b/id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.crt
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-configuration/keys/moa_idp.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id-configuration/keys/assertion.crt b/id/server/data/deploy/conf/moa-id-configuration/keys/request.crt
index aa4e23cb1..aa4e23cb1 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/keys/assertion.crt
+++ b/id/server/data/deploy/conf/moa-id-configuration/keys/request.crt
diff --git a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
index 05b5fbdef..939066f37 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
+++ b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
@@ -1,3 +1,9 @@
+********
+*
+*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
+*
+******
+
#General config
general.login.deaktivate=false
general.publicURLContext=https://localhost:8443/moa-id-configuration
@@ -39,7 +45,7 @@ general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
general.login.pvp2.idp.sso.logout.url=https://localhost:8443/moa-id-auth/LogOut?redirect=
general.login.pvp2.metadata.entities.name=MOA-ID 2.x Configuration Tool
-general.login.pvp2.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/application.p12
+general.login.pvp2.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/application[password].p12
general.login.pvp2.keystore.password=password
general.login.pvp2.keystore.type=PKCS12
diff --git a/id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.p12 b/id/server/data/deploy/conf/moa-id-oa/keys/application[password].p12
index 78cab1e89..78cab1e89 100644
--- a/id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.p12
+++ b/id/server/data/deploy/conf/moa-id-oa/keys/application[password].p12
Binary files differ
diff --git a/id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.crt b/id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.crt
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-oa/keys/moa_idp.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id-oa/oa.properties b/id/server/data/deploy/conf/moa-id-oa/oa.properties
index 1a3684fcb..f247dcea6 100644
--- a/id/server/data/deploy/conf/moa-id-oa/oa.properties
+++ b/id/server/data/deploy/conf/moa-id-oa/oa.properties
@@ -1,11 +1,18 @@
+********
+*
+*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
+*
+******
+
+general.publicURLContext=https://localhost:8443/moa-id-oa
+
general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata
general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/moa_idp.crt
general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
general.login.pvp2.OA.metadata.entities.name=MOA-ID 2.x Demo-Application
-general.login.pvp2.OA.metadata.entity.name=https://localhost:8443/oa
-general.login.pvp2.OA.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/application.p12
+general.login.pvp2.OA.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/application[password].p12
general.login.pvp2.OA.keystore.password=password
general.login.pvp2.OA.keystore.type=PKCS12
diff --git a/id/server/data/deploy/conf/moa-id/keys/moa_idp[password].p12 b/id/server/data/deploy/conf/moa-id/keys/moa_idp[password].p12
new file mode 100644
index 000000000..25f585be5
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/keys/moa_idp[password].p12
Binary files differ
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index bf9cf84d0..562645e1b 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -1,3 +1,10 @@
+********
+*
+*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
+*
+******
+
+
##General MOA-ID 2.0 Configuration
#MOA-ID 2.0 XML configuration files (necessary, if inmemory database is used)
@@ -38,7 +45,7 @@ service.foreignidentities.clientKeyStorePassword=
##Protocol configuration##
#PVP2
-protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12
+protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
protocols.pvp2.idp.ks.kspassword=password
protocols.pvp2.idp.ks.metadata.alias=pvp_metadata
protocols.pvp2.idp.ks.metadata.keypassword=password
@@ -46,7 +53,7 @@ protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion
protocols.pvp2.idp.ks.assertion.sign.keypassword=password
#OpenID connect (OAuth)
-protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12
+protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
protocols.oauth20.jwt.ks.password=password
protocols.oauth20.jwt.ks.key.name=oauth
protocols.oauth20.jwt.ks.key.password=password
diff --git a/id/server/doc/conf/Catalina/localhost/proxy.xml b/id/server/doc/conf/Catalina/localhost/proxy.xml
new file mode 100644
index 000000000..eef60b953
--- /dev/null
+++ b/id/server/doc/conf/Catalina/localhost/proxy.xml
@@ -0,0 +1,25 @@
+<!--
+
+ Context configuration file for the MOA-Proxy App
+
+ aus einer Tomcat 4.x.xx server.xml Datei:
+ <Context path="" docBase="../moa-id-proxy.war" debug="0"/>
+
+-->
+<Context path="" docBase="${catalina.base}/webappsProxy/moa-id-proxy.war" privileged="true"
+
+ antiResourceLocking="false" antiJARLocking="false">
+
+<!--
+<ResourceLink name="users" global="UserDatabase"
+ type="org.apache.catalina.UserDatabase"/>
+-->
+
+ <!-- Uncomment this Valve to limit access to the Admin app to localhost
+ for obvious security reasons. Allow may be a comma-separated list of
+ hosts (or even regular expressions).
+ <Valve className="org.apache.catalina.valves.RemoteAddrValve"
+ allow="127.0.0.1"/>
+ -->
+
+</Context>
diff --git a/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
new file mode 100644
index 000000000..ef070b8eb
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
@@ -0,0 +1,846 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+
+ <!-- MOA-ID 2.x BKUSelection Layout CSS -->
+ <style type="text/css">
+ @media screen and (min-width: 650px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ text-align: center;
+ background-color: #6B7B8B;
+ }
+
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input{
+ font-size: 0.7em;
+ /*border-radius: 5px;*/
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.85em;
+ /*border-radius: 7px;*/
+ margin-bottom: 25px;
+ min-width: 80px;
+ }
+
+ #mandateLogin {
+ font-size: 0.85em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ }
+
+
+ #page {
+ display: block;
+ border: 2px solid rgb(0,0,0);
+ width: 650px;
+ height: 460px;
+ margin: 0 auto;
+ margin-top: 5%;
+ position: relative;
+ border-radius: 25px;
+ background: rgb(255,255,255);
+ }
+
+ #page1 {
+ text-align: center;
+ }
+
+ #main {
+ /* clear:both; */
+ position:relative;
+ margin: 0 auto;
+ width: 250px;
+ text-align: center;
+ }
+
+ .OA_header {
+ /* background-color: white;*/
+ font-size: 20pt;
+ margin-bottom: 25px;
+ margin-top: 25px;
+ }
+
+ #leftcontent {
+ /*float:left; */
+ width:250px;
+ margin-bottom: 25px;
+ text-align: left;
+ border: 1px solid rgb(0,0,0);
+ }
+
+ #selectArea {
+ font-size: 15px;
+ padding-bottom: 65px;
+ }
+
+ #leftcontent {
+ width: 300px;
+ margin-top: 30px;
+ }
+
+ #bku_header {
+ height: 5%;
+ padding-bottom: 3px;
+ padding-top: 3px;
+ }
+
+ #bkulogin {
+ overflow:hidden;
+ min-width: 190px;
+ min-height: 180px;
+ /*height: 260px;*/
+ }
+
+ h2#tabheader{
+ font-size: 1.1em;
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ }
+
+ #stork h2 {
+ font-size: 1.0em;
+ margin-bottom: 2%;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 100px;
+ height: 30px
+ }
+
+ #leftbutton {
+ width: 30%;
+ float:left;
+ margin-left: 40px;
+ }
+
+ #rightbutton {
+ width: 30%;
+ float:right;
+ margin-right: 45px;
+ text-align: right;
+ }
+
+ button {
+ height: 25px;
+ width: 75px;
+ margin-bottom: 10px;
+ }
+
+ #validation {
+ position: absolute;
+ bottom: 0px;
+ margin-left: 270px;
+ padding-bottom: 10px;
+ }
+
+ }
+
+ @media screen and (max-width: 205px) {
+ #localBKU p {
+ font-size: 0.6em;
+ }
+
+ #localBKU input {
+ font-size: 0.6em;
+ min-width: 60px;
+ /* max-width: 65px; */
+ min-height: 1.0em;
+ /* border-radius: 5px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.7em;
+ min-width: 55px;
+ /*min-height: 1.1em;
+ border-radius: 5px;*/
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.65em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ margin-top: -0.4em;
+ padding-top: 0.4em;
+ }
+
+ #bkulogin {
+ min-height: 150px;
+ }
+ }
+
+ @media screen and (max-width: 249px) and (min-width: 206px) {
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input {
+ font-size: 0.7em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ min-height: 0.95em;
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.75em;
+ min-width: 60px;
+ /* min-height: 0.95em;
+ border-radius: 6px; */
+ margin-bottom: 5%
+ }
+
+ #mandateLogin {
+ font-size: 0.75em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.9em;
+ margin-top: -0.45em;
+ padding-top: 0.45em;
+ }
+
+ #bkulogin {
+ min-height: 180px;
+ }
+ }
+
+ @media screen and (max-width: 299px) and (min-width: 250px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.85em;
+ /* min-height: 1.05em;
+ border-radius: 7px; */
+ margin-bottom: 10%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.0em;
+ margin-top: -0.50em;
+ padding-top: 0.50em;
+ }
+ }
+
+ @media screen and (max-width: 399px) and (min-width: 300px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.9em;
+ /* min-height: 1.2em;
+ border-radius: 8px; */
+ margin-bottom: 10%;
+ max-width: 80px;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.1em;
+ margin-top: -0.55em;
+ padding-top: 0.55em;
+ }
+ }
+
+ @media screen and (max-width: 649px) and (min-width: 400px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 80px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 1.0em;
+ /* min-height: 1.3em;
+ border-radius: 10px; */
+ margin-bottom: 10%;
+ max-width: 85px;
+ }
+
+ #mandateLogin {
+ font-size: 1.2em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.3em;
+ margin-top: -0.65em;
+ padding-top: 0.65em;
+ }
+ }
+
+
+
+ @media screen and (max-width: 649px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ text-align: center;
+ font-size: 100%;
+ background-color: #MAIN_BACKGOUNDCOLOR#;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
+ display: none;
+ }
+
+ .OA_header {
+ margin-bottom: 0px;
+ margin-top: 0px;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ vertical-align: middle;
+ min-height: 173px;
+ min-width: 204px;
+
+ }
+
+ #bku_header {
+ height: 10%;
+ min-height: 1.2em;
+ margin-top: 1%;
+ }
+
+ h2#tabheader{
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ top: 50%;
+ }
+
+ #stork h2 {
+ font-size: 0.9em;
+ margin-bottom: 2%;
+ }
+
+ #bkulogin {
+ min-width: 190px;
+ min-height: 155px;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ input[type=button] {
+/* height: 11%; */
+ width: 70%;
+ }
+ }
+
+ * {
+ margin: 0;
+ padding: 0;
+ font-family: #FONTTYPE#;
+ }
+
+ #selectArea {
+ padding-top: 10px;
+ padding-bottom: 55px;
+ padding-left: 10px;
+ }
+
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ #leftbutton {
+ width: 35%;
+ float:left;
+ margin-left: 15px;
+ }
+
+ #rightbutton {
+ width: 35%;
+ float:right;
+ margin-right: 25px;
+ text-align: right;
+ }
+
+ #stork {
+ /*margin-bottom: 10px;*/
+ /* margin-top: 5px; */
+ }
+
+ #mandateLogin {
+ padding-bottom: 4%;
+ padding-top: 4%;
+ height: 10%;
+ position: relative;
+ text-align: center;
+ }
+
+ .verticalcenter {
+ vertical-align: middle;
+ }
+
+ #mandateLogin div {
+ clear: both;
+ margin-top: -1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkuselectionarea {
+ position: relative;
+ display: block;
+ }
+
+ #localBKU {
+ padding-left: 5%;
+ padding-right: 2%;
+ padding-bottom: 4%;
+ /*padding-top: 4%;*/
+ position: relative;
+ clear: both;
+ }
+
+ #bkukarte {
+ float:left;
+ text-align:center;
+ width:40%;
+ min-height: 70px;
+ padding-left: 5%;
+ padding-top: 2%;
+ }
+
+ #bkuhandy {
+ float:right;
+ text-align:center;
+ width:40%;
+ min-height: 90px;
+ padding-right: 5%;
+ padding-top: 2%;
+ }
+
+ .bkuimage {
+ width: 90%;
+ height: auto;
+ }
+
+ #mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+ }
+
+/* input[type=button], .sendButton {
+ background: #BUTTON_BACKGROUNDCOLOR#;
+ color: #BUTTON_COLOR#;
+/* border:1px solid #000; */
+/* cursor: pointer;
+/* box-shadow: 3px 3px 3px #222222; */
+/* }
+
+/* button:hover, button:focus, button:active,
+ .sendButton:hover , .sendButton:focus, .sendButton:active,
+ #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
+ background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
+ color: #BUTTON_COLOR#;
+/* border:1px solid #000; */
+/* cursor: pointer;
+/* box-shadow: -1px -1px 3px #222222; */
+/* }
+
+*/
+ input {
+ /*border:1px solid #000;*/
+ cursor: pointer;
+ }
+
+ #localBKU input {
+/* color: #BUTTON_COLOR#; */
+ border: 0px;
+ display: inline-block;
+
+ }
+
+ #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
+ text-decoration: underline;
+ }
+
+ #installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+ }
+
+ .selectText{
+
+ }
+
+ .selectTextHeader{
+
+ }
+
+ .sendButton {
+ width: 30%;
+ margin-bottom: 1%;
+ }
+
+ #leftcontent a {
+ text-decoration:none;
+ color: #000;
+ /* display:block;*/
+ padding:4px;
+ }
+
+ #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+ text-decoration:underline;
+ color: #000;
+ }
+
+ .infobutton {
+ background-color: #005a00;
+ color: white;
+ font-family: serif;
+ text-decoration: none;
+ padding-top: 2px;
+ padding-right: 4px;
+ padding-bottom: 2px;
+ padding-left: 4px;
+ font-weight: bold;
+ }
+
+ .hell {
+ background-color : #MAIN_BACKGOUNDCOLOR#;
+ color: #MAIN_COLOR#;
+ }
+
+ .dunkel {
+ background-color: #HEADER_BACKGROUNDCOLOR#;
+ color: #HEADER_COLOR#;
+ }
+
+ .main_header {
+ color: black;
+ font-size: 32pt;
+ position: absolute;
+ right: 10%;
+ top: 40px;
+
+ }
+
+ </style>
+<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
+<script type="text/javascript">
+ function isIE() {
+ return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
+ }
+ function isFullscreen() {
+ try {
+ return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
+ } catch (e) {
+ return false;
+ }
+ }
+ function isActivexEnabled() {
+ var supported = null;
+ try {
+ supported = !!new ActiveXObject("htmlfile");
+ } catch (e) {
+ supported = false;
+ }
+ return supported;
+ }
+ function isMetro() {
+ if (!isIE())
+ return false;
+ return !isActivexEnabled() && isFullscreen();
+ }
+ window.onload=function() {
+ document.getElementById("localBKU").style.display="block";
+ return;
+ }
+ function bkuLocalClicked() {
+ setMandateSelection();
+ }
+
+ function bkuOnlineClicked() {
+ if (isMetro())
+ document.getElementById("metroDetected").style.display="block";
+ document.getElementById("localBKU").style.display="block";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#ONLINE#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function bkuHandyClicked() {
+ document.getElementById("localBKU").style.display="none";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#HANDY#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function storkClicked() {
+ document.getElementById("localBKU").style.display="none";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var ccc = "AT";
+ var countrySelection = document.getElementById("cccSelection");
+ if (countrySelection != null) {
+ ccc = document.getElementById("cccSelection").value;
+ }
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#ONLINE#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+ iFrameURL += "&CCC=" + ccc;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function generateIFrame(iFrameURL) {
+ var el = document.getElementById("bkulogin");
+ var width = el.clientWidth;
+ var heigth = el.clientHeight - 20;
+ var parent = el.parentNode;
+
+ iFrameURL += "&heigth=" + heigth;
+ iFrameURL += "&width=" + width;
+
+ var iframe = document.createElement("iframe");
+ iframe.setAttribute("src", iFrameURL);
+ iframe.setAttribute("width", el.clientWidth - 1);
+ iframe.setAttribute("height", el.clientHeight - 1);
+ iframe.setAttribute("frameborder", "0");
+ iframe.setAttribute("scrolling", "no");
+ iframe.setAttribute("title", "Login");
+ parent.replaceChild(iframe, el);
+ }
+ function setMandateSelection() {
+ document.getElementById("moaidform").action = "#AUTH_URL#";
+ document.getElementById("useMandate").value = "false";
+ var checkbox = document.getElementById("mandateCheckBox");
+ if (checkbox != null) {
+ if (document.getElementById("mandateCheckBox").checked) {
+ document.getElementById("useMandate").value = "true";
+ }
+ }
+ }
+ function onChangeChecks() {
+ if (top.innerWidth < 650) {
+ document.getElementById("moaidform").setAttribute("target","_parent");
+ } else {
+ document.getElementById("moaidform").removeAttribute("target");
+ }
+
+ }
+/* function setSSOSelection() {
+ document.getElementById("useSSO").value = "false";
+ var checkbox = document.getElementById("SSOCheckBox");
+ if (checkbox != null) {
+ if (document.getElementById("SSOCheckBox").checked) {
+ document.getElementById("useSSO").value = "true";
+ }
+ }
+ } */
+
+/* function checkMandateSSO() {
+ var sso = document.getElementById("SSOCheckBox");
+ var mandate = document.getElementById("mandateCheckBox");
+
+
+ if (sso.checked && mandate.checked) {
+ alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
+ mandate.checked = false;
+ sso.checked = false;
+ return true;
+ } else {
+ return false;
+ }
+ } */
+ </script>
+<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title>
+</head>
+<body onload="onChangeChecks();" onresize="onChangeChecks();">
+ <div id="page">
+ <div id="page1" class="case selected-case" role="main">
+ <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2>
+ <div id="main">
+ <div id="leftcontent" class="hell" role="application">
+ <div id="bku_header" class="dunkel">
+ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2>
+ </div>
+ <div id="bkulogin" class="hell" role="form">
+ <div id="mandateLogin" style="">
+ <div>
+ <input tabindex="1" type="checkbox" name="Mandate"
+ id="mandateCheckBox" class="verticalcenter" role="checkbox"
+ onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#>
+ <label for="mandateCheckBox" class="verticalcenter">in
+ Vertretung anmelden</label>
+ <!--a href="info_mandates.html"
+ target="_blank"
+ class="infobutton verticalcenter"
+ tabindex="5">i</a-->
+ </div>
+ </div>
+ <div id="bkuselectionarea">
+ <div id="bkukarte">
+ <img class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png"
+ alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button"
+ onClick="bkuOnlineClicked();" tabindex="2" role="button"
+ value="Karte" />
+ </div>
+ <div id="bkuhandy">
+ <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png"
+ alt="HandyBKU" /> <input name="bkuButtonHandy" type="button"
+ onClick="bkuHandyClicked();" tabindex="3" role="button"
+ value="HANDY" />
+ </div>
+ </div>
+ <div id="localBKU">
+ <form method="get" id="moaidform" action="#AUTH_URL#"
+ class="verticalcenter" target="_parent">
+ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input
+ type="hidden" name="useMandate" id="useMandate"> <input
+ type="hidden" name="SSO" id="useSSO"> <input
+ type="hidden" name="CCC" id="ccc"> <input type="hidden"
+ name="MODUL" value="#MODUL#"> <input type="hidden"
+ name="ACTION" value="#ACTION#"> <input type="hidden"
+ name="MOASessionID" value="#SESSIONID#">
+ <input type="submit" value=">lokale Bürgerkartenumgebung" tabindex="4"
+ role="button" class="hell"
+ onclick="setMandateSelection();"
+ >
+ <!--p>
+ <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
+ </p-->
+ </form>
+ </div>
+
+ <div id="stork" align="center" style="#STORKVISIBLE#">
+ <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
+ <p>
+ <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
+ #PEPSLIST#
+ </select>
+ <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button>
+ <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
+ </p>
+ </div>
+
+ <div id="metroDetected" style="display: none">
+ <p>Anscheinend verwenden Sie Internet Explorer im
+ Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den
+ Optionen um die Karten-Anmeldung starten zu können.</p>
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="validation">
+ <a href="http://validator.w3.org/check?uri="> <img
+ style="border: 0; width: 88px; height: 31px"
+ src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
+ </a> <a href="http://jigsaw.w3.org/css-validator/"> <img
+ style="border: 0; width: 88px; height: 31px"
+ src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ alt="CSS ist valide!" />
+ </a>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html b/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html
new file mode 100644
index 000000000..b80d654cc
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/htmlTemplates/sendAssertionFormFull.html
@@ -0,0 +1,617 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <!-- MOA-ID 2.x BKUSelection Layout CSS -->
+ <style type="text/css">
+ @media screen and (min-width: 650px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ text-align: center;
+ background-color: #6B7B8B;
+ }
+
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input{
+ font-size: 0.7em;
+ border-radius: 5px;
+ }
+
+ #bkuselectionarea button {
+ font-size: 0.85em;
+ border-radius: 7px;
+ margin-bottom: 25px;
+ }
+
+ #mandateLogin {
+ font-size: 0.85em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ }
+
+
+ #page {
+ display: block;
+ border: 2px solid rgb(0,0,0);
+ width: 650px;
+ height: 440px;
+ margin: 0 auto;
+ margin-top: 5%;
+ position: relative;
+ border-radius: 25px;
+ background: rgb(255,255,255);
+ }
+
+ #page1 {
+ text-align: center;
+ }
+
+ #main {
+ /* clear:both; */
+ position:relative;
+ margin: 0 auto;
+ width: 250px;
+ text-align: center;
+ }
+
+ .OA_header {
+ /* background-color: white;*/
+ font-size: 20pt;
+ margin-bottom: 25px;
+ margin-top: 25px;
+ }
+
+ #leftcontent {
+ width: 300px;
+ margin-top: 30px;
+ padding-bottom: 15px;
+ margin-bottom: 25px;
+ text-align: left;
+ border: 1px solid rgb(0,0,0);
+ }
+
+ #selectArea {
+ font-size: 15px;
+ padding-bottom: 65px;
+ }
+
+ #selectArea h3 {
+ margin-bottom: 25px;
+ }
+
+ #bku_header {
+ height: 5%;
+ padding-bottom: 3px;
+ padding-top: 3px;
+ }
+
+ #bkulogin {
+ overflow:hidden;
+ min-width: 190px;
+ min-height: 180px;
+ /*height: 260px;*/
+ }
+
+ h2#tabheader{
+ font-size: 1.1em;
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ }
+
+ .setAssertionButton_full {
+ margin-top: 15px;
+ width: 100px;
+ height: 30px;
+ font-size: 1.3em;
+ min-height: 1.3em;
+/* border-radius: 10px;*/
+ }
+
+ #leftbutton {
+ width: 30%;
+ float:left;
+ margin-left: 40px;
+ }
+
+ #rightbutton {
+ width: 30%;
+ float:right;
+ margin-right: 45px;
+ text-align: right;
+ }
+
+ button {
+ height: 25px;
+ width: 90px;
+ margin-bottom: 10px;
+ }
+
+ #validation {
+ position: absolute;
+ bottom: 0px;
+ margin-left: 270px;
+ padding-bottom: 10px;
+ }
+
+ }
+
+ @media screen and (max-width: 205px) {
+ #localBKU p {
+ font-size: 0.6em;
+ }
+
+ #localBKU input {
+ font-size: 0.7em;
+ min-width: 70px;
+ min-height: 1.2em;
+ border-radius: 5px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 0.8em;
+ min-width: 65px;
+ min-height: 1.3em;
+ /* border-radius: 5px; */
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.65em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 0.8em;
+ margin-top: -0.4em;
+ }
+ }
+
+ @media screen and (max-width: 249px) and (min-width: 206px) {
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input {
+ font-size: 0.85em;
+ min-width: 80px;
+ min-height: 0.95em;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 0.85em;
+ min-width: 70px;
+ min-height: 0.95em;
+ /* border-radius: 6px; */
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.75em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 0.9em;
+ margin-top: -0.45em;
+ }
+ }
+
+ @media screen and (max-width: 299px) and (min-width: 250px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.0em;
+ min-height: 1.05em;
+ /* border-radius: 7px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.0em;
+ margin-top: -0.50em;
+ }
+ }
+
+ @media screen and (max-width: 399px) and (min-width: 300px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.1em;
+ min-height: 1.2em;
+ /* border-radius: 8px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.1em;
+ margin-top: -0.55em;
+ }
+ }
+
+ @media screen and (max-width: 649px) and (min-width: 400px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.3em;
+ min-height: 1.3em;
+/* border-radius: 10px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1.2em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.3em;
+ margin-top: -0.65em;
+ }
+ }
+
+
+
+ @media screen and (max-width: 649px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ text-align: center;
+ font-size: 100%;
+ background-color: #MAIN_BACKGOUNDCOLOR#;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
+ display: none;
+ }
+
+ .OA_header {
+ margin-bottom: 0px;
+ margin-top: 0px;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ min-width: 190px;
+/* min-height: 190px; */
+ vertical-align: middle;
+
+ }
+
+ #bku_header {
+ height: 10%;
+ min-height: 1.2em;
+ margin-top: 1%;
+ }
+
+ h2#tabheader{
+ padding-left: 2%;
+ padding-right: 2%;
+ padding-top: 1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkulogin {
+ min-width: 190px;
+ min-height: 150px;
+ }
+
+ .setAssertionButton_full {
+ margin-top: 15px;
+ width: 70%;
+ height: 11%;
+ min-width: 60px;
+ min-height: 25px;
+ }
+
+ #selectArea h3 {
+ margin-top: 2%;
+ }
+
+ button {
+ height: 11%;
+ width: 70%;
+ }
+ }
+
+ * {
+ margin: 0;
+ padding: 0;
+/* border: 0; */
+ font-family: #FONTTYPE#;
+ }
+
+ #selectArea {
+ padding-top: 10px;
+ padding-bottom: 55px;
+ padding-left: 10px;
+ }
+
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ #leftbutton {
+ width: 35%;
+ float:left;
+ margin-left: 15px;
+ }
+
+ #rightbutton {
+ width: 35%;
+ float:right;
+ margin-right: 25px;
+ text-align: right;
+ }
+
+ #stork {
+ margin-bottom: 10px;
+ margin-top: 5px;
+ }
+
+ #mandateLogin {
+ padding-bottom: 2%;
+ padding-top: 2%;
+ height: 10%;
+ position: relative;
+ text-align: center;
+ }
+
+ .verticalcenter {
+ vertical-align: middle;
+ }
+
+ #mandateLogin > div {
+ clear: both;
+ margin-top: -1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkuselectionarea {
+ position: relative;
+ display: block;
+ }
+
+ #localBKU {
+ padding-left: 5%;
+ padding-right: 2%;
+ padding-bottom: 2%;
+ position: relative;
+ clear: both;
+ }
+
+ #bkukarte {
+ float:left;
+ text-align:center;
+ width:40%;
+ min-height: 70px;
+ padding-left: 5%;
+ padding-top: 2%;
+ }
+
+ #bkuhandy {
+ float:right;
+ text-align:center;
+ width:40%;
+ min-height: 90px;
+ padding-right: 5%;
+ padding-top: 2%;
+ }
+
+ .bkuimage {
+ width: 90%;
+ height: auto;
+ }
+
+ #mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+ }
+
+ button, .sendButton {
+/* background: #BUTTON_BACKGROUNDCOLOR#;
+ color: #BUTTON_COLOR#; */
+ cursor: pointer;
+
+/* border:1px solid #000;
+ box-shadow: 3px 3px 3px #222222; */
+ }
+
+ button:hover, button:focus, button:active,
+ .sendButton:hover , .sendButton:focus, .sendButton:active,
+ #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
+/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
+ color: #BUTTON_COLOR#; */
+ cursor: pointer;
+
+/* border:1px solid #000;
+ box-shadow: -1px -1px 3px #222222; */
+ }
+
+ #installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+ }
+
+ .selectText{
+
+ }
+
+ .selectTextHeader{
+
+ }
+
+ #leftcontent a {
+ text-decoration:none;
+ color: #000;
+ /* display:block;*/
+ padding:4px;
+ }
+
+ #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+ text-decoration:underline;
+ color: #000;
+ }
+
+ .infobutton {
+ background-color: #005a00;
+ color: white;
+ font-family: serif;
+ text-decoration: none;
+ padding-top: 2px;
+ padding-right: 4px;
+ padding-bottom: 2px;
+ padding-left: 4px;
+ font-weight: bold;
+ }
+
+ .hell {
+ background-color : #MAIN_BACKGOUNDCOLOR#;
+ color: #MAIN_COLOR#;
+ }
+
+ .dunkel {
+ background-color: #HEADER_BACKGROUNDCOLOR#;
+ color: #HEADER_COLOR#;
+ }
+
+ .main_header {
+ color: black;
+ font-size: 32pt;
+ position: absolute;
+ right: 10%;
+ top: 40px;
+
+ }
+
+ </style>
+
+
+ <title>Anmeldung an Online-Applikation</title>
+</head>
+
+
+<body>
+ <div id="page">
+
+ <div id="page1" class="case selected-case" role="main">
+
+<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> -->
+
+ <div id="main">
+ <div id="leftcontent" class="hell">
+ <div id="bku_header" class="dunkel">
+ <h2 id="tabheader" class="dunkel" role="heading">
+ Anmeldeinformationen:
+ </h2>
+ </div>
+
+ <div id="selectArea" class="hell" role="application">
+ <h3>Anmeldung an: #OAName#</h3>
+
+<!-- <div class="hell"> -->
+ <div id="leftbutton">
+ <form method="post" id="moaidform_yes" action="#URL#">
+ <input type="hidden" name="value" value="true">
+ <input type="hidden" name="mod" value="#MODUL#">
+ <input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
+ <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button">
+ </form>
+ </div>
+ <div id="rightbutton">
+ <form method="post" id="moaidform_no" action="#URL#">
+ <input type="hidden" name="value" value="false">
+ <input type="hidden" name="mod" value="#MODUL#">
+ <input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
+ <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button">
+ </form>
+ </div>
+
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="validation">
+ <a href="http://validator.w3.org/check?uri=">
+ <img style="border:0;width:88px;height:31px"
+ src="#CONTEXTPATH#/img/valid-html5-blue.png"
+ alt="HTML5 ist valide!" />
+ </a>
+ <a href="http://jigsaw.w3.org/css-validator/">
+ <img style="border:0;width:88px;height:31px"
+ src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ alt="CSS ist valide!" />
+ </a>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/keys/assertion.crt b/id/server/doc/conf/moa-id-configuration/keys/assertion.crt
new file mode 100644
index 000000000..aa4e23cb1
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/keys/assertion.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
+MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
+BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
+ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
+2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
++4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
+upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
+SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
+8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
+BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
+EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
+dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
+ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
+DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
+crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
+LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
+0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
+ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id/keys/encryption.crt b/id/server/doc/conf/moa-id-configuration/keys/encryption.crt
index c9d94f9b6..c9d94f9b6 100644
--- a/id/server/data/deploy/conf/moa-id/keys/encryption.crt
+++ b/id/server/doc/conf/moa-id-configuration/keys/encryption.crt
diff --git a/id/server/doc/conf/moa-id-configuration/keys/metadata.crt b/id/server/doc/conf/moa-id-configuration/keys/metadata.crt
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/keys/metadata.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-id/keys/moa_idp.p12 b/id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12
index 78cab1e89..78cab1e89 100644
--- a/id/server/data/deploy/conf/moa-id/keys/moa_idp.p12
+++ b/id/server/doc/conf/moa-id-configuration/keys/moa_idp[password].p12
Binary files differ
diff --git a/id/server/doc/conf/moa-id-configuration/mail/activation_template.html b/id/server/doc/conf/moa-id-configuration/mail/activation_template.html
new file mode 100644
index 000000000..adac14f56
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/mail/activation_template.html
@@ -0,0 +1,39 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
+<title>Benachrichtigung</title>
+<style type="text/css">
+body {
+ line-height: 1;
+ color: black;
+ background: white;
+ min-height: 101%;
+ font-size: 0.8em;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+</style>
+
+</head>
+
+<body>
+<div style="width: 708px; border: 1px solid #bbbbbb">
+ <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
+ <p>&nbsp;</p>
+ <p>Ihr Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool wurde soeben durch den Administrator freigegeben.</p>
+ <p>Sie k&ouml;nnen Sich ab nun unter folgendem Link am Konfigurationstool anmelden und Ihre Online-Applikationen verwalten.
+ <a href="#MANDATE_SERVICE_LINK#">#MANDATE_SERVICE_LINK#</a>.</p>
+
+ <p>&nbsp;</p>
+ <p>Graz, #TODAY_DATE#</p>
+ <p align="right">E-Government Innovationszentrum <br />
+ Inffeldgasse 16a<br />
+ 8010 Graz<br />
+ <br />
+ Telefon: +43 (316) 873-5514 <br />
+ Fax: +43 (316) 873-5520 <br />
+ E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
+ </p>
+</div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/admin_template.html b/id/server/doc/conf/moa-id-configuration/mail/admin_template.html
new file mode 100644
index 000000000..dd5872514
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/mail/admin_template.html
@@ -0,0 +1,40 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
+<title>Benachrichtigung</title>
+<style type="text/css">
+body {
+ line-height: 1;
+ color: black;
+ background: white;
+ min-height: 101%;
+ font-size: 0.8em;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+</style>
+
+</head>
+
+<body>
+<div style="width: 708px; border: 1px solid #bbbbbb">
+ <p>Sehr geehrte(r) Administrator(in),</p>
+ <p>&nbsp;</p>
+ <p>Am MOA-ID 2.x Verwaltungs- und Konfigurationstool liegen offene Antr&auml;ge vor.</p>
+
+ <p>Aktuell warten #NUMBER_USERSS# neue Benutzeraccount(s) und #NUMBER_OAS# neue Online-Applikation(en)
+ auf eine Freigabe durch einen Administrator.</p>
+
+ <p>&nbsp;</p>
+ <p>Graz, #TODAY_DATE#</p>
+ <p align="right">E-Government Innovationszentrum <br />
+ Inffeldgasse 16a<br />
+ 8010 Graz<br />
+ <br />
+ Telefon: +43 (316) 873-5514 <br />
+ Fax: +43 (316) 873-5520 <br />
+ E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
+ </p>
+</div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html b/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html
new file mode 100644
index 000000000..e809de743
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/mail/oa_activation_template.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
+<title>Benachrichtigung</title>
+<style type="text/css">
+body {
+ line-height: 1;
+ color: black;
+ background: white;
+ min-height: 101%;
+ font-size: 0.8em;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+</style>
+
+</head>
+
+<body>
+<div style="width: 708px; border: 1px solid #bbbbbb">
+ <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
+ <p>&nbsp;</p>
+ <p>Ihre Online-Applikation mit der ID #OANAME# wurde soeben durch den Administrator freigegeben.</p>
+
+ <p>&nbsp;</p>
+ <p>Graz, #TODAY_DATE#</p>
+ <p align="right">E-Government Innovationszentrum <br />
+ Inffeldgasse 16a<br />
+ 8010 Graz<br />
+ <br />
+ Telefon: +43 (316) 873-5514 <br />
+ Fax: +43 (316) 873-5520 <br />
+ E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
+ </p>
+</div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html b/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html
new file mode 100644
index 000000000..b5abff125
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/mail/rejected_template.html
@@ -0,0 +1,37 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
+<title>Benachrichtigung</title>
+<style type="text/css">
+body {
+ line-height: 1;
+ color: black;
+ background: white;
+ min-height: 101%;
+ font-size: 0.8em;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+</style>
+
+</head>
+
+<body>
+<div style="width: 708px; border: 1px solid #bbbbbb">
+ <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
+ <p>&nbsp;</p>
+ <p>Ihr Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool wurde soeben durch einen Administrator gel&ouml;scht.</p>
+
+ <p>&nbsp;</p>
+ <p>Graz, #TODAY_DATE#</p>
+ <p align="right">E-Government Innovationszentrum <br />
+ Inffeldgasse 16a<br />
+ 8010 Graz<br />
+ <br />
+ Telefon: +43 (316) 873-5514 <br />
+ Fax: +43 (316) 873-5520 <br />
+ E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
+ </p>
+</div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/mail/verification_template.html b/id/server/doc/conf/moa-id-configuration/mail/verification_template.html
new file mode 100644
index 000000000..fb4a3f2c4
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/mail/verification_template.html
@@ -0,0 +1,43 @@
+<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
+<html xmlns="http://www.w3.org/1999/xhtml">
+<head>
+<meta http-equiv="Content-Type" content="text/html; charset=ISO-8859-15" />
+<title>Benachrichtigung</title>
+<style type="text/css">
+body {
+ line-height: 1;
+ color: black;
+ background: white;
+ min-height: 101%;
+ font-size: 0.8em;
+ font-family: Verdana, Arial, Helvetica, sans-serif;
+}
+</style>
+
+</head>
+
+<body>
+<div style="width: 708px; border: 1px solid #bbbbbb">
+ <p>Sehr geehrte(r) #GIVENNAME# #FAMILYNAME#,</p>
+ <p>&nbsp;</p>
+ <p>Sie haben einen Benutzeraccount f&uuml;r das MOA-ID 2.x Verwaltungs- und Konfigurationstool beantragt.</p>
+ <p>Um Ihren Antrag abzuschließen &ouml;ffnen Sie bitte den folgenden Link in Ihrem Browser.<br>
+ <a href="#MANDATE_SERVICE_LINK#">#MANDATE_SERVICE_LINK#</a>.<br>
+ Anschließend wird Ihre Antrag an den zust&auml;ndigen Administrator weitergeleitet.
+ Sie erhalten danach eine weitere Best&auml;tigung sobald Ihr Benutzeraccount freigeschalten wurde.</p>
+
+ <p>Sollten Sie keinen Account beantragt haben k&ouml;nnen Sie dieses Mail ignorieren.</p>
+
+ <p>&nbsp;</p>
+ <p>Graz, #TODAY_DATE#</p>
+ <p align="right">E-Government Innovationszentrum <br />
+ Inffeldgasse 16a<br />
+ 8010 Graz<br />
+ <br />
+ Telefon: +43 (316) 873-5514 <br />
+ Fax: +43 (316) 873-5520 <br />
+ E-Mail: <a href="mailto:moa-id-configuration@egiz.gv.at" target="_blank" title="E-Mail an: ">moa-id-configuration@egiz.gv.at</a>
+ </p>
+</div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
new file mode 100644
index 000000000..05b5fbdef
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
@@ -0,0 +1,77 @@
+#General config
+general.login.deaktivate=false
+general.publicURLContext=https://localhost:8443/moa-id-configuration
+
+general.defaultlanguage=de
+
+##Mail
+general.mail.host=smtp.localhost...
+#general.mail.host.port=
+#general.mail.host.username=
+#general.mail.host.password=
+
+general.mail.from.name=MOA-ID 2.x Konfigurationstool
+general.mail.from.address=no-reply@localhost
+
+general.mail.useraccountrequest.verification.subject=MOA-ID 2.x - Benutzerverifikation
+general.mail.useraccountrequest.verification.template=mail/verification_template.html
+
+general.mail.useraccountrequest.isactive.subject=MOA-ID 2.x - Benutzeraktivierung
+general.mail.useraccountrequest.isactive.template=mail/activation_template.html
+general.mail.useraccountrequest.rejected.template=mail/rejected_template.html
+
+general.mail.createOArequest.isactive.subject=MOA-ID 2.x - Online-Applikationsaktivierung
+general.mail.createOArequest.isactive.template=mail/oa_activation_template.html
+
+general.mail.admin.adress=admin@localhost
+general.mail.admin.subject=MOA-ID 2.x - Statusmeldung
+general.mail.admin.adresses.template=mail/admin_template.html
+
+
+general.moaid.instance.url=https://localhost:8443/moa-id-auth/
+
+##PVP2 Authentication
+general.login.pvp2.isactive=true
+
+general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata
+general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/moa_idp.crt
+general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
+general.login.pvp2.idp.sso.logout.url=https://localhost:8443/moa-id-auth/LogOut?redirect=
+
+general.login.pvp2.metadata.entities.name=MOA-ID 2.x Configuration Tool
+general.login.pvp2.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-configuration/keys/application.p12
+general.login.pvp2.keystore.password=password
+general.login.pvp2.keystore.type=PKCS12
+
+general.login.pvp2.keystore.metadata.key.alias=pvp_metadata
+general.login.pvp2.keystore.metadata.key.password=password
+
+general.login.pvp2.keystore.authrequest.encryption.key.alias=pvp_encryption
+general.login.pvp2.keystore.authrequest.encryption.key.password=password
+
+general.login.pvp2.keystore.authrequest.key.alias=pvp_request
+general.login.pvp2.keystore.authrequest.key.password=password
+
+#UserRequestCleanUP time in hours
+general.userrequests.cleanup.delay=18
+
+##Hibnerate configuration for MOA-ID 2.0 configuration
+hibernate.dialect=org.hibernate.dialect.MySQLDialect
+hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true
+hibernate.connection.charSet=utf-8
+hibernate.connection.driver_class=com.mysql.jdbc.Driver
+hibernate.connection.username=
+hibernate.connection.password=
+
+hibernate.hbm2ddl.auto=update
+hibernate.current_session_context_class=thread
+hibernate.transaction.flush_before_completion=true
+hibernate.transaction.auto_close_session=true
+hibernate.show_sql=false
+hibernate.format_sql=true
+hibernate.c3p0.acquire_increment=3
+hibernate.c3p0.idle_test_period=300
+hibernate.c3p0.timeout=300
+hibernate.c3p0.max_size=20
+hibernate.c3p0.max_statements=0
+hibernate.c3p0.min_size=3 \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
new file mode 100644
index 000000000..e225ca6e0
--- /dev/null
+++ b/id/server/doc/conf/moa-id-configuration/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
@@ -0,0 +1,7 @@
+<sl10:TransformsInfo><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
+ Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><sl10:FinalDataMetaInfo><sl10:MimeType>application/xhtml+xml</sl10:MimeType></sl10:FinalDataMetaInfo></sl10:TransformsInfo> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-oa/keys/application[password].p12 b/id/server/doc/conf/moa-id-oa/keys/application[password].p12
new file mode 100644
index 000000000..78cab1e89
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/keys/application[password].p12
Binary files differ
diff --git a/id/server/doc/conf/moa-id-oa/keys/assertion.crt b/id/server/doc/conf/moa-id-oa/keys/assertion.crt
new file mode 100644
index 000000000..aa4e23cb1
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/keys/assertion.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
+MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
+BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
+ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
+2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
++4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
+upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
+SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
+8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
+BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
+EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
+dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
+ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
+DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
+crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
+LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
+0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
+ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/encryption.crt b/id/server/doc/conf/moa-id-oa/keys/encryption.crt
new file mode 100644
index 000000000..c9d94f9b6
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/keys/encryption.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0
+MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t
+ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
+VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull
+TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL
+HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb
+OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa
+aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i
+h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz
+zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe
+pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ
+AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf
+lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf
+C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh
+3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB
+Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8
+lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi
+LYiLYskPglktuck=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/keys/metadata.crt b/id/server/doc/conf/moa-id-oa/keys/metadata.crt
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/keys/metadata.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id-oa/oa.properties b/id/server/doc/conf/moa-id-oa/oa.properties
new file mode 100644
index 000000000..a24f800f2
--- /dev/null
+++ b/id/server/doc/conf/moa-id-oa/oa.properties
@@ -0,0 +1,21 @@
+general.publicURLContext=https://localhost:8443/oa
+
+general.login.pvp2.idp.metadata.url=https://localhost:8443/moa-id-auth/pvp2/metadata
+general.login.pvp2.idp.metadata.certificate=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/moa_idp.crt
+general.login.pvp2.idp.metadata.entityID=https://localhost:8443/moa-id-auth
+
+general.login.pvp2.OA.metadata.entities.name=MOA-ID 2.x Demo-Application
+
+general.login.pvp2.OA.keystore.url=$PATH_TO_CONFIG$/conf/moa-id-oa/keys/application.p12
+general.login.pvp2.OA.keystore.password=password
+general.login.pvp2.OA.keystore.type=PKCS12
+
+general.login.pvp2.OA.keystore.metadata.sign.key.alias=pvp_metadata
+general.login.pvp2.OA.keystore.metadata.sign.key.password=password
+
+general.login.pvp2.keystore.authrequest.sign.key.alias=pvp_request
+general.login.pvp2.keystore.authrequest.sign.key.password=password
+
+general.login.pvp2.keystore.assertion.encryption.key.alias=pvp_encryption
+general.login.pvp2.keystore.assertion.encryption.key.password=password
+
diff --git a/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml b/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml
new file mode 100644
index 000000000..51b36a1da
--- /dev/null
+++ b/id/server/doc/conf/moa-id-proxy/MOAIDConfiguration.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Beispielkonfiguration fuer MOA-ID -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <!-- Konfiguration fuer MOA-ID-PROXY -->
+ <ProxyComponent>
+ <!-- URL und akzeptierte TLS-Server-Zertifikate des MOA-ID-AUTH Web Service -->
+ <AuthComponent>
+ <ConnectionParameter URL="http://labda.iaik.tugraz.at:8080/moa-id-auth/services/GetAuthenticationData">
+ <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
+ <!-- <ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+
+ <!-- Eintragung fuer jede Online-Applikation -->
+ <!-- Demo Online-Applikation: Zugriff auf www.digitales.oesterreich.gv.at ueber MOA-ID-PROXY -->
+ <OnlineApplication type="businessService" publicURLPrefix="https://proxy.gv.at" friendlyName="Test Application">
+ <!-- fuer MOA-ID-PROXY -->
+ <ProxyComponent configFileURL="oa/BasicOAConfiguration.xml" sessionTimeOut="600"
+ loginParameterResolverImpl="at.gv.egiz.moa.id.proxy.MySQLLoginParameterResolver"
+ loginParameterResolverConfiguration="/var/lib/tomcat6/webapps/moa-id-proxy-umgmt/WEB-INF/classes/hibernate.cfg.xml"
+ connectionBuilderImpl="at.gv.egovernment.moa.id.proxy.EnhancedConnectionBuilder"
+ errorRedirectURL="https://proxy.gv.at/oa2">
+
+ <!-- URL und akzeptierte TLS-Server-Zertifikate der Online-Applikation -->
+ <ConnectionParameter URL="https://proxy.gv.at/oa">
+ <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
+ <!-- <ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+
+ <!-- Eintragung fuer jede Online-Applikation -->
+ <!-- Demo Online-Applikation: Zugriff auf www.digitales.oesterreich.gv.at ueber MOA-ID-PROXY -->
+ <OnlineApplication type="businessService" publicURLPrefix="https://proxy.gv.at" friendlyName="Test Application">
+ <!-- fuer MOA-ID-PROXY -->
+ <ProxyComponent configFileURL="oa/BasicOAConfiguration.xml" sessionTimeOut="600"
+ errorRedirectURL="https://proxy.gv.at/oa2">
+
+ <!-- URL und akzeptierte TLS-Server-Zertifikate der Online-Applikation -->
+ <ConnectionParameter URL="https://proxy.gv.at/oa">
+ <AcceptedServerCertificates>certs/server-certs</AcceptedServerCertificates>
+ <!-- <ClientKeyStore password="Keystore Pass">file_to_clientkeystore</ClientKeyStore> -->
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+
+ <!-- ChainingModes fuer die Zertifikatspfadueberpruefug der TLS-Zertifikate -->
+ <ChainingModes systemDefaultMode="pkix">
+ </ChainingModes>
+ <!-- fuer MOA-ID-AUTH: CA-Zertifikat des Servers MOA-SP, falls dieses Service ueber HTTPS angesprochen wird
+ fuer MOA-ID-PROXY: CA-Zertifikat des Servers MOA-ID-AUTH, falls dieses Service ueber HTTPS angesprochen wird
+ zusaeztlich: CA-Zertifikat aller Online-Applikationen, die ueber HTTPS angesprochen werden -->
+ <TrustedCACertificates>certs/ca-certs</TrustedCACertificates>
+ <!-- Cache-Verzeichnis fuer-Zertifikate -->
+ <!-- Hinweis: wenn TC in linux oder unix betrieben wird vollstaendigen pfad fuer DirectoryCertStoreParameters.RootDir verwenden -->
+ <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="/etc/tomcat6/moa-id/certs/certstore"/>
+ <!-- Time-Out fuer die Anmeldung von Beginn bis zum Anlegen der Anmeldedaten, in Sekunden -->
+ <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/>
+ <!-- Time-Out fuer die Anmeldung vom Anlegen bis zum Abholen der Anmeldedaten, in Sekunden -->
+ <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/>
+ <!-- Alternatives Data URL prefix (falls Webserver vorgeschaltet wird) -->
+ <!--GenericConfiguration name="FrontendServlets.DataURLPrefix" value="https://<your_webserver>/moa-id-auth/"/ -->
+ <!-- HTTP Verbindung auf Frontend Servlets zulassen / verbieten (falls Webserver vorgeschaltet wird) -->
+ <!-- GenericConfiguration name="FrontendServlets.EnableHTTPConnection" value="true"/ -->
+ <!-- URL Liste der vertrauenwürdigen Bürgekartenumgebungen -->
+</MOA-IDConfiguration>
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp
new file mode 100644
index 000000000..0cb4e8fea
--- /dev/null
+++ b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_debug.jsp
@@ -0,0 +1,53 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>Ein Fehler ist aufgetreten</title>
+</head>
+<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
+ String errorMessage = (String)request.getAttribute("ErrorMessage");
+ String wrongParameters = (String)request.getAttribute("WrongParameters");
+ String logLevel = (String)request.getAttribute("LogLevel");
+%>
+
+<body>
+<h1>Fehler bei der Anmeldung</h1>
+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
+
+<% if (logLevel != null) { %>
+<% if (errorMessage != null) { %>
+<p>
+<%= errorMessage%><br>
+</p>
+<% } %>
+<% if (exceptionThrown != null) { %>
+<p>
+<%= exceptionThrown.getMessage()%>
+</p>
+<% } %>
+<% if (wrongParameters != null) { %>
+<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
+<b> <%= wrongParameters %> </b><br>
+<p>
+ Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
+<% } %>
+<% } %>
+</body>
+</html> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp
new file mode 100644
index 000000000..0b3992bfd
--- /dev/null
+++ b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-auth_empty.jsp
@@ -0,0 +1,13 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>Ein Fehler ist aufgetreten</title>
+</head>
+
+<body>
+<h1>Fehler bei der Anmeldung</h1>
+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
+
+</body>
+</html> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp
new file mode 100644
index 000000000..0cb4e8fea
--- /dev/null
+++ b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_debug.jsp
@@ -0,0 +1,53 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>Ein Fehler ist aufgetreten</title>
+</head>
+<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
+ String errorMessage = (String)request.getAttribute("ErrorMessage");
+ String wrongParameters = (String)request.getAttribute("WrongParameters");
+ String logLevel = (String)request.getAttribute("LogLevel");
+%>
+
+<body>
+<h1>Fehler bei der Anmeldung</h1>
+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
+
+<% if (logLevel != null) { %>
+<% if (errorMessage != null) { %>
+<p>
+<%= errorMessage%><br>
+</p>
+<% } %>
+<% if (exceptionThrown != null) { %>
+<p>
+<%= exceptionThrown.getMessage()%>
+</p>
+<% } %>
+<% if (wrongParameters != null) { %>
+<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
+<b> <%= wrongParameters %> </b><br>
+<p>
+ Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>
+<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
+</p>
+<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
+<% } %>
+<% } %>
+</body>
+</html> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp
new file mode 100644
index 000000000..0b3992bfd
--- /dev/null
+++ b/id/server/doc/conf/moa-id-proxy/errorpages/errorpage-proxy_empty.jsp
@@ -0,0 +1,13 @@
+<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>Ein Fehler ist aufgetreten</title>
+</head>
+
+<body>
+<h1>Fehler bei der Anmeldung</h1>
+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
+
+</body>
+</html> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/MOAIdentities.xsd b/id/server/doc/conf/moa-id/MOAIdentities.xsd
new file mode 100644
index 000000000..e075ead5e
--- /dev/null
+++ b/id/server/doc/conf/moa-id/MOAIdentities.xsd
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) -->
+<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified">
+ <xs:element name="MOAIdentities">
+ <xs:annotation>
+ <xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation>
+ </xs:annotation>
+ <xs:complexType>
+ <xs:sequence maxOccurs="unbounded">
+ <xs:element name="Mapping">
+ <xs:complexType>
+ <xs:sequence>
+ <xs:element name="Identity">
+ <xs:complexType>
+ <xs:choice>
+ <xs:element name="NamedIdentity" type="tns:NamedIdentityType"/>
+ <xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/>
+ <xs:element name="wbPKIdentity" type="tns:wbPKIdentitiyType"/>
+ </xs:choice>
+ </xs:complexType>
+ </xs:element>
+ <xs:element name="Parameters" type="tns:ParametersType"/>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ </xs:sequence>
+ </xs:complexType>
+ </xs:element>
+ <xs:complexType name="wbPKIdentitiyType">
+ <xs:simpleContent>
+ <xs:extension base="xs:boolean">
+ <xs:attribute name="wbPK" type="xs:string" use="required"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="bPKIdentitiyType">
+ <xs:simpleContent>
+ <xs:extension base="xs:boolean">
+ <xs:attribute name="bPK" type="xs:string" use="required"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="NamedIdentityType">
+ <xs:simpleContent>
+ <xs:extension base="xs:boolean">
+ <xs:attribute name="SurName" type="xs:string" use="required"/>
+ <xs:attribute name="GivenName" type="xs:string" use="required"/>
+ <xs:attribute name="BirthDate" type="xs:string" use="optional"/>
+ </xs:extension>
+ </xs:simpleContent>
+ </xs:complexType>
+ <xs:complexType name="ParametersType">
+ <xs:attribute name="UN" type="xs:string" use="optional"/>
+ <xs:attribute name="PW" type="xs:string" use="optional"/>
+ <xs:attribute name="Param1" type="xs:string" use="optional"/>
+ <xs:attribute name="Param2" type="xs:string" use="optional"/>
+ <xs:attribute name="Param3" type="xs:string" use="optional"/>
+ </xs:complexType>
+</xs:schema>
diff --git a/id/server/doc/conf/moa-id/SampleIdentities.xml b/id/server/doc/conf/moa-id/SampleIdentities.xml
new file mode 100644
index 000000000..abda0bf64
--- /dev/null
+++ b/id/server/doc/conf/moa-id/SampleIdentities.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Beispielkonfiguration für den Einsatz der MOA-ID Proxy-Komponenten unter Einsatz eines speziellen XMLLoginParameterResolver
+ Damit kann unter Einsatz des XMLLoginParameterResolverPlainData (s.u.) eine Einschränkung von Benutzer für OA erfolgen. -->
+<!-- Beispiel für ein Element ProxyComponent in der MOA-ID Konfigurationsdatei welches den XMLLoginParameterResolverPlainData
+ mit der Benutzerdatei Identities.xml verwendet um sich über Basic Authentication (401) an einer Webseite anzumeldne -->
+
+
+<!--
+ <ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600"
+ loginParameterResolverImpl="at.gv.egovernment.moa.id.proxy.XMLLoginParameterResolverPlainData"
+ loginParameterResolverConfiguration="Identities.xml">
+ <ConnectionParameter URL="http://www.digitales.oesterreich.gv.at/">
+ </ConnectionParameter>
+ </ProxyComponent>
+-->
+<MOAIdentities xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814 MOAIdentities.xsd">
+ <!-- Eintrag aller Benutzer mit Berechtigung -->
+ <!-- Die Daten müssen in der Schreibweise wie in der Personenbindung (= Schreibweise des ZMRs) eingegeben werden -->
+
+ <!-- Benutzerin Kunz -->
+ <Mapping>
+ <Identity>
+ <NamedIdentity SurName="Kunz" GivenName="Karin Stella" BirthDate="1900-01-01">1</NamedIdentity>
+ </Identity>
+ <Parameters UN="KunzKS" PW="geheim"/>
+ </Mapping>
+ <!-- Benutzer Mustermann -->
+ <Mapping>
+ <Identity>
+ <NamedIdentity SurName="Mustermann-Fall" GivenName="Max Moriz" BirthDate="1900-01-01">1</NamedIdentity>
+ </Identity>
+ <Parameters UN="MustMM" PW="höchst?Geheim"/>
+ </Mapping>
+</MOAIdentities>
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer
new file mode 100644
index 000000000..a699436ca
--- /dev/null
+++ b/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer b/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer
new file mode 100644
index 000000000..ff90e35f5
--- /dev/null
+++ b/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt b/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt
new file mode 100644
index 000000000..0780bc44f
--- /dev/null
+++ b/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFsDCCBJigAwIBAgIHASBxw0JY9jANBgkqhkiG9w0BAQUFADCBrDEcMBoGA1UE
+AxMTRXVyb1BLSSBJQUlLIFNTTCBDQTEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5
+IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ
+bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczENMAsGA1UE
+BxMER3JhejELMAkGA1UEBhMCQVQwHhcNMTMxMjAzMTYzODUyWhcNMTUxMjAzMTYz
+ODUyWjCBqTELMAkGA1UEBhMCQVQxDTALBgNVBAcTBEdyYXoxJjAkBgNVBAoTHUdy
+YXogVW5pdmVyc2l0eSBvZiBUZWNobm9sb2d5MUgwRgYDVQQLEz9JbnN0aXR1dGUg
+Zm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNh
+dGlvbnMxGTAXBgNVBAMTEHN6cmd3LmVnaXouZ3YuYXQwggEiMA0GCSqGSIb3DQEB
+AQUAA4IBDwAwggEKAoIBAQDPDRBxrsDziPzz+GAcdJ2m6kOkJcr4REzMzP9dULRv
+R6EbVvvwQgPpAEcuqH+101ZwcIHNSCSQF30HnkJVF9hQ+4jIKjvUQ96hkZUC8OyI
+9WfJfPjCtMea9Mk4YsI2DVc6xoiuNKSeZt6ER0b3YDRFX6x4QqQpgt3uIMKjHxBf
+ESB9ehKLEPnQTgIzblvVrPWRAjVd+nZq40ZW1Im9Kq2pRk1gt5xiGh0q5qCV17Yj
+mzTcO4tcgW7iFJ8Tj1Cdog7AOBkhGXGtndfhH/EwGo08PZ1PEYwA5wTVHEhq/Nom
+zBKhDBRdDBhWOuxMeX8zSffuBYf9Oa9RGZBPErUi9HgHAgMBAAGjggHWMIIB0jAO
+BgNVHQ8BAf8EBAMCBLAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/
+BAIwADBQBgNVHSAESTBHMEUGDCsGAQQBlRIBAgMBATA1MDMGCCsGAQUFBwIBFido
+dHRwOi8vZXVyb3BraS5pYWlrLmF0L2NhL2lhaWsvY3BzLzEuMy8wHQYDVR0OBBYE
+FFi1nfsT7YEJ9PKNzMHBtXbl574ZMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9j
+YS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jcmxzL0V1cm9QS0lJQUlLX1NTTC5jcmww
+gZoGCCsGAQUFBwEBBIGNMIGKMEIGCCsGAQUFBzABhjZodHRwOi8vY2EuaWFpay50
+dWdyYXouYXQvY2Fwc28vT0NTUD9jYT1FdXJvUEtJSUFJS19TU0wwRAYIKwYBBQUH
+MAKGOGh0dHA6Ly9jYS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jZXJ0cy9FdXJvUEtJ
+SUFJS19TU0wuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56QGVnaXouZ3YuYXQw
+HwYDVR0jBBgwFoAUFZk0u+CXsy4oNl3WeM9osRQzuEkwDQYJKoZIhvcNAQEFBQAD
+ggEBAItlnRWi7nFbd9oahK06YNgkI6c3zPfWp3anaYOxZt+AakjI7IoV2YprNVWJ
+2RZ2KA7rM3xNO1i1/H6TcWpjIJy+zsejvyXjQbC9e+wy3hD7iqtCt4oWqzIg61NE
+u1j1u/r9/yozDEkOYv7XY+X5xNBCZ1YfbOwKltLdCWhk6MSK9xDUoeub0DyD3OIS
+4VBVfftsVaJA9vY9e62aSpysEU6VoJpoXVLv1pGeCMajF9d7umCs+daguugbUNMM
+FIfAll/9kcEG7FmpLaWA1qRpfTb8XZ6j/J0YrWAzyyCmLiQJRmhDDipi7PqAJBz6
+9aau5Lhfs4OYoKxgiw7WxOJldFo=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html
new file mode 100644
index 000000000..ef070b8eb
--- /dev/null
+++ b/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html
@@ -0,0 +1,846 @@
+<!DOCTYPE html>
+<html>
+<head>
+<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+
+ <!-- MOA-ID 2.x BKUSelection Layout CSS -->
+ <style type="text/css">
+ @media screen and (min-width: 650px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ text-align: center;
+ background-color: #6B7B8B;
+ }
+
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input{
+ font-size: 0.7em;
+ /*border-radius: 5px;*/
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.85em;
+ /*border-radius: 7px;*/
+ margin-bottom: 25px;
+ min-width: 80px;
+ }
+
+ #mandateLogin {
+ font-size: 0.85em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ }
+
+
+ #page {
+ display: block;
+ border: 2px solid rgb(0,0,0);
+ width: 650px;
+ height: 460px;
+ margin: 0 auto;
+ margin-top: 5%;
+ position: relative;
+ border-radius: 25px;
+ background: rgb(255,255,255);
+ }
+
+ #page1 {
+ text-align: center;
+ }
+
+ #main {
+ /* clear:both; */
+ position:relative;
+ margin: 0 auto;
+ width: 250px;
+ text-align: center;
+ }
+
+ .OA_header {
+ /* background-color: white;*/
+ font-size: 20pt;
+ margin-bottom: 25px;
+ margin-top: 25px;
+ }
+
+ #leftcontent {
+ /*float:left; */
+ width:250px;
+ margin-bottom: 25px;
+ text-align: left;
+ border: 1px solid rgb(0,0,0);
+ }
+
+ #selectArea {
+ font-size: 15px;
+ padding-bottom: 65px;
+ }
+
+ #leftcontent {
+ width: 300px;
+ margin-top: 30px;
+ }
+
+ #bku_header {
+ height: 5%;
+ padding-bottom: 3px;
+ padding-top: 3px;
+ }
+
+ #bkulogin {
+ overflow:hidden;
+ min-width: 190px;
+ min-height: 180px;
+ /*height: 260px;*/
+ }
+
+ h2#tabheader{
+ font-size: 1.1em;
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ }
+
+ #stork h2 {
+ font-size: 1.0em;
+ margin-bottom: 2%;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 100px;
+ height: 30px
+ }
+
+ #leftbutton {
+ width: 30%;
+ float:left;
+ margin-left: 40px;
+ }
+
+ #rightbutton {
+ width: 30%;
+ float:right;
+ margin-right: 45px;
+ text-align: right;
+ }
+
+ button {
+ height: 25px;
+ width: 75px;
+ margin-bottom: 10px;
+ }
+
+ #validation {
+ position: absolute;
+ bottom: 0px;
+ margin-left: 270px;
+ padding-bottom: 10px;
+ }
+
+ }
+
+ @media screen and (max-width: 205px) {
+ #localBKU p {
+ font-size: 0.6em;
+ }
+
+ #localBKU input {
+ font-size: 0.6em;
+ min-width: 60px;
+ /* max-width: 65px; */
+ min-height: 1.0em;
+ /* border-radius: 5px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.7em;
+ min-width: 55px;
+ /*min-height: 1.1em;
+ border-radius: 5px;*/
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.65em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ margin-top: -0.4em;
+ padding-top: 0.4em;
+ }
+
+ #bkulogin {
+ min-height: 150px;
+ }
+ }
+
+ @media screen and (max-width: 249px) and (min-width: 206px) {
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input {
+ font-size: 0.7em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ min-height: 0.95em;
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.75em;
+ min-width: 60px;
+ /* min-height: 0.95em;
+ border-radius: 6px; */
+ margin-bottom: 5%
+ }
+
+ #mandateLogin {
+ font-size: 0.75em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.9em;
+ margin-top: -0.45em;
+ padding-top: 0.45em;
+ }
+
+ #bkulogin {
+ min-height: 180px;
+ }
+ }
+
+ @media screen and (max-width: 299px) and (min-width: 250px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.85em;
+ /* min-height: 1.05em;
+ border-radius: 7px; */
+ margin-bottom: 10%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.0em;
+ margin-top: -0.50em;
+ padding-top: 0.50em;
+ }
+ }
+
+ @media screen and (max-width: 399px) and (min-width: 300px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 75px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 0.9em;
+ /* min-height: 1.2em;
+ border-radius: 8px; */
+ margin-bottom: 10%;
+ max-width: 80px;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.1em;
+ margin-top: -0.55em;
+ padding-top: 0.55em;
+ }
+ }
+
+ @media screen and (max-width: 649px) and (min-width: 400px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.8em;
+ min-width: 70px;
+ /* max-width: 80px; */
+ /* border-radius: 6px; */
+ }
+
+ #bkuselectionarea input[type=button] {
+ font-size: 1.0em;
+ /* min-height: 1.3em;
+ border-radius: 10px; */
+ margin-bottom: 10%;
+ max-width: 85px;
+ }
+
+ #mandateLogin {
+ font-size: 1.2em;
+ }
+
+ #bku_header h2 {
+ font-size: 1.3em;
+ margin-top: -0.65em;
+ padding-top: 0.65em;
+ }
+ }
+
+
+
+ @media screen and (max-width: 649px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ text-align: center;
+ font-size: 100%;
+ background-color: #MAIN_BACKGOUNDCOLOR#;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
+ display: none;
+ }
+
+ .OA_header {
+ margin-bottom: 0px;
+ margin-top: 0px;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ vertical-align: middle;
+ min-height: 173px;
+ min-width: 204px;
+
+ }
+
+ #bku_header {
+ height: 10%;
+ min-height: 1.2em;
+ margin-top: 1%;
+ }
+
+ h2#tabheader{
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ top: 50%;
+ }
+
+ #stork h2 {
+ font-size: 0.9em;
+ margin-bottom: 2%;
+ }
+
+ #bkulogin {
+ min-width: 190px;
+ min-height: 155px;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ input[type=button] {
+/* height: 11%; */
+ width: 70%;
+ }
+ }
+
+ * {
+ margin: 0;
+ padding: 0;
+ font-family: #FONTTYPE#;
+ }
+
+ #selectArea {
+ padding-top: 10px;
+ padding-bottom: 55px;
+ padding-left: 10px;
+ }
+
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ #leftbutton {
+ width: 35%;
+ float:left;
+ margin-left: 15px;
+ }
+
+ #rightbutton {
+ width: 35%;
+ float:right;
+ margin-right: 25px;
+ text-align: right;
+ }
+
+ #stork {
+ /*margin-bottom: 10px;*/
+ /* margin-top: 5px; */
+ }
+
+ #mandateLogin {
+ padding-bottom: 4%;
+ padding-top: 4%;
+ height: 10%;
+ position: relative;
+ text-align: center;
+ }
+
+ .verticalcenter {
+ vertical-align: middle;
+ }
+
+ #mandateLogin div {
+ clear: both;
+ margin-top: -1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkuselectionarea {
+ position: relative;
+ display: block;
+ }
+
+ #localBKU {
+ padding-left: 5%;
+ padding-right: 2%;
+ padding-bottom: 4%;
+ /*padding-top: 4%;*/
+ position: relative;
+ clear: both;
+ }
+
+ #bkukarte {
+ float:left;
+ text-align:center;
+ width:40%;
+ min-height: 70px;
+ padding-left: 5%;
+ padding-top: 2%;
+ }
+
+ #bkuhandy {
+ float:right;
+ text-align:center;
+ width:40%;
+ min-height: 90px;
+ padding-right: 5%;
+ padding-top: 2%;
+ }
+
+ .bkuimage {
+ width: 90%;
+ height: auto;
+ }
+
+ #mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+ }
+
+/* input[type=button], .sendButton {
+ background: #BUTTON_BACKGROUNDCOLOR#;
+ color: #BUTTON_COLOR#;
+/* border:1px solid #000; */
+/* cursor: pointer;
+/* box-shadow: 3px 3px 3px #222222; */
+/* }
+
+/* button:hover, button:focus, button:active,
+ .sendButton:hover , .sendButton:focus, .sendButton:active,
+ #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
+ background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
+ color: #BUTTON_COLOR#;
+/* border:1px solid #000; */
+/* cursor: pointer;
+/* box-shadow: -1px -1px 3px #222222; */
+/* }
+
+*/
+ input {
+ /*border:1px solid #000;*/
+ cursor: pointer;
+ }
+
+ #localBKU input {
+/* color: #BUTTON_COLOR#; */
+ border: 0px;
+ display: inline-block;
+
+ }
+
+ #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
+ text-decoration: underline;
+ }
+
+ #installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+ }
+
+ .selectText{
+
+ }
+
+ .selectTextHeader{
+
+ }
+
+ .sendButton {
+ width: 30%;
+ margin-bottom: 1%;
+ }
+
+ #leftcontent a {
+ text-decoration:none;
+ color: #000;
+ /* display:block;*/
+ padding:4px;
+ }
+
+ #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+ text-decoration:underline;
+ color: #000;
+ }
+
+ .infobutton {
+ background-color: #005a00;
+ color: white;
+ font-family: serif;
+ text-decoration: none;
+ padding-top: 2px;
+ padding-right: 4px;
+ padding-bottom: 2px;
+ padding-left: 4px;
+ font-weight: bold;
+ }
+
+ .hell {
+ background-color : #MAIN_BACKGOUNDCOLOR#;
+ color: #MAIN_COLOR#;
+ }
+
+ .dunkel {
+ background-color: #HEADER_BACKGROUNDCOLOR#;
+ color: #HEADER_COLOR#;
+ }
+
+ .main_header {
+ color: black;
+ font-size: 32pt;
+ position: absolute;
+ right: 10%;
+ top: 40px;
+
+ }
+
+ </style>
+<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
+<script type="text/javascript">
+ function isIE() {
+ return (/MSIE (\d+\.\d+);/.test(navigator.userAgent));
+ }
+ function isFullscreen() {
+ try {
+ return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height));
+ } catch (e) {
+ return false;
+ }
+ }
+ function isActivexEnabled() {
+ var supported = null;
+ try {
+ supported = !!new ActiveXObject("htmlfile");
+ } catch (e) {
+ supported = false;
+ }
+ return supported;
+ }
+ function isMetro() {
+ if (!isIE())
+ return false;
+ return !isActivexEnabled() && isFullscreen();
+ }
+ window.onload=function() {
+ document.getElementById("localBKU").style.display="block";
+ return;
+ }
+ function bkuLocalClicked() {
+ setMandateSelection();
+ }
+
+ function bkuOnlineClicked() {
+ if (isMetro())
+ document.getElementById("metroDetected").style.display="block";
+ document.getElementById("localBKU").style.display="block";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#ONLINE#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function bkuHandyClicked() {
+ document.getElementById("localBKU").style.display="none";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#HANDY#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function storkClicked() {
+ document.getElementById("localBKU").style.display="none";
+/* if (checkMandateSSO())
+ return; */
+
+ setMandateSelection();
+/* setSSOSelection(); */
+
+ var ccc = "AT";
+ var countrySelection = document.getElementById("cccSelection");
+ if (countrySelection != null) {
+ ccc = document.getElementById("cccSelection").value;
+ }
+ var iFrameURL = "#AUTH_URL#" + "?";
+ iFrameURL += "bkuURI=" + "#ONLINE#";
+ iFrameURL += "&useMandate=" + document.getElementById("useMandate").value;
+ iFrameURL += "&CCC=" + ccc;
+/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */
+ iFrameURL += "&MODUL=" + "#MODUL#";
+ iFrameURL += "&ACTION=" + "#ACTION#";
+ iFrameURL += "&MOASessionID=" + "#SESSIONID#";
+ generateIFrame(iFrameURL);
+ }
+ function generateIFrame(iFrameURL) {
+ var el = document.getElementById("bkulogin");
+ var width = el.clientWidth;
+ var heigth = el.clientHeight - 20;
+ var parent = el.parentNode;
+
+ iFrameURL += "&heigth=" + heigth;
+ iFrameURL += "&width=" + width;
+
+ var iframe = document.createElement("iframe");
+ iframe.setAttribute("src", iFrameURL);
+ iframe.setAttribute("width", el.clientWidth - 1);
+ iframe.setAttribute("height", el.clientHeight - 1);
+ iframe.setAttribute("frameborder", "0");
+ iframe.setAttribute("scrolling", "no");
+ iframe.setAttribute("title", "Login");
+ parent.replaceChild(iframe, el);
+ }
+ function setMandateSelection() {
+ document.getElementById("moaidform").action = "#AUTH_URL#";
+ document.getElementById("useMandate").value = "false";
+ var checkbox = document.getElementById("mandateCheckBox");
+ if (checkbox != null) {
+ if (document.getElementById("mandateCheckBox").checked) {
+ document.getElementById("useMandate").value = "true";
+ }
+ }
+ }
+ function onChangeChecks() {
+ if (top.innerWidth < 650) {
+ document.getElementById("moaidform").setAttribute("target","_parent");
+ } else {
+ document.getElementById("moaidform").removeAttribute("target");
+ }
+
+ }
+/* function setSSOSelection() {
+ document.getElementById("useSSO").value = "false";
+ var checkbox = document.getElementById("SSOCheckBox");
+ if (checkbox != null) {
+ if (document.getElementById("SSOCheckBox").checked) {
+ document.getElementById("useSSO").value = "true";
+ }
+ }
+ } */
+
+/* function checkMandateSSO() {
+ var sso = document.getElementById("SSOCheckBox");
+ var mandate = document.getElementById("mandateCheckBox");
+
+
+ if (sso.checked && mandate.checked) {
+ alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!")
+ mandate.checked = false;
+ sso.checked = false;
+ return true;
+ } else {
+ return false;
+ }
+ } */
+ </script>
+<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title>
+</head>
+<body onload="onChangeChecks();" onresize="onChangeChecks();">
+ <div id="page">
+ <div id="page1" class="case selected-case" role="main">
+ <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2>
+ <div id="main">
+ <div id="leftcontent" class="hell" role="application">
+ <div id="bku_header" class="dunkel">
+ <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2>
+ </div>
+ <div id="bkulogin" class="hell" role="form">
+ <div id="mandateLogin" style="">
+ <div>
+ <input tabindex="1" type="checkbox" name="Mandate"
+ id="mandateCheckBox" class="verticalcenter" role="checkbox"
+ onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#>
+ <label for="mandateCheckBox" class="verticalcenter">in
+ Vertretung anmelden</label>
+ <!--a href="info_mandates.html"
+ target="_blank"
+ class="infobutton verticalcenter"
+ tabindex="5">i</a-->
+ </div>
+ </div>
+ <div id="bkuselectionarea">
+ <div id="bkukarte">
+ <img class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png"
+ alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button"
+ onClick="bkuOnlineClicked();" tabindex="2" role="button"
+ value="Karte" />
+ </div>
+ <div id="bkuhandy">
+ <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png"
+ alt="HandyBKU" /> <input name="bkuButtonHandy" type="button"
+ onClick="bkuHandyClicked();" tabindex="3" role="button"
+ value="HANDY" />
+ </div>
+ </div>
+ <div id="localBKU">
+ <form method="get" id="moaidform" action="#AUTH_URL#"
+ class="verticalcenter" target="_parent">
+ <input type="hidden" name="bkuURI" value="#LOCAL#"> <input
+ type="hidden" name="useMandate" id="useMandate"> <input
+ type="hidden" name="SSO" id="useSSO"> <input
+ type="hidden" name="CCC" id="ccc"> <input type="hidden"
+ name="MODUL" value="#MODUL#"> <input type="hidden"
+ name="ACTION" value="#ACTION#"> <input type="hidden"
+ name="MOASessionID" value="#SESSIONID#">
+ <input type="submit" value=">lokale Bürgerkartenumgebung" tabindex="4"
+ role="button" class="hell"
+ onclick="setMandateSelection();"
+ >
+ <!--p>
+ <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
+ </p-->
+ </form>
+ </div>
+
+ <div id="stork" align="center" style="#STORKVISIBLE#">
+ <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
+ <p>
+ <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" >
+ #PEPSLIST#
+ </select>
+ <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button>
+ <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
+ </p>
+ </div>
+
+ <div id="metroDetected" style="display: none">
+ <p>Anscheinend verwenden Sie Internet Explorer im
+ Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den
+ Optionen um die Karten-Anmeldung starten zu können.</p>
+ </div>
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="validation">
+ <a href="http://validator.w3.org/check?uri="> <img
+ style="border: 0; width: 88px; height: 31px"
+ src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" />
+ </a> <a href="http://jigsaw.w3.org/css-validator/"> <img
+ style="border: 0; width: 88px; height: 31px"
+ src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ alt="CSS ist valide!" />
+ </a>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html
new file mode 100644
index 000000000..b80d654cc
--- /dev/null
+++ b/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html
@@ -0,0 +1,617 @@
+<!DOCTYPE html>
+<html>
+<head>
+ <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+ <!-- MOA-ID 2.x BKUSelection Layout CSS -->
+ <style type="text/css">
+ @media screen and (min-width: 650px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ text-align: center;
+ background-color: #6B7B8B;
+ }
+
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input{
+ font-size: 0.7em;
+ border-radius: 5px;
+ }
+
+ #bkuselectionarea button {
+ font-size: 0.85em;
+ border-radius: 7px;
+ margin-bottom: 25px;
+ }
+
+ #mandateLogin {
+ font-size: 0.85em;
+ }
+
+ #bku_header h2 {
+ font-size: 0.8em;
+ }
+
+
+ #page {
+ display: block;
+ border: 2px solid rgb(0,0,0);
+ width: 650px;
+ height: 440px;
+ margin: 0 auto;
+ margin-top: 5%;
+ position: relative;
+ border-radius: 25px;
+ background: rgb(255,255,255);
+ }
+
+ #page1 {
+ text-align: center;
+ }
+
+ #main {
+ /* clear:both; */
+ position:relative;
+ margin: 0 auto;
+ width: 250px;
+ text-align: center;
+ }
+
+ .OA_header {
+ /* background-color: white;*/
+ font-size: 20pt;
+ margin-bottom: 25px;
+ margin-top: 25px;
+ }
+
+ #leftcontent {
+ width: 300px;
+ margin-top: 30px;
+ padding-bottom: 15px;
+ margin-bottom: 25px;
+ text-align: left;
+ border: 1px solid rgb(0,0,0);
+ }
+
+ #selectArea {
+ font-size: 15px;
+ padding-bottom: 65px;
+ }
+
+ #selectArea h3 {
+ margin-bottom: 25px;
+ }
+
+ #bku_header {
+ height: 5%;
+ padding-bottom: 3px;
+ padding-top: 3px;
+ }
+
+ #bkulogin {
+ overflow:hidden;
+ min-width: 190px;
+ min-height: 180px;
+ /*height: 260px;*/
+ }
+
+ h2#tabheader{
+ font-size: 1.1em;
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ }
+
+ .setAssertionButton_full {
+ margin-top: 15px;
+ width: 100px;
+ height: 30px;
+ font-size: 1.3em;
+ min-height: 1.3em;
+/* border-radius: 10px;*/
+ }
+
+ #leftbutton {
+ width: 30%;
+ float:left;
+ margin-left: 40px;
+ }
+
+ #rightbutton {
+ width: 30%;
+ float:right;
+ margin-right: 45px;
+ text-align: right;
+ }
+
+ button {
+ height: 25px;
+ width: 90px;
+ margin-bottom: 10px;
+ }
+
+ #validation {
+ position: absolute;
+ bottom: 0px;
+ margin-left: 270px;
+ padding-bottom: 10px;
+ }
+
+ }
+
+ @media screen and (max-width: 205px) {
+ #localBKU p {
+ font-size: 0.6em;
+ }
+
+ #localBKU input {
+ font-size: 0.7em;
+ min-width: 70px;
+ min-height: 1.2em;
+ border-radius: 5px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 0.8em;
+ min-width: 65px;
+ min-height: 1.3em;
+ /* border-radius: 5px; */
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.65em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 0.8em;
+ margin-top: -0.4em;
+ }
+ }
+
+ @media screen and (max-width: 249px) and (min-width: 206px) {
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input {
+ font-size: 0.85em;
+ min-width: 80px;
+ min-height: 0.95em;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 0.85em;
+ min-width: 70px;
+ min-height: 0.95em;
+ /* border-radius: 6px; */
+ margin-bottom: 2%
+ }
+
+ #mandateLogin {
+ font-size: 0.75em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 0.9em;
+ margin-top: -0.45em;
+ }
+ }
+
+ @media screen and (max-width: 299px) and (min-width: 250px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.0em;
+ min-height: 1.05em;
+ /* border-radius: 7px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.0em;
+ margin-top: -0.50em;
+ }
+ }
+
+ @media screen and (max-width: 399px) and (min-width: 300px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.1em;
+ min-height: 1.2em;
+ /* border-radius: 8px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.1em;
+ margin-top: -0.55em;
+ }
+ }
+
+ @media screen and (max-width: 649px) and (min-width: 400px) {
+ #localBKU p {
+ font-size: 0.9em;
+ }
+
+ #localBKU input {
+ font-size: 0.9em;
+ min-width: 100px;
+ border-radius: 6px;
+ }
+
+ #bkuselectionarea button, .setAssertionButton_full {
+ font-size: 1.3em;
+ min-height: 1.3em;
+/* border-radius: 10px; */
+ margin-bottom: 5%;
+ }
+
+ #mandateLogin {
+ font-size: 1.2em;
+ }
+
+ #bku_header h2, #selectArea h3 {
+ font-size: 1.3em;
+ margin-top: -0.65em;
+ }
+ }
+
+
+
+ @media screen and (max-width: 649px) {
+
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ text-align: center;
+ font-size: 100%;
+ background-color: #MAIN_BACKGOUNDCOLOR#;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
+ display: none;
+ }
+
+ .OA_header {
+ margin-bottom: 0px;
+ margin-top: 0px;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #leftcontent {
+ visibility: visible;
+ margin-bottom: 0px;
+ text-align: left;
+ border:none;
+ min-width: 190px;
+/* min-height: 190px; */
+ vertical-align: middle;
+
+ }
+
+ #bku_header {
+ height: 10%;
+ min-height: 1.2em;
+ margin-top: 1%;
+ }
+
+ h2#tabheader{
+ padding-left: 2%;
+ padding-right: 2%;
+ padding-top: 1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkulogin {
+ min-width: 190px;
+ min-height: 150px;
+ }
+
+ .setAssertionButton_full {
+ margin-top: 15px;
+ width: 70%;
+ height: 11%;
+ min-width: 60px;
+ min-height: 25px;
+ }
+
+ #selectArea h3 {
+ margin-top: 2%;
+ }
+
+ button {
+ height: 11%;
+ width: 70%;
+ }
+ }
+
+ * {
+ margin: 0;
+ padding: 0;
+/* border: 0; */
+ font-family: #FONTTYPE#;
+ }
+
+ #selectArea {
+ padding-top: 10px;
+ padding-bottom: 55px;
+ padding-left: 10px;
+ }
+
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ #leftbutton {
+ width: 35%;
+ float:left;
+ margin-left: 15px;
+ }
+
+ #rightbutton {
+ width: 35%;
+ float:right;
+ margin-right: 25px;
+ text-align: right;
+ }
+
+ #stork {
+ margin-bottom: 10px;
+ margin-top: 5px;
+ }
+
+ #mandateLogin {
+ padding-bottom: 2%;
+ padding-top: 2%;
+ height: 10%;
+ position: relative;
+ text-align: center;
+ }
+
+ .verticalcenter {
+ vertical-align: middle;
+ }
+
+ #mandateLogin > div {
+ clear: both;
+ margin-top: -1%;
+ position: relative;
+ top: 50%;
+ }
+
+ #bkuselectionarea {
+ position: relative;
+ display: block;
+ }
+
+ #localBKU {
+ padding-left: 5%;
+ padding-right: 2%;
+ padding-bottom: 2%;
+ position: relative;
+ clear: both;
+ }
+
+ #bkukarte {
+ float:left;
+ text-align:center;
+ width:40%;
+ min-height: 70px;
+ padding-left: 5%;
+ padding-top: 2%;
+ }
+
+ #bkuhandy {
+ float:right;
+ text-align:center;
+ width:40%;
+ min-height: 90px;
+ padding-right: 5%;
+ padding-top: 2%;
+ }
+
+ .bkuimage {
+ width: 90%;
+ height: auto;
+ }
+
+ #mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+ }
+
+ button, .sendButton {
+/* background: #BUTTON_BACKGROUNDCOLOR#;
+ color: #BUTTON_COLOR#; */
+ cursor: pointer;
+
+/* border:1px solid #000;
+ box-shadow: 3px 3px 3px #222222; */
+ }
+
+ button:hover, button:focus, button:active,
+ .sendButton:hover , .sendButton:focus, .sendButton:active,
+ #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
+/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#;
+ color: #BUTTON_COLOR#; */
+ cursor: pointer;
+
+/* border:1px solid #000;
+ box-shadow: -1px -1px 3px #222222; */
+ }
+
+ #installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+ }
+
+ .selectText{
+
+ }
+
+ .selectTextHeader{
+
+ }
+
+ #leftcontent a {
+ text-decoration:none;
+ color: #000;
+ /* display:block;*/
+ padding:4px;
+ }
+
+ #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+ text-decoration:underline;
+ color: #000;
+ }
+
+ .infobutton {
+ background-color: #005a00;
+ color: white;
+ font-family: serif;
+ text-decoration: none;
+ padding-top: 2px;
+ padding-right: 4px;
+ padding-bottom: 2px;
+ padding-left: 4px;
+ font-weight: bold;
+ }
+
+ .hell {
+ background-color : #MAIN_BACKGOUNDCOLOR#;
+ color: #MAIN_COLOR#;
+ }
+
+ .dunkel {
+ background-color: #HEADER_BACKGROUNDCOLOR#;
+ color: #HEADER_COLOR#;
+ }
+
+ .main_header {
+ color: black;
+ font-size: 32pt;
+ position: absolute;
+ right: 10%;
+ top: 40px;
+
+ }
+
+ </style>
+
+
+ <title>Anmeldung an Online-Applikation</title>
+</head>
+
+
+<body>
+ <div id="page">
+
+ <div id="page1" class="case selected-case" role="main">
+
+<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> -->
+
+ <div id="main">
+ <div id="leftcontent" class="hell">
+ <div id="bku_header" class="dunkel">
+ <h2 id="tabheader" class="dunkel" role="heading">
+ Anmeldeinformationen:
+ </h2>
+ </div>
+
+ <div id="selectArea" class="hell" role="application">
+ <h3>Anmeldung an: #OAName#</h3>
+
+<!-- <div class="hell"> -->
+ <div id="leftbutton">
+ <form method="post" id="moaidform_yes" action="#URL#">
+ <input type="hidden" name="value" value="true">
+ <input type="hidden" name="mod" value="#MODUL#">
+ <input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
+ <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button">
+ </form>
+ </div>
+ <div id="rightbutton">
+ <form method="post" id="moaidform_no" action="#URL#">
+ <input type="hidden" name="value" value="false">
+ <input type="hidden" name="mod" value="#MODUL#">
+ <input type="hidden" name="action" value="#ACTION#">
+ <input type="hidden" name="identifier" value="#ID#">
+ <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button">
+ </form>
+ </div>
+
+ </div>
+ </div>
+ </div>
+ </div>
+ <div id="validation">
+ <a href="http://validator.w3.org/check?uri=">
+ <img style="border:0;width:88px;height:31px"
+ src="#CONTEXTPATH#/img/valid-html5-blue.png"
+ alt="HTML5 ist valide!" />
+ </a>
+ <a href="http://jigsaw.w3.org/css-validator/">
+ <img style="border:0;width:88px;height:31px"
+ src="http://jigsaw.w3.org/css-validator/images/vcss-blue"
+ alt="CSS ist valide!" />
+ </a>
+ </div>
+ </div>
+</body>
+</html>
diff --git a/id/server/doc/conf/moa-id/keys/assertion.crt b/id/server/doc/conf/moa-id/keys/assertion.crt
new file mode 100644
index 000000000..aa4e23cb1
--- /dev/null
+++ b/id/server/doc/conf/moa-id/keys/assertion.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0
+MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV
+BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0
+ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts
+2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y
++4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8
+upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn
+SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9
+8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O
+BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3
+EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T
+dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD
+ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ
+KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl
+DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b
+crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60
+LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3
+0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5
+ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/encryption.crt b/id/server/doc/conf/moa-id/keys/encryption.crt
new file mode 100644
index 000000000..c9d94f9b6
--- /dev/null
+++ b/id/server/doc/conf/moa-id/keys/encryption.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0
+MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t
+ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD
+VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
+qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull
+TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL
+HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb
+OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa
+aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i
+h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz
+zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe
+pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT
+GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ
+AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf
+lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf
+C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh
+3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB
+Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8
+lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi
+LYiLYskPglktuck=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/metadata.crt b/id/server/doc/conf/moa-id/keys/metadata.crt
new file mode 100644
index 000000000..bd9640b37
--- /dev/null
+++ b/id/server/doc/conf/moa-id/keys/metadata.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV
+BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX
+aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw
+MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE
+CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk
+MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD
+ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x
+tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY
+O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh
+zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS
+ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW
+BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw
+ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh
+dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ
+TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI
+hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M
++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0
+p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA
+oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv
+tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/
+Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI=
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 b/id/server/doc/conf/moa-id/keys/moa_idp[password].p12
new file mode 100644
index 000000000..78cab1e89
--- /dev/null
+++ b/id/server/doc/conf/moa-id/keys/moa_idp[password].p12
Binary files differ
diff --git a/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks b/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks
new file mode 100644
index 000000000..8196ab319
--- /dev/null
+++ b/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks
Binary files differ
diff --git a/id/server/doc/conf/moa-id/log4j.properties b/id/server/doc/conf/moa-id/log4j.properties
new file mode 100644
index 000000000..310b58a3d
--- /dev/null
+++ b/id/server/doc/conf/moa-id/log4j.properties
@@ -0,0 +1,27 @@
+# commons-logging setup
+org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory
+
+# define log4j root loggers
+log4j.rootLogger=info, stdout, R
+log4j.logger.at.gv.egovernment.moa=info
+log4j.logger.at.gv.egovernment.moa.spss=info
+log4j.logger.iaik.server=info
+log4j.logger.at.gv.egovernment.moa.id=info
+log4j.logger.at.gv.egovernment.moa.id.proxy=info
+log4j.logger.eu.stork=info
+log4j.logger.org.hibernate=warn
+
+# configure the stdout appender
+log4j.appender.stdout=org.apache.log4j.ConsoleAppender
+log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
+#log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n
+log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20.20c | %10t | %m%n
+
+# configure the rolling file appender (R)
+log4j.appender.R=org.apache.log4j.RollingFileAppender
+log4j.appender.R.File=${catalina.base}/logs/moa-id.log
+log4j.appender.R.MaxFileSize=10000KB
+log4j.appender.R.MaxBackupIndex=1
+log4j.appender.R.layout=org.apache.log4j.PatternLayout
+log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n
+
diff --git a/id/server/doc/conf/moa-id/moa-id.properties b/id/server/doc/conf/moa-id/moa-id.properties
new file mode 100644
index 000000000..bf9cf84d0
--- /dev/null
+++ b/id/server/doc/conf/moa-id/moa-id.properties
@@ -0,0 +1,117 @@
+##General MOA-ID 2.0 Configuration
+
+#MOA-ID 2.0 XML configuration files (necessary, if inmemory database is used)
+#configuration.xml=$PATH_TO_CONFIG$/conf/moa-id/MOAIDConfiguration-2.0.xml
+
+##For Testing
+configuration.validation.certificate.QC.ignore=false
+protocols.pvp2.assertion.encryption.active=false
+
+##General MOA-ID 2.0 operations
+#MOA-ID 2.0 session information encryption key (PassPhrase)
+configuration.moasession.key=SessionEncryptionKey
+
+#MOA-ID 2.0 Monitoring Servlet
+configuration.monitoring.active=false
+configuration.monitoring.message.success=All Tests passed!
+configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/monitoring/monitoring_idl.xml
+
+#MOA-ID 2.0 Advanced Logging
+configuration.advancedlogging.active=false
+
+##Webservice Client Configuration
+#MOA-SP webservice
+#service.moasp.acceptedServerCertificates=
+#service.moasp.clientKeyStore=
+#service.moasp.clientKeyStorePassword=
+
+#Online mandates webservice (MIS)
+service.onlinemandates.acceptedServerCertificates=
+service.onlinemandates.clientKeyStore=keys/....
+service.onlinemandates.clientKeyStorePassword=
+
+#Foreign Identities (SZRGW)
+service.foreignidentities.acceptedServerCertificates=
+service.foreignidentities.clientKeyStore=keys/....
+service.foreignidentities.clientKeyStorePassword=
+
+
+##Protocol configuration##
+#PVP2
+protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12
+protocols.pvp2.idp.ks.kspassword=password
+protocols.pvp2.idp.ks.metadata.alias=pvp_metadata
+protocols.pvp2.idp.ks.metadata.keypassword=password
+protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion
+protocols.pvp2.idp.ks.assertion.sign.keypassword=password
+
+#OpenID connect (OAuth)
+protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12
+protocols.oauth20.jwt.ks.password=password
+protocols.oauth20.jwt.ks.key.name=oauth
+protocols.oauth20.jwt.ks.key.password=password
+
+##Database configuration##
+#Hibnerate configuration for MOA-ID 2.0 session store
+moasession.hibernate.dialect=org.hibernate.dialect.MySQLDialect
+moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8
+moasession.hibernate.connection.charSet=utf-8
+moasession.hibernate.connection.driver_class=com.mysql.jdbc.Driver
+moasession.hibernate.connection.username=
+moasession.hibernate.connection.password=
+
+moasession.hibernate.hbm2ddl.auto=update
+moasession.hibernate.current_session_context_class=thread
+moasession.hibernate.transaction.flush_before_completion=true
+moasession.hibernate.transaction.auto_close_session=true
+moasession.hibernate.show_sql=false
+moasession.hibernate.format_sql=true
+moasession.hibernate.c3p0.acquire_increment=3
+moasession.hibernate.c3p0.idle_test_period=60
+moasession.hibernate.c3p0.timeout=60
+moasession.hibernate.c3p0.max_size=20
+moasession.hibernate.c3p0.max_statements=0
+moasession.hibernate.c3p0.min_size=3
+
+#Hibnerate configuration for MOA-ID 2.0 configuration
+configuration.hibernate.dialect=org.hibernate.dialect.MySQLDialect
+configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true
+configuration.hibernate.connection.charSet=utf-8
+configuration.hibernate.connection.driver_class=com.mysql.jdbc.Driver
+configuration.hibernate.connection.username=
+configuration.hibernate.connection.password=
+
+configuration.hibernate.hbm2ddl.auto=update
+configuration.hibernate.current_session_context_class=thread
+configuration.hibernate.transaction.auto_close_session=true
+configuration.hibernate.show_sql=false
+configuration.hibernate.format_sql=true
+configuration.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider
+configuration.hibernate.c3p0.acquire_increment=3
+configuration.hibernate.c3p0.idle_test_period=60
+configuration.hibernate.c3p0.timeout=300
+configuration.hibernate.c3p0.max_size=20
+configuration.hibernate.c3p0.max_statements=0
+configuration.hibernate.c3p0.min_size=3
+
+#
+#Hibnerate configuration for MOA-ID 2.0 advanced statistic logging
+advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQLDialect
+advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true
+advancedlogging.hibernate.connection.charSet=utf-8
+advancedlogging.hibernate.connection.driver_class=com.mysql.jdbc.Driver
+advancedlogging.hibernate.connection.username=
+advancedlogging.hibernate.connection.password=
+
+advancedlogging.hibernate.hbm2ddl.auto=update
+advancedlogging.hibernate.current_session_context_class=thread
+advancedlogging.hibernate.transaction.auto_close_session=true
+advancedlogging.hibernate.show_sql=false
+advancedlogging.hibernate.format_sql=true
+advancedlogging.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider
+advancedlogging.hibernate.c3p0.acquire_increment=3
+advancedlogging.hibernate.c3p0.idle_test_period=60
+advancedlogging.hibernate.c3p0.timeout=300
+advancedlogging.hibernate.c3p0.max_size=20
+advancedlogging.hibernate.c3p0.max_statements=0
+advancedlogging.hibernate.c3p0.min_size=3
diff --git a/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt b/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt
new file mode 100644
index 000000000..7c3252dcb
--- /dev/null
+++ b/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt
@@ -0,0 +1,18 @@
+-----BEGIN CERTIFICATE-----
+MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL
+BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN
+MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG
+A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y
+/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD
+31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa
+Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN
+QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5
+bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA
+ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj
+COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS
+QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ
+ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V
+GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA
+RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw==
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml b/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml
new file mode 100644
index 000000000..6a0602c04
--- /dev/null
+++ b/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml
@@ -0,0 +1,87 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID13456264458587874" IssueInstant="2012-08-22T11:07:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person si:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value>
+ <pr:Type>urn:publicid:gv.at:baseid</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>XXXRúùd</pr:GivenName>
+ <pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1969-02-13</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <ecdsa:ECDSAKeyValue>
+ <ecdsa:DomainParameters>
+ <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/>
+ </ecdsa:DomainParameters>
+ <ecdsa:PublicKey>
+ <ecdsa:X Value="22280299907126338788314199678167217078072953115254374209747379168424021905237" si:type="ecdsa:PrimeFieldElemType"/>
+ <ecdsa:Y Value="40387096985250872237992703378062984723606079359080588656963239072881568409170" si:type="ecdsa:PrimeFieldElemType"/>
+ </ecdsa:PublicKey>
+ </ecdsa:ECDSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/
+t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm
+P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg
+gaM2EyuB1HxH8/+Mfqa4UgeqIH65</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ <dsig:Signature>
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>s/7GYPVfkHIvy5RcB5QRnXVSWwo=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>LSsx2zO/XyJ9RCEcChmQ2+251PtaFz07sBw1DBw0Eui4mjRRMSaKXxD0GoQDRzvQQNYusLNqpGiixscBIb4XcR8ipSjZVPnH2E19o/O2fz2uFDWnlCHEhhG8OMNT2XzS6lZtMSSzVcAJINLBlz6DKG63+NhClb+1lUHoLa5CpwYDW/guVKLng8PNElBY5mw3GOSL8PskFsYK+bnRUAvvgGigm3XLtlZ4QQWDsGBNgJxW0boAm5vei+YVHVxrkL2YDkdvGUmD+RjzwZx8fxlfN4ajR00Q5mNc0xQtaL/g+vKdL6EeegZAKPZ/jrEpN0RZfuxPaAmt4t0Jav51mTKa4w==</dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:KeyValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>lJAFH5vcqZFSSU72WZDNW1YJjhj+YjcVHkmZrmGOiyYpoV8usTHClcxkikMWWNQu0XX6k5qWfrquWpEE6/OSEm9jnEPfUYQbVdGLqtbEsY5uZO4bZl5KHcqk85F5TKuStDZQVASjli1z8L8B3e9Al3DeE9oqiLRSzODJ/drVEPxvYR7CphfE8cyiu1LNumD1xnsFiDb6IAXZZuACZTHQqnsa981Cc8xZm27QT+kESflApzpRmbUXQpH9Wr/KYN0Q+Vf7jbrUCTbqXIklyfQFFGCuQrltx5379K/HNc1p7Td49LHir2DhUtnD6PbyUimTWeAfxXwQCPNAM4HO9BDqOw==</dsig:Modulus>
+ <dsig:Exponent>AAEAAQ==</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </dsig:KeyValue>
+ <dsig:X509Data>
+ <dsig:X509Certificate>MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL
+BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN
+MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG
+A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw
+DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y
+/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD
+31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa
+Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN
+QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5
+bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA
+ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj
+COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS
+QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ
+ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V
+GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA
+RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw==</dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ </dsig:Signature>
+</saml:Assertion>
diff --git a/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml
new file mode 100644
index 000000000..fc99cea79
--- /dev/null
+++ b/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
+<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <LoginType>stateless</LoginType>
+ <BasicAuth>
+ <UserID>MOAFamilyName</UserID>
+ <Password>MOAGivenName</Password>
+ </BasicAuth>
+</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml
new file mode 100644
index 000000000..4d34c3646
--- /dev/null
+++ b/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Header Authentication zur Uebergabe der Parameter verwendet -->
+<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <LoginType>stateless</LoginType>
+ <HeaderAuth>
+ <!-- zusaetzlicher Header GivenName -->
+ <Header Name="X-MOAParameterGivenName" Value="MOAGivenName"></Header>
+ <Header Name="X-MOAParameterFamilyName" Value="MOAFamilyName"></Header>
+ </HeaderAuth>
+</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml
new file mode 100644
index 000000000..979faca95
--- /dev/null
+++ b/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Parameter Authentication verwendet -->
+<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <LoginType>stateless</LoginType>
+ <ParamAuth>
+ <!-- URL Parameter GivenName und FamilyName -->
+ <Parameter Name="GivenName" Value="MOAGivenName"></Parameter>
+ <Parameter Name="FamilyName" Value="MOAFamilyName"></Parameter>
+ </ParamAuth>
+</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml
new file mode 100644
index 000000000..edbfe7aa5
--- /dev/null
+++ b/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Demokonfiguration fuer Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
+<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <LoginType>stateless</LoginType>
+ <BasicAuth>
+ <UserID>MOAFamilyName</UserID>
+ <Password>MOAGivenName</Password>
+ </BasicAuth>
+</Configuration>
diff --git a/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml
new file mode 100644
index 000000000..2cff3bd67
--- /dev/null
+++ b/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml
@@ -0,0 +1,9 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet -->
+<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <LoginType>stateless</LoginType>
+ <BasicAuth>
+ <UserID>MOAWBPK</UserID>
+ <Password>MOAGivenName</Password>
+ </BasicAuth>
+</Configuration>
diff --git a/id/server/doc/conf/moa-id/stork/SamlEngine.xml b/id/server/doc/conf/moa-id/stork/SamlEngine.xml
new file mode 100644
index 000000000..166a48ff8
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/SamlEngine.xml
@@ -0,0 +1,70 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<instances>
+
+
+ <!-- Configuration name-->
+ <instance name="outgoing">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" />
+ </configuration>
+
+ <!-- Settings module signature-->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_outgoing.xml" />
+ </configuration>
+ </instance>
+
+ <instance name="incoming">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_incoming.xml" />
+ </configuration>
+
+ <!-- Settings module signature-->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
+ </configuration>
+ </instance>
+
+
+ <instance name="incoming_attr">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_incoming_attr.xml" />
+ </configuration>
+
+ <!-- Settings module signature-->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_incoming_attr.xml" />
+ </configuration>
+ </instance>
+
+
+ <instance name="VIDP">
+ <!-- Configurations parameters StorkSamlEngine -->
+ <configuration name="SamlEngineConf">
+ <parameter name="fileConfiguration" value="StorkSamlEngine_VIDP.xml" />
+ </configuration>
+
+ <!-- Settings module signature-->
+ <configuration name="SignatureConf">
+ <!-- Specific signature module -->
+ <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" />
+ <!-- Settings specific module -->
+ <parameter name="fileConfiguration" value="SignModule_incoming.xml" />
+ </configuration>
+ </instance>
+
+
+
+</instances>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml
new file mode 100644
index 000000000..68b15e667
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml
new file mode 100644
index 000000000..68b15e667
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties>
diff --git a/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml b/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml
new file mode 100644
index 000000000..7139c5a41
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml
@@ -0,0 +1,12 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SWModule sign with JKS.</comment>
+ <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry>
+ <entry key="keyStorePassword">local-demo</entry>
+ <entry key="keyPassword">local-demo</entry>
+ <entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry>
+ <entry key="serialNumber">4BA89DB2</entry>
+ <entry key="keystoreType">JKS</entry>
+</properties> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
new file mode 100644
index 000000000..83e69ac23
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
+</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml
new file mode 100644
index 000000000..83e69ac23
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
+</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
new file mode 100644
index 000000000..83e69ac23
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
+</properties>
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml
new file mode 100644
index 000000000..b095b9e7e
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+
+<properties>
+ <comment>SAML constants for AuthnRequests and Responses.</comment>
+
+ <!--
+ Types of consent obtained from the user for this authentication and
+ data transfer.
+ Allow values: 'unspecified'.
+ -->
+ <entry key="consentAuthnRequest">unspecified</entry>
+
+ <!--
+ Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'.
+ -->
+ <entry key="consentAuthnResponse">obtained</entry>
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ -->
+ <entry key="formatEntity">entity</entry>
+
+ <!--Only HTTP-POST binding is only supported for inter PEPS-->
+ <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
+ <entry key="protocolBinding">HTTP-POST</entry>
+
+
+
+
+ <!--URI representing the classification of the identifier
+ Allow values: 'entity'.
+ <entry key="eIDSectorShare">true</entry>
+ <entry key="eIDCrossSectorShare">true</entry>
+ <entry key="eIDCrossBorderShare">true</entry>
+ -->
+
+
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="friendlyName">false</entry>
+
+ <!-- A friendly name for the attribute that can be displayed to a user -->
+ <entry key="isRequired">true</entry>
+
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">http://S-PEPS.gov.xx</entry>
+
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">http://C-PEPS.gov.xx</entry>
+
+ <!--Subject cannot be confirmed on or after this seconds time (positive number)-->
+ <entry key="timeNotOnOrAfter">300</entry>
+
+ <!--Validation IP of the response-->
+ <entry key="ipAddrValidation">false</entry>
+
+
+ <!--Subject Attribute Definitions-->
+ <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
+ <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry>
+ <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry>
+ <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry>
+ <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry>
+ <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry>
+ <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry>
+ <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry>
+ <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry>
+ <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry>
+ <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry>
+ <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry>
+ <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry>
+ <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
+ <entry key="age">http://www.stork.gov.eu/1.0/age</entry>
+ <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
+ <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
+
+ <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
+ <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
+
+ <entry key="title">http://www.stork.gov.eu/1.0/title</entry>
+ <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry>
+
+ <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry>
+ <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry>
+
+ <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
+ <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
+</properties> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks
new file mode 100644
index 000000000..f9baad202
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks
Binary files differ
diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks
new file mode 100644
index 000000000..efaeac86c
--- /dev/null
+++ b/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks
Binary files differ
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml
new file mode 100644
index 000000000..1165d8b32
--- /dev/null
+++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+ <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+ <xsl:output method="xml" xml:space="default"/>
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html>
+ <head>
+ <title>Signatur der Anmeldedaten</title>
+ <style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style>
+ </head>
+ <body>
+ <h4 class="h4style">Anmeldedaten:</h4>
+ <p class="titlestyle">Daten zur Person</p>
+ <table class="parameters">
+ <xsl:if test="normalize-space(//@Issuer)">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+ <tr>
+ <td class="italicstyle">Geburtsdatum:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">Rolle:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">Vollmacht:</td>
+ <td class="normalstyle">
+ <xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
+ </td>
+ </tr>
+ </xsl:if>
+ </table>
+ <p class="titlestyle">Daten zur Anwendung</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Staat:</td>
+ <td class="normalstyle">Österreich</td>
+ </tr>
+ </table>
+ <p class="titlestyle">Technische Parameter</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">URL:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+ <tr>
+ <td class="italicstyle">Bereich:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">
+ Vollmachten-Referenz:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+ <tr>
+ <td class="italicstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+ <tr>
+ <td class="italicstyle">Identifikator:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">OID:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+ <tr>
+ <td class="italicstyle">HPI:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <tr>
+ <td class="italicstyle">Datum:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Uhrzeit:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </td>
+ </tr>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+ <sl10:FinalDataMetaInfo>
+ <sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+ </sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
new file mode 100644
index 000000000..e225ca6e0
--- /dev/null
+++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml
@@ -0,0 +1,7 @@
+<sl10:TransformsInfo><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
+ Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><sl10:FinalDataMetaInfo><sl10:MimeType>application/xhtml+xml</sl10:MimeType></sl10:FinalDataMetaInfo></sl10:TransformsInfo> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml
new file mode 100644
index 000000000..e220b8f82
--- /dev/null
+++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml
@@ -0,0 +1,161 @@
+<sl10:TransformsInfo>
+ <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+ <xsl:output method="xml" xml:space="default"/>
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html>
+ <head>
+ <title>Signing the authentication data</title>
+ <style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style>
+ </head>
+ <body>
+ <h4 class="h4style">Authentication Data:</h4>
+ <p class="titlestyle">Personal Data</p>
+ <table class="parameters">
+ <xsl:if test="normalize-space(//@Issuer)">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+ <tr>
+ <td class="italicstyle">Date of Birth:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">Role:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">Mandate:</td>
+ <td class="normalstyle">
+ <xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
+ </td>
+ </tr>
+ </xsl:if>
+ </table>
+ <p class="titlestyle">Application Data</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Country:</td>
+ <td class="normalstyle">Austria</td>
+ </tr>
+ </table>
+ <p class="titlestyle">Technical Parameters</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">URL:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+ <tr>
+ <td class="italicstyle">Sector:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">
+ Mandate Reference:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+ <tr>
+ <td class="italicstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+ <tr>
+ <td class="italicstyle">Identifier:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">OID:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+ <tr>
+ <td class="italicstyle">HPI:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <tr>
+ <td class="italicstyle">Date:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Time:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </td>
+ </tr>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+ <sl10:FinalDataMetaInfo>
+ <sl10:MimeType>application/xhtml+xml</sl10:MimeType>
+ </sl10:FinalDataMetaInfo>
+</sl10:TransformsInfo>
diff --git a/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml b/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml
new file mode 100644
index 000000000..14acd54f2
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/SampleMOASPSSConfiguration.xml
@@ -0,0 +1,83 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--MOA SPSS 1.3 Configuration File created by MOA SPSS Configuration Mapper-->
+<cfg:MOAConfiguration xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <cfg:SignatureVerification>
+ <cfg:CertificateValidation>
+ <cfg:PathConstruction>
+ <cfg:AutoAddCertificates>true</cfg:AutoAddCertificates>
+ <cfg:UseAuthorityInformationAccess>true</cfg:UseAuthorityInformationAccess>
+ <cfg:CertificateStore>
+ <cfg:DirectoryStore>
+ <cfg:Location>certstore</cfg:Location>
+ </cfg:DirectoryStore>
+ </cfg:CertificateStore>
+ </cfg:PathConstruction>
+ <cfg:PathValidation>
+ <cfg:ChainingMode>
+ <cfg:DefaultMode>pkix</cfg:DefaultMode>
+ <cfg:TrustAnchor>
+ <cfg:Identification>
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </cfg:Identification>
+ <cfg:Mode>chaining</cfg:Mode>
+ </cfg:TrustAnchor>
+ </cfg:ChainingMode>
+ <cfg:TrustProfile>
+ <cfg:Id>MOAIDBuergerkartePersonenbindung</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>MOAIDBuergerkarteAuthentisierungsDaten</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>C-PEPS-Test</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/C-PEPS-Test</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>C-PEPS</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/C-PEPS</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
+ </cfg:PathValidation>
+ <cfg:RevocationChecking>
+ <cfg:EnableChecking>true</cfg:EnableChecking>
+ <cfg:MaxRevocationAge>0</cfg:MaxRevocationAge>
+ <cfg:ServiceOrder>
+ <cfg:Service>CRL</cfg:Service>
+ <cfg:Service>OCSP</cfg:Service>
+ </cfg:ServiceOrder>
+ <cfg:Archiving>
+ <cfg:EnableArchiving>false</cfg:EnableArchiving>
+ <cfg:ArchiveDuration>365</cfg:ArchiveDuration>
+ <cfg:Archive>
+ <cfg:DatabaseArchive>
+ <cfg:JDBCURL>jdbc:url</cfg:JDBCURL>
+ <cfg:JDBCDriverClassName>fully.qualified.classname</cfg:JDBCDriverClassName>
+ </cfg:DatabaseArchive>
+ </cfg:Archive>
+ </cfg:Archiving>
+ </cfg:RevocationChecking>
+ </cfg:CertificateValidation>
+ <cfg:VerifyTransformsInfoProfile>
+ <cfg:Id>MOAIDTransformAuthBlockTable_DE_2.0</cfg:Id>
+ <cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml</cfg:Location>
+ </cfg:VerifyTransformsInfoProfile>
+ <cfg:VerifyTransformsInfoProfile>
+ <cfg:Id>MOAIDTransformAuthBlockTable_DE</cfg:Id>
+ <cfg:Location>profiles/MOAIDTransformAuthBlockTable_DE.xml</cfg:Location>
+ </cfg:VerifyTransformsInfoProfile>
+ <cfg:VerifyTransformsInfoProfile>
+ <cfg:Id>MOAIDTransformAuthBlockTable_EN</cfg:Id>
+ <cfg:Location>profiles/MOAIDTransformAuthBlockTable_EN.xml</cfg:Location>
+ </cfg:VerifyTransformsInfoProfile>
+ </cfg:SignatureVerification>
+</cfg:MOAConfiguration>
diff --git a/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201 b/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
new file mode 100644
index 000000000..592c96230
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/01540E2704537AA810D671E1C4106FD8821EB52A/C2556DADDF68A9EEF7F5C14A24CA33BCA930B201
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9 b/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
new file mode 100644
index 000000000..cac44093a
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/0A5C2C9276B649D088A86BD9FD97E2B95658481D/08CAE18D8CFF86144CB8FFD671B916CAAB8BD4E9
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330 b/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
new file mode 100644
index 000000000..32893db7f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/10D143E18C03A4A29F783D26F2F67E3B64C35CB0/BE9D654B0DE0F3CC53CA36703DD9D9049A5F9330
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2 b/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/238ACC1D03DA5A2E7E580D760FB3EE218FDC5A97/D3C063F219ED073E34AD5D750B327629FFD59AF2
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03 b/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
new file mode 100644
index 000000000..376d0753f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/31B5BA02D476873C5220CDCFA0C095C4A31DEFDF/88D6151358A5E3C81D7AE1A536121DC03011BC03
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317 b/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
new file mode 100644
index 000000000..73553b996
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/328AA897B7E6270202B2FC0889FF88D66BB41122/35A40EF932B1F23980E2C672FC939E91EEBD0317
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27 b/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
new file mode 100644
index 000000000..5171276f4
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/3314CE3E42175EACC28D57C35F192430BBADAC1A/B1D0BC027906A3B7E7518C93ACB26D978233ED27
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E b/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
new file mode 100644
index 000000000..3be7b6a06
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/47ED4C584F9DCD54A6C2925252C5603ADAC93F49/84E4E75DBB2FD6397E6ABBD27FBE16D5BA71923E
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C b/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
new file mode 100644
index 000000000..277b6083a
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/68AF646E90A6FF370230F64ACD4E8A4F12C03916/CA80A13D41116E24CB1479E970CDC1C030C5907C
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
new file mode 100644
index 000000000..ad13d7b28
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/7A2CFA69FCA284D4627012A7A55662594C803B2A
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
new file mode 100644
index 000000000..d361d919f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/6F5F08A3A5D59CA877CB146F00BB0264369B2304/ADEC5673B57A18F16EFAF75EEFBFAD4841E2CD2B
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22 b/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
new file mode 100644
index 000000000..a699436ca
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/88BBA52A5AF119284F03A7D0D1DA61934EE57A79/FE4F09F5D1A4AADE9232D9E2D6B9A2552BC48A22
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6 b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
new file mode 100644
index 000000000..36a442b89
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/679A4F81FC705DDEC419778DD2EBD875F4C242C6
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
new file mode 100644
index 000000000..54f809962
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/9014D44A2072A5D74E12C7FE47F37D68371E1C42/82096E6D9B1248321625323D52858642CB0B748E
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
new file mode 100644
index 000000000..3c7775b6e
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/D4D1370FD1D9EAA46412008FF3E59E114BCF724A
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
new file mode 100644
index 000000000..b6f39e354
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/DFA7DDEF5C212F0F0651E2A9DE1CE4A1AC63AF7A
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515 b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
new file mode 100644
index 000000000..f9fef65fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/E619D25B380B7B13FDA33E8A58CD82D8A88E0515
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92 b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
new file mode 100644
index 000000000..f9f27442b
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/A95F0C3FA54CA93E3D5BA61AD23459300FA498D6/F825578F8F5484DFB40F81867C392D6CB0012B92
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374 b/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
new file mode 100644
index 000000000..61a7ccb15
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/AC1B67D7D5A300767C0944ACE8458DD49960F1BD/4D523730501ADB80A76B0B473A4D21C7D86F8374
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914 b/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
new file mode 100644
index 000000000..911640d0e
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/AF03510E8BCAE72BB7C4E9D1910B4E12057075A4/7AC3EFA52DE27A930EC8754DB5E061476948E914
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/42EFDDE6BFF35ED0BAE6ACDD204C50AE86C4F4FA
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8 b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
new file mode 100644
index 000000000..01965769d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/BF375B55D8D7CFC31FD8E3FBF7B1981A91A1A6CA/51C01567BCB22968EF5A297B7EA84E195594E0E8
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29 b/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
new file mode 100644
index 000000000..afe6fdf09
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/CC93161E57C3898635E1D086008BD053F542457F/7D60E314AA6AEF548A614A9354C5068192051A29
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6 b/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
new file mode 100644
index 000000000..ebfbce9a0
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/E47BA33321A8A919414A123C91F5D253766AB078/698563ECEE29232C5304487D972310F86650C3A6
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
new file mode 100644
index 000000000..a699436ca
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/a-sign-SSL-03.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt b/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
new file mode 100644
index 000000000..ebfbce9a0
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/certstore/toBeAdded/atrust_OCSP_Responder_03-1.crt
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml
new file mode 100644
index 000000000..afeccd25f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE.xml
@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+ <xsl:output method="xml" xml:space="default"/>
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html>
+ <head>
+ <title>Signatur der Anmeldedaten</title>
+ <style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style>
+ </head>
+ <body>
+ <h4 class="h4style">Anmeldedaten:</h4>
+ <p class="titlestyle">Daten zur Person</p>
+ <table class="parameters">
+ <xsl:if test="normalize-space(//@Issuer)">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+ <tr>
+ <td class="italicstyle">Geburtsdatum:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">Rolle:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">Vollmacht:</td>
+ <td class="normalstyle">
+ <xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text>
+ </td>
+ </tr>
+ </xsl:if>
+ </table>
+ <p class="titlestyle">Daten zur Anwendung</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Staat:</td>
+ <td class="normalstyle">Österreich</td>
+ </tr>
+ </table>
+ <p class="titlestyle">Technische Parameter</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">URL:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+ <tr>
+ <td class="italicstyle">Bereich:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">
+ Vollmachten-Referenz:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+ <tr>
+ <td class="italicstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+ <tr>
+ <td class="italicstyle">Identifikator:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">OID:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+ <tr>
+ <td class="italicstyle">HPI:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <tr>
+ <td class="italicstyle">Datum:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Uhrzeit:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </td>
+ </tr>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+</VerifyTransformsInfoProfile>
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml
new file mode 100644
index 000000000..dc472efcb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_DE_2.0.xml
@@ -0,0 +1,7 @@
+<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#"><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">
+ Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms></VerifyTransformsInfoProfile> \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
new file mode 100644
index 000000000..1665254fd
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/profiles/MOAIDTransformAuthBlockTable_EN.xml
@@ -0,0 +1,159 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml">
+ <xsl:output method="xml" xml:space="default"/>
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html>
+ <head>
+ <title>Signing the authentication data</title>
+ <style type="text/css" media="screen">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style{ font-size: large; }
+ </style>
+ </head>
+ <body>
+ <h4 class="h4style">Authentication Data:</h4>
+ <p class="titlestyle">Personal Data</p>
+ <table class="parameters">
+ <xsl:if test="normalize-space(//@Issuer)">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)">
+ <tr>
+ <td class="italicstyle">Date of Birth:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">Role:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">Mandate:</td>
+ <td class="normalstyle">
+ <xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text>
+ </td>
+ </tr>
+ </xsl:if>
+ </table>
+ <p class="titlestyle">Application Data</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">Name:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Country:</td>
+ <td class="normalstyle">Austria</td>
+ </tr>
+ </table>
+ <p class="titlestyle">Technical Parameters</p>
+ <table class="parameters">
+ <tr>
+ <td class="italicstyle">URL:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']">
+ <tr>
+ <td class="italicstyle">Sector:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']">
+ <tr>
+ <td class="italicstyle">
+ Mandate Reference:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']">
+ <tr>
+ <td class="italicstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']">
+ <tr>
+ <td class="italicstyle">Identifier:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']">
+ <tr>
+ <td class="italicstyle">OID:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName='HPI']">
+ <tr>
+ <td class="italicstyle">HPI:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/>
+ </td>
+ </tr>
+ </xsl:if>
+ <tr>
+ <td class="italicstyle">Date:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,9,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,6,2)"/>
+ <xsl:text>.</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,1,4)"/>
+ </td>
+ </tr>
+ <tr>
+ <td class="italicstyle">Time:</td>
+ <td class="normalstyle">
+ <xsl:value-of select="substring(//@IssueInstant,12,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,15,2)"/>
+ <xsl:text>:</xsl:text>
+ <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </td>
+ </tr>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+</VerifyTransformsInfoProfile>
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der
new file mode 100644
index 000000000..1851527de
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1.der
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12 b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12
new file mode 100644
index 000000000..314cbc862
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer1/moa-ssl-kunde1[pwd=kunde1].p12
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore b/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore
new file mode 100644
index 000000000..bd9765a4c
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer1/trustedServers[pwd=servers].keystore
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der
new file mode 100644
index 000000000..f50aa4d68
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2.der
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12 b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12
new file mode 100644
index 000000000..e5820fdf2
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer2/moa-ssl-kunde2[pwd=kunde2].p12
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore b/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore
new file mode 100644
index 000000000..bd9765a4c
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/customer2/trustedServers[pwd=servers].keystore
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der b/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der
new file mode 100644
index 000000000..e0f78a82c
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/server/moa-ssl-server.der
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore b/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore
new file mode 100644
index 000000000..da42549d4
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/tomcat/tomcat[pwd=server].keystore
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore b/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore
new file mode 100644
index 000000000..bdc296cf4
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/sslKeys/tomcat/trustedClients[pwd=clients].keystore
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer
new file mode 100644
index 000000000..af1f5f4a3
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/ES_C-PEPS_Test.cer
@@ -0,0 +1,16 @@
+MIIDWDCCAkCgAwIBAAIETgGmXDANBgkqhkiG9w0BAQUFADBuMSYwJAYJKoZIhvcNAQkBFhdqYWxj
+YWxkZW1vcmFub0BpbmRyYS5lczELMAkGA1UEBhMCRVMxEDAOBgNVBAgMB0VzcGHDsWExDzANBgNV
+BAoTBm1wdC5lczEUMBIGA1UEAxMLODguODQuOTQuMjQwHhcNMTEwNjIyMDgyMjUyWhcNMTQwMzE4
+MDgyMjUyWjBuMSYwJAYJKoZIhvcNAQkBFhdqYWxjYWxkZW1vcmFub0BpbmRyYS5lczELMAkGA1UE
+BhMCRVMxEDAOBgNVBAgMB0VzcGHDsWExDzANBgNVBAoTBm1wdC5lczEUMBIGA1UEAxMLODguODQu
+OTQuMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCSNeKJi+dOYTy4s/7aL1AXRBj0
+BlPRgHUYknGMU/Aog09AqKz5WZ95926NpufBHVZ5XVKW42Fxfrpk2fnSaAORrk6affYgdfm8HXcd
+dCD9i4yQkLADKpe3Gi29YeBUNC+j+E+iJaxP2whuXsLCpkYcmfbvx6yQkiPa3VFtw7omfEgGe1LQ
+9+ZvNh36Z895rUP/vgoOKi6AjXed4OgOmtyKx9k7AwnG2w040pt1I6LErlbmxoxtk0/11ecaEjzU
+RhxKdCXTuV9jSH7hsnbM9qehLnZSoZqdTYJgxVGyzqpo3SUta13oTn/8ugpRAneoC86m+AA0xmNn
+XZRY4pPgqLjxAgMBAAEwDQYJKoZIhvcNAQEFBQADggEBABwRU7MLJcbm51fPQHtT+mypYslA4xFy
+zve7SyC2zCowFVZhnIwW19Cd0izGjfKPZZYS28N5EHmIQgxSNgJZi6693HINr0K5NPZd/jWRK46I
+uLK7je/K3oDUHnQXJ9xDkgRSDPZj/Wf0ZN+CDEAadhKopF5aJi8QyoYIsPxzn0p8SSgy5UsuKko6
+ov12x3B9O9mwM9HprO8FqzXbKdTaBgrZWVYOHPlD+cl9xSdrcZH347iwI6xEMtkASpXmxN9xLueE
+jI4eTuH148+Pzyr4iNIvfRQLY9iNJSmjoTJm0oKdGzKN0orSw/Ni53vpInziuR2FjYtQ4Zpf2why
+Ht0CXp0= \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer
new file mode 100644
index 000000000..e754cad52
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/IT_C-PEPS_Test.cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDcjCCAlqgAwIBAgIES8cgYjANBgkqhkiG9w0BAQUFADB7MSswKQYJKoZIhvcN
+AQkBFhx3ZWJtYXN0ZXJAc3R1ZGVudGkucG9saXRvLml0MQswCQYDVQQGEwJJVDEO
+MAwGA1UECgwFU1RPUksxDTALBgNVBAsMBFBFUFMxIDAeBgNVBAMMF2l0LXBlcHMt
+c3RvcmsucG9saXRvLml0MB4XDTEwMDQxNTE0MTkxNFoXDTM1MDQwOTE0MTkxNFow
+ezErMCkGCSqGSIb3DQEJARYcd2VibWFzdGVyQHN0dWRlbnRpLnBvbGl0by5pdDEL
+MAkGA1UEBhMCSVQxDjAMBgNVBAoMBVNUT1JLMQ0wCwYDVQQLDARQRVBTMSAwHgYD
+VQQDDBdpdC1wZXBzLXN0b3JrLnBvbGl0by5pdDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMtNR5qqszWjwl8TlGpYUPrglCCrEZQSQYnekPcSLhumMxCv
+z0+pksnf/ArfSDisvzVNYSbpuEBr4o/LM3WahBMGJVJZJjXstNjePNETvfBbfEU+
++v27AabeZRK8KGizfry1q1tPuXRp/g+AfftZ/SBYe5CkdCUylnBItU22aEAHhGNT
+OkFebwWUxgWjy1mIjljnoish2y9UrWadvW+2rdkNT6m1WyG1aHy2K9rXldi82PGE
+WgCNNS+baj/2gVVAMo+iqZn8E/2n9Q0kSbJ60GTXWivWqdQbX3oJnS8t30Iha7Au
+zHmOvFbsi8LVA6Z4UfItgHrLxzO+U+x9ZSvA6TsCAwEAATANBgkqhkiG9w0BAQUF
+AAOCAQEAUPDg0VD4CG46bwYEbJ1H+5oDJibQ264JDq+E4z5YY2HLMf640ujKCz+o
+/33GIDyVrqjq8Zk1l0CSyLEW/49r87g4LunMVilty63aYRnj3+wWPNTbSTwfWXgu
+WcD00QnVoWparUnh75CfKUBm7lzn+q2WZPU18KpbXLw5E9rsRHnmaINqa9c5Fm6W
+VcP0qvrDizkEJ04gW3hadSKUEmHLNt1hnX1pnq7LJblb4AwLrpXNDfVZr8RdwRg7
+M5tBvGeKVRpniGILiND0UXkrKgkuWJkMzBiShg8YULtAaOC2D6lIkXAZnute6xaJ
+QNVdXrjW5oFUTw/YnHcg+bdCRlTCaA==
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer
new file mode 100644
index 000000000..e05727d0a
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/PT_C-PEPS_Test.cer
@@ -0,0 +1,32 @@
+-----BEGIN CERTIFICATE-----
+MIIFjTCCBHWgAwIBAgIEQm3h+zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJw
+dDEVMBMGA1UEChMMTVVMVElDRVJULUNBMRgwFgYDVQQDEw9NVUxUSUNFUlQtQ0Eg
+MDIwHhcNMTEwNzIxMTU0NjMxWhcNMTIwODE3MTU0MTE3WjCBwTELMAkGA1UEBhMC
+UFQxFTATBgNVBAoTDE1VTFRJQ0VSVC1DQTEWMBQGA1UECxMNQ0VSVElQT1IgLSBS
+QTESMBAGA1UECxMJQ29ycG9yYXRlMTMwMQYDVQQLEypBZ2VuY2lhIHBhcmEgYSBN
+b2Rlcm5pemFjYW8gQWRtaW5pc3RyYXRpdmExGDAWBgNVBAsTD1dlYiBBcHBsaWNh
+dGlvbjEgMB4GA1UEAxMXUEVQUyBQb3J0dWd1ZXMgZGUgVGVzdGUwgZ8wDQYJKoZI
+hvcNAQEBBQADgY0AMIGJAoGBALo91gnq+SQj8yPx8ssFEKuPvAfagO8f+EagEs+u
+XJhLx41GpFZesMuolxf86n3TdxJHcLSXI224HqZu3BtXExUiD1LCAvtGCjzOr6Rg
+oySwhIQrgMEsKRRpkQN0jQHIMze11EXqVAJ2+MDX9V4cABuIEd9LOOl0PcQmc7m8
+jcKXAgMBAAGjggKRMIICjTALBgNVHQ8EBAMCA/gwOAYIKwYBBQUHAQEELDAqMCgG
+CCsGAQUFBzABhhxodHRwOi8vb2NzcC5tdWx0aWNlcnQuY29tL2NhMIHgBgNVHSAE
+gdgwgdUwTQYJKwYBBAGwPAoCMEAwPgYIKwYBBQUHAgEWMmh0dHA6Ly93d3cubXVs
+dGljZXJ0LmNvbS9jcHMvbXVsdGljZXJ0LWNhLWNwcy5odG1sMIGDBgsrBgEEAbA8
+CgKIBjB0MHIGCCsGAQUFBwICMGYeZABoAHQAdABwADoALwAvAHcAdwB3AC4AbQB1
+AGwAdABpAGMAZQByAHQALgBjAG8AbQAvAGMAcAAvAG0AdQBsAHQAaQBjAGUAcgB0
+AC0AYwBhAC0AMQAwADMAMAAuAGgAdABtAGwwEQYJYIZIAYb4QgEBBAQDAgSwMIIB
+AQYDVR0fBIH5MIH2MIGaoIGXoIGUhi9odHRwOi8vd3d3Lm11bHRpY2VydC5jb20v
+Y2EvbXVsdGljZXJ0LWNhLTAyLmNybIZhbGRhcDovL2xkYXAubXVsdGljZXJ0LmNv
+bS9jbj1NVUxUSUNFUlQtQ0ElMjAwMixvPU1VTFRJQ0VSVC1DQSxjPVBUP2NlcnRp
+ZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZTBXoFWgU6RRME8xCzAJBgNVBAYTAnB0
+MRUwEwYDVQQKEwxNVUxUSUNFUlQtQ0ExGDAWBgNVBAMTD01VTFRJQ0VSVC1DQSAw
+MjEPMA0GA1UEAxMGQ1JMMjI4MB8GA1UdIwQYMBaAFB3DuYilGL5gpyymY8pmKvwM
+J8G9MB0GA1UdDgQWBBRH/+uES4Jsr1UV5WeSoN3v1vUaPDAJBgNVHRMEAjAAMA0G
+CSqGSIb3DQEBBQUAA4IBAQAOFAxM2U6HyZgWl5h6UB1MUUL4j9VTQQOs6nw4hm22
+QK3SF+DPL6oXS1j+RKDHYNlpAfQ5r5ObcaxhEkaXOUZJ4q/3z1qScMVaZ1fjU0FB
+hRyAUE2qfiHp/0Ql4V2IrQqcBZ+mEQD5DFwNgx/UDr22lO0idjHnmxRed83/Mrm0
+03v+2eAujlsE9NfayP8oo9HkYNh5KvFjveCpUNv4IW18xEJLNDFd3dUEeb9UO+Bv
+eEkrxmo6k/k7usuRUfGrXBaFuxcL71l3lFD4k66CB3m7atcbohmbiAYhfHnLegpR
+EVKVolR6O3ljt3ou+Y79oI4U7bhn0U256R9hoobnX9Un
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer
new file mode 100644
index 000000000..a131767fb
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS-Test/SI_C-PEPS_Test.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFbDCCBFSgAwIBAgIEQLK59zANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJz
+aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMRIwEAYDVQQLEwlzaXRlc3Qt
+Y2EwHhcNMTAwMzMwMTMwOTIzWhcNMTUwMzMwMTMzOTIzWjCBhjELMAkGA1UEBhMC
+c2kxGzAZBgNVBAoTEnN0YXRlLWluc3RpdHV0aW9uczESMBAGA1UECxMJU0lURVNU
+LUNBMRkwFwYDVQQLExBjZXJ0aWZpY2F0ZXMtd2ViMSswEwYDVQQDEwxURVNUIFBF
+UFMgU0kwFAYDVQQFEw0zMDAzMjAxMDAwMDAxMIIBIjANBgkqhkiG9w0BAQEFAAOC
+AQ8AMIIBCgKCAQEA4h6L9Pv1TK7fz5K6Uur0Rli6EKzZwTtv9xXhSt2xlI4wFWzz
+FiCy5/O/Q5GPRa10YoMc8s7WmMdM5yI/bU0BF2t5SYtEH7MwbGaFZFKJt17OtbpZ
+AaCSoh6fm1yO0HtVVkG9UdH4mswS3wHp/d1C91lQNba2enVc2p9Nd4gYop/zbroE
+toFeDyHxTl0mYN/cUHQFT4H24hzAfWXh2FOBfNSnvNl2HnPJOT6HnrUBsdyzkSzL
+N0Eis2R1G5+mQkzAwW6UOroojvMclEJK3z1oekj2OWj1FhalTNmA5D9dkDymTRn4
+o3BW2S7ovmWPmxYUW9s26bkPhz/CbCQwIF9yPQIDAQABo4ICJzCCAiMwDgYDVR0P
+AQH/BAQDAgWgMCsGA1UdEAQkMCKADzIwMTAwMzMwMTMwOTIzWoEPMjAxNTAzMzAx
+MzM5MjNaMEsGA1UdIAREMEIwNgYLKwYBBAGvWQIBAQIwJzAlBggrBgEFBQcCARYZ
+aHR0cDovL3d3dy5jYS5nb3Yuc2kvY3BzLzAIBgYEAIswAQIwGAYIKwYBBQUHAQME
+DDAKMAgGBgQAjkYBATAeBgNVHREEFzAVgRN0ZXN0LnNpLXBlcHNAZ292LnNpMIH2
+BgNVHR8Ege4wgeswVaBToFGkTzBNMQswCQYDVQQGEwJzaTEbMBkGA1UEChMSc3Rh
+dGUtaW5zdGl0dXRpb25zMRIwEAYDVQQLEwlzaXRlc3QtY2ExDTALBgNVBAMTBENS
+TDMwgZGggY6ggYuGWGxkYXA6Ly94NTAwLmdvdi5zaS9vdT1zaXRlc3QtY2Esbz1z
+dGF0ZS1pbnN0aXR1dGlvbnMsYz1zaT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0
+P2Jhc2WGL2h0dHA6Ly93d3cuc2lnZW4tY2Euc2kvY3JsL3NpdGVzdC9zaXRlc3Qt
+Y2EuY3JsMB8GA1UdIwQYMBaAFFRJB0aHzx2JncqucqeooKBptyHnMB0GA1UdDgQW
+BBQySemeDi10DbeTYj1tkGZ5Zo4mwjAJBgNVHRMEAjAAMBkGCSqGSIb2fQdBAAQM
+MAobBFY3LjEDAgOoMA0GCSqGSIb3DQEBBQUAA4IBAQASQ4l1Vd+MRDLFo2A6qYYW
+LVqTvtPLIk7v7Bswmq2SFAL2XmPoL5xbQFeDW+LiWhQBmrlgWyI7gbi/1/rs1E00
+Z4Skn8l97tuIyuxvCKTFhJDx9pzgUQGowoCYo9IzcMNQpxx6lkepreCDuc+e0fAb
+vTNGEpvQ7DkgrwJdcsUAElQ4OJ0ifELoah1DH8wpU31zr7D3YsizZgpu5TEIGP54
+AOhbFeZEmZlTU6gwNw4iTf6nVQkGaxsJt6gGGsyL8RUuvwpVRR3WmplCtjXryGCe
+4B/agAe3EKUh15IaPvWqdixSjySxjBI1bN8IEFHYPZmuwh7Y1FQuOYQGjuSLsJy9
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer
new file mode 100644
index 000000000..d79ad8385
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/ES_C-PEPS.cer
@@ -0,0 +1,43 @@
+-----BEGIN CERTIFICATE-----
+MIIHrDCCBpSgAwIBAgIIZFwvd8biuV0wDQYJKoZIhvcNAQEFBQAwUjERMA8GA1UE
+AxMIQUNDVi1DQTIxDzANBgNVBAsTBlBLSUdWQTEfMB0GA1UEChMWR2VuZXJhbGl0
+YXQgVmFsZW5jaWFuYTELMAkGA1UEBhMCRVMwHhcNMTAwNTI3MTYxNTA2WhcNMTMw
+NTI2MTYyNTA2WjCBgTEaMBgGA1UEAwwRUGxhdGFmb3JtYSBAZmlybWExEjAQBgNV
+BAUTCVMyODExMDAxQzEbMBkGA1UECwwSc2VsbG8gZWxlY3Ryw7NuaWNvMSUwIwYD
+VQQKExxNaW5pc3RlcmlvIGRlIGxhIFByZXNpZGVuY2lhMQswCQYDVQQGEwJFUzCC
+ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAM3IaIrzYOjbUYmS2nK7/GpD
+R6N3sVbBNxF5s/bCCQ44tL5MIz7I889GCMD8vrCd//5pAezPO8vZLpdh78QUZrCl
+k+E79ENYjVmjP4g0KlqlI0b5AOVc+dcE27/V6D6pCYDkVdn7puFDgzzSqksTNdL5
+uZZMM1L7Dkq0DfCjumYrfulp5i5PrYqrOh7wkXB1G+FGP0plN8at0tm5Q8EPXT7n
+/ogV9glWXG+vLkfIe2SKkdyU/08fecQH3f/jhrc5Bm0+uFvHP9DcS8usWpZojJWW
+iQb96B5bdPXqUsKnZVDj+b7HRkx3UjvvEipMV3Kr5E+E0sg1K4jLgj5+atyoRcEC
+AwEAAaOCBFQwggRQMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgTwMB0GA1Ud
+JQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDBDAdBgNVHQ4EFgQUhAkD/z9ux2qjm4l+
+FheI6+F3CfwwHwYDVR0jBBgwFoAUs3jtBaV5QTrC9MBSKP9jQz+/44EwggEyBgNV
+HREEggEpMIIBJYEWc29wb3J0ZS5hZmlybWE1QG1wci5lc6SCAQkwggEFMSEwHwYJ
+YIVUAQMFAgIBDBJzZWxsbyBlbGVjdHLDs25pY28xKzApBglghVQBAwUCAgITHE1p
+bmlzdGVyaW8gZGUgbGEgUHJlc2lkZW5jaWExGDAWBglghVQBAwUCAgMTCVMyODEx
+MDAxQzEPMA0GCWCFVAEDBQICBBMAMUQwQgYJYIVUAQMFAgIFDDVQbGF0YWZvcm1h
+IGRlIHZhbGlkYWNpw7NuIHkgZmlybWEgZWxlY3Ryw7NuaWNhIEBmaXJtYTEPMA0G
+CWCFVAEDBQICBhMAMQ8wDQYJYIVUAQMFAgIHEwAxDzANBglghVQBAwUCAggTADEP
+MA0GCWCFVAEDBQICCRMAMIIB8AYDVR0gBIIB5zCCAeMwggHfBgsrBgEEAb9VAxEC
+ADCCAc4wggGYBggrBgEFBQcCAjCCAYoeggGGAEMAZQByAHQAaQBmAGkAYwBhAGQA
+bwAgAHIAZQBjAG8AbgBvAGMAaQBkAG8AIABwAGEAcgBhACAAcwBlAGwAbABvACAA
+ZABlACAA8wByAGcAYQBuAG8AIABlAG4AIABzAG8AcABvAHIAdABlACAAcwBvAGYA
+dAB3AGEAcgBlACAAZQB4AHAAZQBkAGkAZABvACAAcABvAHIAIABsAGEAIABBAHUA
+dABvAHIAaQB0AGEAdAAgAGQAZQAgAEMAZQByAHQAaQBmAGkAYwBhAGMAaQDzACAA
+ZABlACAAbABhACAAQwBvAG0AdQBuAGkAdABhAHQAIABWAGEAbABlAG4AYwBpAGEA
+bgBhACAAKABQAGwALgAgAE0AYQBuAGkAcwBlAHMAIAAxAC4AIABDAEkARgAgAFMA
+NAA2ADEAMQAwADAAMQBBACkALgAgAEMAUABTACAAeQAgAEMAUAAgAGUAbgAgAGgA
+dAB0AHAAOgAvAC8AdwB3AHcALgBhAGMAYwB2AC4AZQBzMDAGCCsGAQUFBwIBFiRo
+dHRwOi8vd3d3LmFjY3YuZXMvbGVnaXNsYWNpb25fYy5odG0wOQYDVR0fBDIwMDAu
+oCygKoYoaHR0cDovL3d3dy5hY2N2LmVzL2dlc3RjZXJ0L2FjY3YtY2EyLmNybDAv
+BggrBgEFBQcBAQQjMCEwHwYIKwYBBQUHMAGGE2h0dHA6Ly9vY3NwLmFjY3YuZXMw
+OwYIKwYBBQUHAQMELzAtMBQGCCsGAQUFBwsCMAgGBgQAjkYBATAIBgYEAI5GAQEw
+CwYGBACORgEDAgEPMA0GCSqGSIb3DQEBBQUAA4IBAQCknVr82ZpMROTkrk/OwC7e
+fccNqbmKEwM4peAUG4tLWnYaDh2hav/3Y7auXkd2CW9XID6C/6E8EqG6wGNwplyq
+LyfrkYmbppJN2/LDr+ZHFoul030o/KzbVRrzZ5zAS5vUnOG42TzpP3sgtMV5V2vg
+V3ZygZbm55+2JDH1RBlCZuJzOPSwLk2rfGcMecHduUN8AxuLN52VKs1LMdmuPhe0
+ZvcVabvmmqzBJGRC8VJ0fwJKB/c6b4rl5WZTYUnQ7+SIoI/+RxJCITnO2SrxRh0Z
+rXLaE62aJ6W/Jnu+lfqIVoQSyauSlybpbL1iS/o0IFFbQvnY6RoCAOqsg3ee+4Om
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer
new file mode 100644
index 000000000..e754cad52
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/IT_C-PEPS.cer
@@ -0,0 +1,21 @@
+-----BEGIN CERTIFICATE-----
+MIIDcjCCAlqgAwIBAgIES8cgYjANBgkqhkiG9w0BAQUFADB7MSswKQYJKoZIhvcN
+AQkBFhx3ZWJtYXN0ZXJAc3R1ZGVudGkucG9saXRvLml0MQswCQYDVQQGEwJJVDEO
+MAwGA1UECgwFU1RPUksxDTALBgNVBAsMBFBFUFMxIDAeBgNVBAMMF2l0LXBlcHMt
+c3RvcmsucG9saXRvLml0MB4XDTEwMDQxNTE0MTkxNFoXDTM1MDQwOTE0MTkxNFow
+ezErMCkGCSqGSIb3DQEJARYcd2VibWFzdGVyQHN0dWRlbnRpLnBvbGl0by5pdDEL
+MAkGA1UEBhMCSVQxDjAMBgNVBAoMBVNUT1JLMQ0wCwYDVQQLDARQRVBTMSAwHgYD
+VQQDDBdpdC1wZXBzLXN0b3JrLnBvbGl0by5pdDCCASIwDQYJKoZIhvcNAQEBBQAD
+ggEPADCCAQoCggEBAMtNR5qqszWjwl8TlGpYUPrglCCrEZQSQYnekPcSLhumMxCv
+z0+pksnf/ArfSDisvzVNYSbpuEBr4o/LM3WahBMGJVJZJjXstNjePNETvfBbfEU+
++v27AabeZRK8KGizfry1q1tPuXRp/g+AfftZ/SBYe5CkdCUylnBItU22aEAHhGNT
+OkFebwWUxgWjy1mIjljnoish2y9UrWadvW+2rdkNT6m1WyG1aHy2K9rXldi82PGE
+WgCNNS+baj/2gVVAMo+iqZn8E/2n9Q0kSbJ60GTXWivWqdQbX3oJnS8t30Iha7Au
+zHmOvFbsi8LVA6Z4UfItgHrLxzO+U+x9ZSvA6TsCAwEAATANBgkqhkiG9w0BAQUF
+AAOCAQEAUPDg0VD4CG46bwYEbJ1H+5oDJibQ264JDq+E4z5YY2HLMf640ujKCz+o
+/33GIDyVrqjq8Zk1l0CSyLEW/49r87g4LunMVilty63aYRnj3+wWPNTbSTwfWXgu
+WcD00QnVoWparUnh75CfKUBm7lzn+q2WZPU18KpbXLw5E9rsRHnmaINqa9c5Fm6W
+VcP0qvrDizkEJ04gW3hadSKUEmHLNt1hnX1pnq7LJblb4AwLrpXNDfVZr8RdwRg7
+M5tBvGeKVRpniGILiND0UXkrKgkuWJkMzBiShg8YULtAaOC2D6lIkXAZnute6xaJ
+QNVdXrjW5oFUTw/YnHcg+bdCRlTCaA==
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer
new file mode 100644
index 000000000..950aaab0d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/PT_C-PEPS.cer
@@ -0,0 +1,33 @@
+-----BEGIN CERTIFICATE-----
+MIIFojCCBIqgAwIBAgIEQmx+HTANBgkqhkiG9w0BAQUFADA+MQswCQYDVQQGEwJw
+dDEVMBMGA1UEChMMTVVMVElDRVJULUNBMRgwFgYDVQQDEw9NVUxUSUNFUlQtQ0Eg
+MDIwHhcNMTAwNTE3MTAyMjMyWhcNMTMwNTE3MTAyMzM4WjCB1jELMAkGA1UEBhMC
+UFQxFTATBgNVBAoTDE1VTFRJQ0VSVC1DQTEWMBQGA1UECxMNQ0VSVElQT1IgLSBS
+QTESMBAGA1UECxMJQ29ycG9yYXRlMT4wPAYDVQQLEzVBTUEgLSBBZ2VuY2lhIHBh
+cmEgYSBNb2Rlcm5pemFjYW8gQWRtaW5pc3RyYXRpdmEgSS5QLjEYMBYGA1UECxMP
+V2ViIEFwcGxpY2F0aW9uMSowKAYDVQQDEyFzYW1sLmV1LWlkLmNhcnRhb2RlY2lk
+YWRhby5nb3YucHQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMe2B9O1xCJp
+CmT2/AuypD1q9kbwge1Y0VjY5FOkhYPfki/XuuFpEdUa7KrurbcoDuuAmgjIxCIn
+v8vYAK5axY8hlPg9fp+vtRlmo1it5Y9IGY2mMvtN6OwoBzJOqKJypNexyAgIIR/u
+PqhVZjQAwGkTe1JrcDswKOKGbv21M1+pAgMBAAGjggKRMIICjTALBgNVHQ8EBAMC
+A/gwOAYIKwYBBQUHAQEELDAqMCgGCCsGAQUFBzABgRxodHRwOi8vb2NzcC5tdWx0
+aWNlcnQuY29tL2NhMIHgBgNVHSAEgdgwgdUwTQYJKwYBBAGwPAoCMEAwPgYIKwYB
+BQUHAgEWMmh0dHA6Ly93d3cubXVsdGljZXJ0LmNvbS9jcHMvbXVsdGljZXJ0LWNh
+LWNwcy5odG1sMIGDBgsrBgEEAbA8CgKIBjB0MHIGCCsGAQUFBwICMGYeZABoAHQA
+dABwADoALwAvAHcAdwB3AC4AbQB1AGwAdABpAGMAZQByAHQALgBjAG8AbQAvAGMA
+cAAvAG0AdQBsAHQAaQBjAGUAcgB0AC0AYwBhAC0AMQAwADMAMAAuAGgAdABtAGww
+EQYJYIZIAYb4QgEBBAQDAgSwMIIBAQYDVR0fBIH5MIH2MIGaoIGXoIGUhi9odHRw
+Oi8vd3d3Lm11bHRpY2VydC5jb20vY2EvbXVsdGljZXJ0LWNhLTAyLmNybIZhbGRh
+cDovL2xkYXAubXVsdGljZXJ0LmNvbS9jbj1NVUxUSUNFUlQtQ0ElMjAwMixvPU1V
+TFRJQ0VSVC1DQSxjPVBUP2NlcnRpZmljYXRlUmV2b2NhdGlvbkxpc3Q/YmFzZTBX
+oFWgU6RRME8xCzAJBgNVBAYTAnB0MRUwEwYDVQQKEwxNVUxUSUNFUlQtQ0ExGDAW
+BgNVBAMTD01VTFRJQ0VSVC1DQSAwMjEPMA0GA1UEAxMGQ1JMMTczMB8GA1UdIwQY
+MBaAFB3DuYilGL5gpyymY8pmKvwMJ8G9MB0GA1UdDgQWBBT+DvK0cR8Qa3uUWWYV
+rUfVGZeUTDAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBQUAA4IBAQBiXYB/Nst7hDnV
+RS9D6VjifN1F+JaxtwSLZBoxkij2mi/1kXRugKjkpo6e8Kwb24Wv7G+/ZAFjm3zN
+WK9v0ziR192l+4lWke8wRVwHW4Ecsp3nOwOxCiCYkX4uVPDZQT5+cPeNYJbOwYyd
+4jbHTPrPT7T2CmtgdqOIu2Dc+1aHyg9ZnhCGgwEwDbvq+grUr9RcHqmWqfdR3Eou
+TvLugaM54N4Bur8rolFatHzETbKjvXfWzpHoTTFEekyHgQXWdnmVny8JajBFUmE5
+TkONB+V+Jj/R2YPfF++9tRKwc4ifNeduWzSD6ohx+OFimdx2gKHIdkkAMfK09z1M
+vz83eaDr
+-----END CERTIFICATE-----
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer
new file mode 100644
index 000000000..2051a22c2
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/C-PEPS/SI_C-PEPS.cer
@@ -0,0 +1,31 @@
+-----BEGIN CERTIFICATE-----
+MIIFXDCCBESgAwIBAgIEOl3pnzANBgkqhkiG9w0BAQUFADA9MQswCQYDVQQGEwJz
+aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMREwDwYDVQQLEwhzaWdvdi1j
+YTAeFw0xMDA2MTAxMDUwMTVaFw0xNTA2MTAxMTIwMTVaMIGEMQswCQYDVQQGEwJz
+aTEbMBkGA1UEChMSc3RhdGUtaW5zdGl0dXRpb25zMRkwFwYDVQQLExB3ZWItY2Vy
+dGlmaWNhdGVzMRMwEQYDVQQLEwpHb3Zlcm5tZW50MSgwEAYDVQQDEwlQRVBTIFNB
+TUwwFAYDVQQFEw0xMjM1ODU3NTE4MDEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
+MIIBCgKCAQEAw9gh7flrQC1UUc0Dw1jFXQ5sDVwSjjO/QqUsvIysAGELNJTxs3/j
+vFOsokBOWlZEbocZXDqeLJtzO4zmpblc7c9okyZIi0sj+dEqKiMF7XbFfjo1NZ2c
+xJdQ4ENR1jLkiHSb5Z345dQ7VY6wju0ezMMA5O9cIywGWcSyH9h007tezhTWJeL5
+aN2gMvFs3tGx7Uv9JH9geIOopWlcQANSDkvAnCf/iu1YhbUmx+jYtcxlywtJ8Tri
+ON3GlFLr4ew4O8SrVxeQQ28yKKDEP/Y3399KWdQDwK/CeFy6flW3kYTiGDPnUH5T
+u9yEATomwnujhPHJZN6d46JFiTWFsll4aQIDAQABo4ICGjCCAhYwDgYDVR0PAQH/
+BAQDAgWgMCsGA1UdEAQkMCKADzIwMTAwNjEwMTA1MDE1WoEPMjAxNTA2MTAxMTIw
+MTVaMEoGA1UdIARDMEEwNQYKKwYBBAGvWQEBBTAnMCUGCCsGAQUFBwIBFhlodHRw
+Oi8vd3d3LmNhLmdvdi5zaS9jcHMvMAgGBgQAizABAjAYBggrBgEFBQcBAwQMMAow
+CAYGBACORgEBMBcGA1UdEQQQMA6BDHN0b3JrQGdvdi5zaTCB8QYDVR0fBIHpMIHm
+MFWgU6BRpE8wTTELMAkGA1UEBhMCc2kxGzAZBgNVBAoTEnN0YXRlLWluc3RpdHV0
+aW9uczERMA8GA1UECxMIc2lnb3YtY2ExDjAMBgNVBAMTBUNSTDI3MIGMoIGJoIGG
+hldsZGFwOi8veDUwMC5nb3Yuc2kvb3U9c2lnb3YtY2Esbz1zdGF0ZS1pbnN0aXR1
+dGlvbnMsYz1zaT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2WGK2h0dHA6
+Ly93d3cuc2lnb3YtY2EuZ292LnNpL2NybC9zaWdvdi1jYS5jcmwwHwYDVR0jBBgw
+FoAUHvjUU2uzgwbpBAZXAvmlv8ZYPHIwHQYDVR0OBBYEFDY0NJgPdteoK8mw3FG7
+lde6PRboMAkGA1UdEwQCMAAwGQYJKoZIhvZ9B0EABAwwChsEVjcuMQMCA6gwDQYJ
+KoZIhvcNAQEFBQADggEBAInmtHMCOob3469jLaA/WvRXFUv0QelW4cS9Zr1QrZzW
+Wp1YUiwkWfILHkDJgvbo6qn8iUDyKSNPhgXFVKfWbBlbuUds9F2FCJ41g5n2jXZc
+Lz0IOpae4a9LHmNLdT0UKEGbUJ5a4wRaZEWLVfwrkN2GJPeWeeigbunYKtdVlceP
+4DZg8T1c/vpi8lrbTxSLUAzn0ie8FRod6k19y49QG5sudvwjeQgp309dUze0ULun
+YYTFkkc5d2uzqEa2WYcxHYz4+hKPHejbGGKC1OZz+zH7ZGGr0mtLYjSvXv+5VKTj
+85/a/sdD+vzNneKEGbLk7iupk0On5BIkJdWqnz/IeDk=
+-----END CERTIFICATE----- \ No newline at end of file
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..d361d919f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ad13d7b28
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..f9f27442b
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..b6f39e354
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..f9fef65fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
new file mode 100644
index 000000000..3c7775b6e
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..36a442b89
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
new file mode 100644
index 000000000..54f809962
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
new file mode 100644
index 000000000..01965769d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
new file mode 100644
index 000000000..3be7b6a06
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer
new file mode 100644
index 000000000..73553b996
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/EGIZ_Test_CA_-_User.20070829-20140101.SerNo00.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer
new file mode 100644
index 000000000..911640d0e
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Premium-Test-Sig-02.20041227-20141201.SerNo00b5ac.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer
new file mode 100644
index 000000000..cac44093a
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-Qual-01a.20041117-20141117.SerNo00da88.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer
new file mode 100644
index 000000000..32893db7f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-TEST-nQual-01a.20041117-20080630.SerNo00da8b.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..d361d919f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011130-20041130.SerNo01f6(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ad13d7b28
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20011215-20041215.SerNo021e(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..f9f27442b
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo0291(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..b6f39e354
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20020207-20050207.SerNo210d(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..f9fef65fc
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01.20041201-20141201.SerNoE243(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
new file mode 100644
index 000000000..3c7775b6e
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-01b.20041201-20141201.SerNo01C854.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..36a442b89
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02.20041203-20141203.SerNoE248(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
new file mode 100644
index 000000000..54f809962
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-02b.20041203-20141203.SerNo01C857.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
new file mode 100644
index 000000000..ab9e0cd7d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03.20080425-20180425.SerNoe694(SecureSignatureKeypair).cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
new file mode 100644
index 000000000..01965769d
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Qual-03b.20080424-20180424.SerNo041D14.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
new file mode 100644
index 000000000..b9a0e5a61
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-Root-05.20130923-20230920.SerNoFCDB4.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
new file mode 100644
index 000000000..3be7b6a06
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenOhneTestkarten/C=AT,O=Hauptverband oesterr. Sozialvers.,CN=Root-CA 1-2045.der
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
new file mode 100644
index 000000000..afe6fdf09
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer
new file mode 100644
index 000000000..277b6083a
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/EGIZ_Test_CA_-_Signaturdienst.20070829-20140101.SerNo02.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
new file mode 100644
index 000000000..376d0753f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
new file mode 100644
index 000000000..592c96230
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer
new file mode 100644
index 000000000..61a7ccb15
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-02.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
new file mode 100644
index 000000000..5171276f4
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungMitTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
new file mode 100644
index 000000000..afe6fdf09
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-CERT-GOVERNMENT-20090505-20360918.SerNo0E.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
new file mode 100644
index 000000000..33e776369
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/A-Trust-nQual-03.20050817-20150817.SerNo016c1e.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
new file mode 100644
index 000000000..376d0753f
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Nikolaus_Schwab.20040219-20070219.SerNo5C39.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
new file mode 100644
index 000000000..592c96230
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/Waltraut_Kotschy.20070119-20120119.SerNo02DE1C.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer
new file mode 100644
index 000000000..61a7ccb15
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-02.cer
Binary files differ
diff --git a/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
new file mode 100644
index 000000000..5171276f4
--- /dev/null
+++ b/id/server/doc/conf/moa-spss/trustProfiles/MOAIDBuergerkartePersonenbindungOhneTestkarten/a-sign-corporate-light-03-20051114-20151114.SerNo01AAED.cer
Binary files differ
diff --git a/id/server/doc/handbook/application/application.html b/id/server/doc/handbook/application/application.html
index 83e301089..7fd729683 100644
--- a/id/server/doc/handbook/application/application.html
+++ b/id/server/doc/handbook/application/application.html
@@ -110,6 +110,12 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-oa/
<th width="559" scope="col">Beschreibung</th>
</tr>
<tr>
+ <td>general.publicURLContext</td>
+ <td>https://localhost:8443/moa-id-oa</td>
+ <td><p>URL unter der das Modul MOA-ID-OA erreichbar ist.</p>
+ <p><strong>Hinweis:</strong> Ist dieser Parameter nicht vorhanden wird die URL aus dem ersten Request generiert.</p></td>
+ </tr>
+ <tr>
<td>general.login.pvp2.idp.metadata.url</td>
<td>https://demo.egiz.gv.at/moa-id-auth/<br>
pvp2/metadata</td>
@@ -117,7 +123,7 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-oa/
</tr>
<tr>
<td>general.login.pvp2.idp.metadata.certificate</td>
- <td>keys/metadata.crt</td>
+ <td>keys/moa_idp.crt</td>
<td>Zertifikat mit dem die PVP2.1 Metadaten des IDP signiert sind. Dieser Zertifikat wird zur Pr&uuml;fung der IDP Metadaten verwendet.</td>
</tr>
<tr>
@@ -138,12 +144,12 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-oa/
</tr>
<tr>
<td>general.login.pvp2.keystore.url</td>
- <td>keys/moa_idp.p12</td>
+ <td>keys/application[password].p12</td>
<td>Keystore mit Schl&uuml;ssel und Zertifikaten welche f&uuml;r das signieren und verschl&uuml;sseln der PVP2.1 Nachrichten verwendet werden sollen.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Keystores</td>
</tr>
<tr>
@@ -157,32 +163,32 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-oa/
</tr>
<tr>
<td>general.login.pvp2.keystore.metadata.key.alias</td>
- <td>metadata</td>
+ <td>pvp_metadata</td>
<td>Name des Schl&uuml;ssels der zum Signieren der Metadaten des Modules MOA-ID-Configuration verwendet werden soll</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.metadata.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels der zum Signieren der Metadaten verwendet werden soll.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.encryption.key.alias</td>
- <td>encryption</td>
+ <td>pvp_encryption</td>
<td>Name des Schl&uuml;ssels der zum Verschl&uuml;sseln der Anmeldeinformation, welche vom IDP an das Konfigurationstool &uuml;bermittelt, verwendet werden soll</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.encryption.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels zum Verschl&uuml;sseln der Anmeldeinformation.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.key.alias</td>
- <td>authrequest</td>
+ <td>pvp_request</td>
<td>Name des Schl&uuml;ssels zum Signieren des Authentifizierungsrequests der an den IDP gestellt wird.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels zum Signieren des Authentifizierungsrequests.</td>
</tr>
</table>
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index f794e0972..21d146b4d 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -6,6 +6,7 @@
<link rel="stylesheet" href="../common/MOA.css" type="text/css">
</head>
<body link="#990000">
+ X
<table class="logoTable" width="100%" border="0" cellspacing="0" cellpadding="10">
<tr>
<td align="center" class="logoTitle" width="267"><img src="../common/LogoBKA.png" alt="Logo BKA" width="267" height="37" align="left"></td>
@@ -167,7 +168,8 @@
</ol>
<p>Optional kann nach dem Schritt 3 Basiskonfiguration des Modules MOA-ID-Auth eine <a href="#import_export_legacy">bestehende MOA-ID 1.5.1 Konfiguration importiert</a> werden. F&uuml;r bestehende Konfigurationen &lt; 1.5.1 wird eine vollst&auml;ndige Neukonfiguration empfohlen.</p>
<h1><a name="uebersicht_zentraledatei" id="uebersicht_zentraledatei"></a>2 Basiskonfiguration</h1>
-<p>Die Basiskonfiguration f&uuml;r die Module MOA-ID-Auth und MOA-ID-Configuration erfolgt mit Hilfe textueller propertie Dateien. Diese Propertie Dateien beinhalten alle Konfigurationsparameter welche f&uuml;r den Start der Module erforderlich sind und m&uuml;ssen der Java Virtual Machine durch eine System Property mitgeteilt werden. Alle &Auml;nderungen die an der Basiskonfiguration vorgenommen werden erfordern einen Neustart der jeweiligen Java Virtual Machine. </p>
+<p>Die Basiskonfiguration f&uuml;r die Module MOA-ID-Auth und MOA-ID-Configuration erfolgt mit Hilfe textueller propertie Dateien. Diese Propertie Dateien beinhalten alle Konfigurationsparameter welche f&uuml;r den Start der Module erforderlich sind und m&uuml;ssen der Java Virtual Machine durch eine System Property mitgeteilt werden. Alle &Auml;nderungen die an der Basiskonfiguration vorgenommen werden erfordern einen Neustart der jeweiligen Java Virtual Machine.</p>
+<p><strong>Hinweis:</strong> Alle URL Konfigurationsparameter auf Dateien ohne den Prefix <em>file:/</em> werden als relative Pfadangaben zum Konfigurationsbasisverzeichnis des jeweiligen Modules interpretiert.</p>
<h2><a name="uebersicht_zentraledatei_aktualisierung" id="uebersicht_zentraledatei_aktualisierung"></a>2.1 MOA-ID-Configuration</h2>
<p>Dieser Abschnitt behandelt die Basiskonfiguration des Modules MOA-ID-Configuration. Der erste Teilabschnitt behandelt die Bekanntmachung der Konfigurationsdatei mittels einer System Property und der zweite Teilabschnitt beschreibt die einzelnen Konfigurationsparameter im Detail. Eine Konfiguration die als Ausgangspunkt f&uuml;r die individuelle Konfiguration verwendet werden kann finden Sie <a href="../../conf/moa-id-configuration/moa-id-configtool.properties">hier</a>.</p>
<h3><a name="moa_id_config_property" id="uebersicht_zentraledatei_aktualisierung7"></a>2.1.1 Bekanntmachung der Konfigurationsdatei</h3>
@@ -268,7 +270,7 @@
</tr>
<tr>
<td>general.login.pvp2.idp.metadata.certificate</td>
- <td>keys/metadata.crt</td>
+ <td>keys/moa_idp.crt</td>
<td>Zertifikat mit dem die PVP2.1 Metadaten des IDP signiert sind. Dieser Zertifikat wird zur Pr&uuml;fung der IDP Metadaten verwendet.</td>
</tr>
<tr>
@@ -289,12 +291,12 @@
</tr>
<tr>
<td>general.login.pvp2.keystore.url</td>
- <td>keys/moa_idp.p12</td>
+ <td>keys/application[password].p12</td>
<td>Keystore mit Schl&uuml;ssel und Zertifikaten welche f&uuml;r das signieren und verschl&uuml;sseln der PVP2.1 Nachrichten verwendet werden sollen.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Keystores</td>
</tr>
<tr>
@@ -308,32 +310,32 @@
</tr>
<tr>
<td>general.login.pvp2.keystore.metadata.key.alias</td>
- <td>metadata</td>
+ <td>pvp_metadata</td>
<td>Name des Schl&uuml;ssels der zum Signieren der Metadaten des Modules MOA-ID-Configuration verwendet werden soll</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.metadata.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels der zum Signieren der Metadaten verwendet werden soll.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.encryption.key.alias</td>
- <td>encryption</td>
+ <td>pvp_encryption</td>
<td>Name des Schl&uuml;ssels der zum Verschl&uuml;sseln der Anmeldeinformation, welche vom IDP an das Konfigurationstool &uuml;bermittelt, verwendet werden soll</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.encryption.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels zum Verschl&uuml;sseln der Anmeldeinformation.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.key.alias</td>
- <td>authrequest</td>
+ <td>pvp_request</td>
<td>Name des Schl&uuml;ssels zum Signieren des Authentifizierungsrequests der an den IDP gestellt wird.</td>
</tr>
<tr>
<td>general.login.pvp2.keystore.authrequest.key.password</td>
- <td>123456</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels zum Signieren des Authentifizierungsrequests.</td>
</tr>
</table>
@@ -683,32 +685,32 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.file</td>
- <td>keys/pvp.p12</td>
+ <td>keys/moa_idp[password].p12</td>
<td>Dateiname des Java Keystore oder PKCS12 Keystore zur Signierung von PVP 2.1 spezifischen Inhalten. (PVP 2.1 Metadaten, PVP 2.1 Assertion)</td>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.kspassword</td>
- <td>pass1234</td>
+ <td>password</td>
<td>Passwort zum Keystore</td>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.metadata.alias</td>
- <td>metadata</td>
+ <td>pvp_metadata</td>
<td>Name des Schl&uuml;ssels der zur Signierung der PVP 2.1 Metadaten </td>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.metadata.keypassword</td>
- <td>pass1234</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels der zur Signierung der PVP 2.1 Metadaten </td>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.assertion.sign.alias</td>
- <td>signing</td>
+ <td>pvp_assertion</td>
<td>Name des Schl&uuml;ssels mit dem die PVP 2.1 Assertion durch MOA-ID-Auth unterschieben wird</td>
</tr>
<tr>
<td>protocols.pvp2.idp.ks.assertion.sign.keypassword</td>
- <td>pass1234</td>
+ <td>password</td>
<td>Passwort des Schl&uuml;ssels mit dem die PVP 2.1 Assertion durch MOA-ID-Auth unterschieben wird</td>
</tr>
</table>
@@ -722,22 +724,22 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/MonitoringServlet</pre>
</tr>
<tr>
<td>protocols.oauth20.jwt.ks.file</td>
- <td>keys/openID.p12</td>
+ <td>keys/moa_idp[password].p12</td>
<td>Dateiname des Java Keystore oder PKCS12 Keystore zur Signierung des OpenID Connect <em>id_token</em></td>
</tr>
<tr>
<td>protocols.oauth20.jwt.ks.password=</td>
- <td>pass1234</td>
+ <td>passsword</td>
<td>Passwort zum Keystore</td>
</tr>
<tr>
<td>protocols.oauth20.jwt.ks.key.name</td>
- <td>openID</td>
+ <td>pvp_assertion</td>
<td>Name des Schl&uuml;ssels der zum Signieren des <em>id_tokens</em> verwendet wird</td>
</tr>
<tr>
<td>protocols.oauth20.jwt.ks.key.password</td>
- <td>pass1234</td>
+ <td>pasword</td>
<td>Password des Schl&uuml;ssels der zum Signieren des <em>id_tokens</em> verwendet wird</td>
</tr>
</table>
diff --git a/id/server/doc/handbook/install/install.html b/id/server/doc/handbook/install/install.html
index 3db04c197..ffd700a55 100644
--- a/id/server/doc/handbook/install/install.html
+++ b/id/server/doc/handbook/install/install.html
@@ -112,7 +112,7 @@
<dd> Entpacken Sie die Datei <code>moa-id-auth-2.0.0.zip</code> in ein beliebiges Verzeichnis. Dieses Verzeichnis wird im weiteren Verlauf als <code>$MOA_ID_AUTH_INST</code> bezeichnet. </dd>
<dt>Installation der Kryptographiebibliotheken von SIC/IAIK</dt>
<dd>
- <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_SPSS_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength
+ <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength
Jurisdiction Policy Files</span> von der <a href="http://java.com/download" target="_blank">Java SE Downloadseite </a>und achten Sie darauf die f&uuml;r ihre verwendete Java SE Installation richtige Version zu nehmen. Anschlie&szlig;end folgen Sie der darin enthaltenen Installationsanweisung. </p>
@@ -138,12 +138,12 @@
<p> Um die Module MOA-ID-Auth und MOA-ID-Configuratuion in Tomcat f&uuml;r den Einsatz vorzubereiten, sind folgende Schritte notwendig:</p>
<ul>
<li>Die Datei <code>$MOA_ID_AUTH_INST/moa-id_auth.war</code> enth&auml;lt das einsatzfertige MOA-ID-Auth Webarchiv und muss ins Verzeichnis <code>$CATALINA_HOME/webapps</code> kopiert werden. Dort wird sie beim ersten Start von Tomcat automatisch ins Verzeichnis <code>$CATALINA_HOME/webapps/moa-id-auth</code> entpackt. </li>
- <li>Die Konfigurationsdatei mit der Basiskonfiguration f&uuml;r MOA-ID-Auth und die zugeh&ouml;rigen Verzeichnisse m&uuml;ssen in ein beliebiges Verzeichnis im Dateisystem kopiert werden (z.B. <code>$CATALINA_HOME/conf/moa-id</code>). Eine funktionsf&auml;hige Konfiguration, die als Ausgangspunkt f&uuml;r die Basiskonfiguration des MOA-ID-Auth Modules dienen kann, finden Sie <a href="../../../conf/moa-id/moa-id.properties">hier</a>. <br>
+ <li>Die Konfigurationsdatei mit der Basiskonfiguration f&uuml;r MOA-ID-Auth und die zugeh&ouml;rigen Verzeichnisse m&uuml;ssen in ein beliebiges Verzeichnis im Dateisystem kopiert werden (z.B. <code>$CATALINA_HOME/conf/moa-id</code>). Eine funktionsf&auml;hige Konfiguration, die als Ausgangspunkt f&uuml;r die Konfiguration des MOA-ID-Auth Modules dienen kann, finden Sie <a href="../../../conf/moa-id/moa-id.properties">hier</a>. Diese funktionsf&auml;hige Konfiguration enth&auml;lt auch eine MOA-SPSS Konfiguration, da das Modul MOA-SPSS zurSignaturpr&uuml;fung im Modul MOA-ID-Auth verwendet wird.<br>
</li>
<li> Die Dateien <code>xalan.jar</code>, <code>xercesImpl.jar, serializer.jar </code> und <code>xml-apis.jar</code> aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/endorsed</code> m&uuml;ssen in das Tomcat-Verzeichnis <code>$CATALINA_HOME/endorsed</code> (bzw. <code>$CATALINA_HOME/common/endorsed</code> bis Apache Tomcat Version 5.5) kopiert werden. Sind gleichnamige Dateien dort bereits vorhanden, m&uuml;ssen sie &uuml;berschrieben werden. Die ggf. in diesem Verzeichnis vorhandene Datei <code>xmlParserAPIs.jar</code> muss gel&ouml;scht werden. Sollte das Verzeichnis <code>endorsed</code> nicht vorhanden sein, dann muss dieses zuerst erstellt werden.</li>
- <li>Folgende <span class="term">System Properties</span> k&ouml;nnen gesetzt werden (wird beim Starten von Tomcat der <span class="term">Java Virtual Machine</span> in der Umgebungsvariablen <code>CATALINA_OPTS</code> in der Form <code>-D&lt;name&gt;=&lt;wert&gt;</code> &uuml;bergeben):
- <ul>
- <li id="klein"><code>moa.id.configuration</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Auth. Eine beispielhafte Konfigurationsdatei fnden Sie <a href="../../../conf/moa-id/moa-id.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
+ <li>Folgende <span class="term">System Properties</span> k&ouml;nnen gesetzt werden (wird beim Starten von Tomcat der <span class="term">Java Virtual Machine</span> in der Umgebungsvariablen <code>CATALINA_OPTS</code> in der Form <code>-D&lt;name&gt;=&lt;wert&gt;</code> &uuml;bergeben). Eine Beispielkonfiguration in welcher diese Umgebungsvariablen gesetzt werden finden Sie <a href="../../../deploy/tomcat/">hier</a>.
+<ul>
+ <li id="klein"><code>moa.id.configuration</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Auth. Eine beispielhafte Konfigurationsdatei fnden Sie <a href="../../../deploy/conf/moa-id/moa-id.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
<li><code>moa.spss.server.configuration</code>: Pfad und Name der zentralen Konfigurationsdatei f&uuml;r MOA SP/SS. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-spss/SampleMOASPSSConfiguration.xml">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/conf</code> enthaltene Default-Konfiguration herangezogen.</li>
<li><code>eu.stork.samlengine.config.location</code>: Pfad auf den Ordner mit den zentralen Konfigurationsdateien f&uuml;r STORK. Die Beispielkonfiguration f&uuml;r das Modul MOA-ID-Auth enth&auml;lt bereits den<a href="../../../conf/moa-id/stork/"> Ordner f&uuml;r die STORK Konfiguration</a>. </li>
<li id="klein"><code>log4j.configuration</code>: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie <a href="../../../conf/moa-id/log4j.properties">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen.</li>