diff options
Diffstat (limited to 'id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java')
-rw-r--r-- | id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java | 23 |
1 files changed, 22 insertions, 1 deletions
diff --git a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java index 15d21b4b9..190b2cef9 100644 --- a/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java +++ b/id.server/src/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java @@ -1,5 +1,8 @@ package at.gv.egovernment.moa.id.auth; +import iaik.asn1.ObjectID; + + /** * Constants used throughout moa-id-auth component. * @@ -50,6 +53,24 @@ public interface MOAIDAuthConstants { public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0"; - + /** + * the identity link signer X509Subject names of those identity link signer certificates + * not including the identity link signer OID. The authorisation for signing the identity + * link must be checked by using their issuer names. After february 19th 2007 the OID of + * the certificate will be used fo checking the authorisation for signing identity links. + */ + public static final String[] IDENTITY_LINK_SIGNERS_WITHOUT_OID = + new String[] {"T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitgieds der Datenschutzkommission", + "CN=zmr,OU=BMI-IV-2,O=BMI,C=AT", + "T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitglieds der Datenschutzkommission"}; + /** + * the number of the certifcate extension "Eigenschaft zur Ausstellung von Personenbindungen" + */ + public static final String IDENTITY_LINK_SIGNER_OID_NUMBER = "1.2.40.0.10.1.7.1"; + /** + * the OID of the identity link signer certificate (Eigenschaft zur Ausstellung von Personenbindungen); + * used for checking the authorisation for signing the identity link for identity links signed after february 19th 2007 + */ + public static final ObjectID IDENTITY_LINK_SIGNER_OID = new ObjectID(IDENTITY_LINK_SIGNER_OID_NUMBER); } |