aboutsummaryrefslogtreecommitdiff
path: root/id/server
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2014-08-19 15:23:07 +0200
committerThomas Lenz <tlenz@iaik.tugraz.at>2014-08-19 15:23:07 +0200
commit9331771b24160e0ee04324576d9f35caf6ac4d79 (patch)
tree45adefb70891e266849c65626ccbdee6927be6e0 /id/server
parenta3e490800378eaaa4d9189bc1d1d606caa8fb41d (diff)
downloadmoa-id-spss-9331771b24160e0ee04324576d9f35caf6ac4d79.tar.gz
moa-id-spss-9331771b24160e0ee04324576d9f35caf6ac4d79.tar.bz2
moa-id-spss-9331771b24160e0ee04324576d9f35caf6ac4d79.zip
Update handbook, demo-configuration and history.txt
Diffstat (limited to 'id/server')
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties2
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties1
-rw-r--r--id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties2
-rw-r--r--id/server/doc/conf/moa-id/moa-id.properties1
-rw-r--r--id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml61
-rw-r--r--id/server/doc/handbook/config/config.html12
6 files changed, 61 insertions, 18 deletions
diff --git a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
index db158ed23..7c71fadcb 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
+++ b/id/server/data/deploy/conf/moa-id-configuration/moa-id-configtool.properties
@@ -13,6 +13,8 @@ general.defaultlanguage=de
general.ssl.certstore=certs/certstore
general.ssl.truststore=certs/truststore
+general.moaconfig.key=ConfigurationEncryptionKey
+
##Mail
general.mail.host=smtp.localhost...
#general.mail.host.port=
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index e8a75c348..4290b1985 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -17,6 +17,7 @@ protocols.pvp2.assertion.encryption.active=false
##General MOA-ID 2.0 operations
#MOA-ID 2.0 session information encryption key (PassPhrase)
configuration.moasession.key=SessionEncryptionKey
+configuration.moaconfig.key=ConfigurationEncryptionKey
#MOA-ID 2.0 Monitoring Servlet
configuration.monitoring.active=false
diff --git a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
index db158ed23..7c71fadcb 100644
--- a/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
+++ b/id/server/doc/conf/moa-id-configuration/moa-id-configtool.properties
@@ -13,6 +13,8 @@ general.defaultlanguage=de
general.ssl.certstore=certs/certstore
general.ssl.truststore=certs/truststore
+general.moaconfig.key=ConfigurationEncryptionKey
+
##Mail
general.mail.host=smtp.localhost...
#general.mail.host.port=
diff --git a/id/server/doc/conf/moa-id/moa-id.properties b/id/server/doc/conf/moa-id/moa-id.properties
index e8a75c348..4290b1985 100644
--- a/id/server/doc/conf/moa-id/moa-id.properties
+++ b/id/server/doc/conf/moa-id/moa-id.properties
@@ -17,6 +17,7 @@ protocols.pvp2.assertion.encryption.active=false
##General MOA-ID 2.0 operations
#MOA-ID 2.0 session information encryption key (PassPhrase)
configuration.moasession.key=SessionEncryptionKey
+configuration.moaconfig.key=ConfigurationEncryptionKey
#MOA-ID 2.0 Monitoring Servlet
configuration.monitoring.active=false
diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
index 5aff0d1fa..ef5dc23d2 100644
--- a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
+++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml
@@ -23,10 +23,7 @@
<!--Only HTTP-POST binding is only supported for inter PEPS-->
<!--The SOAP binding is only supported for direct communication between SP-MW and VIdP-->
- <entry key="protocolBinding">HTTP-POST</entry>
-
-
-
+ <entry key="protocolBinding">HTTP-POST</entry>
<!--URI representing the classification of the identifier
Allow values: 'entity'.
@@ -36,25 +33,26 @@
-->
-
<!-- A friendly name for the attribute that can be displayed to a user -->
<entry key="friendlyName">false</entry>
<!-- A friendly name for the attribute that can be displayed to a user -->
<entry key="isRequired">true</entry>
- <!--PEPS in the Service Provider's country-->
- <entry key="requester">http://S-PEPS.gov.xx</entry>
+ <!--PEPS in the Service Provider's country-->
+ <entry key="requester">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
- <!--PEPS in the citizen's origin country-->
- <entry key="responder">http://C-PEPS.gov.xx</entry>
+ <!--PEPS in the citizen's origin country-->
+ <entry key="responder">https://testvidp.buergerkarte.at/moa-id-auth/stork2/SendPEPSAuthnRequest</entry>
<!--Subject cannot be confirmed on or after this seconds time (positive number)-->
- <entry key="timeNotOnOrAfter">300</entry>
+ <entry key="timeNotOnOrAfter">600</entry>
<!--Validation IP of the response-->
<entry key="ipAddrValidation">false</entry>
-
+
+ <!--One time use-->
+ <entry key="oneTimeUse">true</entry>
<!--Subject Attribute Definitions-->
<entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry>
@@ -73,7 +71,6 @@
<entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry>
<entry key="age">http://www.stork.gov.eu/1.0/age</entry>
<entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry>
- <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry>
<entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry>
<entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry>
@@ -86,10 +83,38 @@
<entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry>
<entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry>
- <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
- <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
- <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
- <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
- <entry key="mandateType">http://www.stork.gov.eu/1.0/mandateType</entry>
-
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+
+
+ <entry key="diplomaSupplement">http://www.stork.gov.eu/1.0/diplomaSupplement</entry>
+ <entry key="currentStudiesSupplement">http://www.stork.gov.eu/1.0/currentStudiesSupplement</entry>
+ <entry key="isStudent">http://www.stork.gov.eu/1.0/isStudent</entry>
+ <entry key="isAcademicStaff">http://www.stork.gov.eu/1.0/isAcademicStaff</entry>
+ <entry key="isTeacherOf">http://www.stork.gov.eu/1.0/isTeacherOf</entry>
+ <entry key="isCourseCoordinator">http://www.stork.gov.eu/1.0/isCourseCoordinator</entry>
+ <entry key="isAdminStaff">http://www.stork.gov.eu/1.0/isAdminStaff</entry>
+ <entry key="habilitation">http://www.stork.gov.eu/1.0/habilitation</entry>
+ <entry key="Title">http://www.stork.gov.eu/1.0/Title</entry>
+ <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry>
+ <entry key="hasAccountInBank">http://www.stork.gov.eu/1.0/hasAccountInBank</entry>
+ <entry key="isHealthCareProfessional">http://www.stork.gov.eu/1.0/isHealthCareProfessional</entry>
+
+ <entry key="eLPIdentifier">http://www.stork.gov.eu/1.0/eLPIdentifier</entry>
+ <entry key="legalName">http://www.stork.gov.eu/1.0/legalName</entry>
+ <entry key="alternativeName">http://www.stork.gov.eu/1.0/alternativeName</entry>
+ <entry key="type">http://www.stork.gov.eu/1.0/type</entry>
+ <entry key="translatableType">http://www.stork.gov.eu/1.0/translatableType</entry>
+ <entry key="status">http://www.stork.gov.eu/1.0/status</entry>
+ <entry key="activity">http://www.stork.gov.eu/1.0/activity</entry>
+ <entry key="registeredAddress">http://www.stork.gov.eu/1.0/registeredAddress</entry>
+ <entry key="registeredCanonicalAddress">http://www.stork.gov.eu/1.0/registeredCanonicalAddress</entry>
+ <entry key="contactInformation">http://www.stork.gov.eu/1.0/contactInformation</entry>
+ <entry key="LPFiscalNumber">http://www.stork.gov.eu/1.0/LPFiscalNumber</entry>
+ <entry key="mandate">http://www.stork.gov.eu/1.0/mandate</entry>
+ <entry key="docRequest">http://www.stork.gov.eu/1.0/docRequest</entry>
+
+ <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry>
+ <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry>
+ <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry>
+
</properties>
diff --git a/id/server/doc/handbook/config/config.html b/id/server/doc/handbook/config/config.html
index 24e80c588..e21aaf421 100644
--- a/id/server/doc/handbook/config/config.html
+++ b/id/server/doc/handbook/config/config.html
@@ -217,6 +217,12 @@
<td>TrustedCACertificates enth&auml;lt das Verzeichnis (relativ zur MOA-ID-Auth Basiskonfigurationsdatei), das jene Zertifikate enth&auml;lt, die als vertrauensw&uuml;rdig betrachtet werden. Im Zuge der &Uuml;berpr&uuml;fung der TLS-Serverzertifikate wird die Zertifikatspfaderstellung an einem dieser Zertifikate beendet. Dieses Verzeichnis wird zur Pr&uuml;fung der SSL Serverzertifikate beim Download von PVP 2.1 Metadaten verwendet.</td>
</tr>
<tr>
+ <td>general.moaconfig.key</td>
+ <td>ConfigurationEncryptionKey</td>
+ <td><p>Passwort zum Verschl&uuml;sseln von Konfigurationsteilen welche in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</p>
+ <p><strong>Hinweis:</strong> Dieses Passwort muss identisch zu dem im <a href="#basisconfig_moa_id_auth_param_general">Modul MOA-ID-Auth</a> hinterlegten Passwort sein.</p></td>
+ </tr>
+ <tr>
<td>general.userrequests.cleanup.delay</td>
<td>18</td>
<td>Innerhalb dieses Zeitraums muss ein neuer Benutzer die im Benutzerprofil hinterlegte eMail Adresse validieren. </td>
@@ -571,6 +577,12 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-configuration/secure/usermanagementInit
<td>Passwort zum Verschl&uuml;sseln von personenbezogenen Session Daten die w&auml;hrend eines Anmeldevorgangs und f&uuml;r Single Sign-On in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</td>
</tr>
<tr>
+ <td>configuration.moaconfig.key</td>
+ <td>ConfigurationEncryptionKey</td>
+ <td><p>Passwort zum Verschl&uuml;sseln von Konfigurationsteilen welche in der Datenbank abgelegt werden. Hierbei kann jede beliebige Zeichenfolge aus Buchstaben, Zahlen und Sonderzeichen verwendet werden.</p>
+ <p><strong>Hinweis:</strong> Dieses Passwort muss identisch zu dem im Modul <a href="#moa_id_config_parameters_generel">MOA-ID-Configuration</a> hinterlegten Passwort sein.</p></td>
+ </tr>
+ <tr>
<td>configuration.monitoring.active</td>
<td>true / false</td>
<td>Aktiviert das Modul f&uuml;r internes Monitoring / Testing.</td>