diff options
Diffstat (limited to 'id/server/auth')
32 files changed, 1845 insertions, 0 deletions
diff --git a/id/server/auth/.settings/.jsdtscope b/id/server/auth/.settings/.jsdtscope new file mode 100644 index 000000000..f40dd98e2 --- /dev/null +++ b/id/server/auth/.settings/.jsdtscope @@ -0,0 +1,11 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<classpath>
+ <classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>
+ <classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">
+ <attributes>
+ <attribute name="hide" value="true"/>
+ </attributes>
+ </classpathentry>
+ <classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>
+ <classpathentry kind="output" path=""/>
+</classpath>
diff --git a/id/server/auth/.settings/org.eclipse.jdt.core.prefs b/id/server/auth/.settings/org.eclipse.jdt.core.prefs new file mode 100644 index 000000000..63fe7cb8a --- /dev/null +++ b/id/server/auth/.settings/org.eclipse.jdt.core.prefs @@ -0,0 +1,12 @@ +#Fri Nov 16 13:12:23 CET 2007
+eclipse.preferences.version=1
+org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled
+org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.4
+org.eclipse.jdt.core.compiler.codegen.unusedLocal=preserve
+org.eclipse.jdt.core.compiler.compliance=1.4
+org.eclipse.jdt.core.compiler.debug.lineNumber=generate
+org.eclipse.jdt.core.compiler.debug.localVariable=generate
+org.eclipse.jdt.core.compiler.debug.sourceFile=generate
+org.eclipse.jdt.core.compiler.problem.assertIdentifier=error
+org.eclipse.jdt.core.compiler.problem.enumIdentifier=warning
+org.eclipse.jdt.core.compiler.source=1.4
diff --git a/id/server/auth/.settings/org.eclipse.wst.common.component b/id/server/auth/.settings/org.eclipse.wst.common.component new file mode 100644 index 000000000..b116cf610 --- /dev/null +++ b/id/server/auth/.settings/org.eclipse.wst.common.component @@ -0,0 +1,18 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<project-modules id="moduleCoreId" project-version="1.5.0">
+<wb-module deploy-name="moa-id-auth">
+<wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>
+ <wb-resource deploy-path="/" source-path="/src/main/webapp"/>
+ <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-spss-lib/moa-spss-lib">
+ <dependency-type>uses</dependency-type>
+ </dependent-module>
+ <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-common/moa-common">
+ <dependency-type>uses</dependency-type>
+ </dependent-module>
+ <dependent-module deploy-path="/WEB-INF/lib" handle="module:/resource/moa-id-lib/moa-id-lib">
+ <dependency-type>uses</dependency-type>
+ </dependent-module>
+<property name="java-output-path" value="target/classes"/>
+ <property name="context-root" value="moa-id-auth"/>
+</wb-module>
+</project-modules>
diff --git a/id/server/auth/.settings/org.eclipse.wst.common.project.facet.core.xml b/id/server/auth/.settings/org.eclipse.wst.common.project.facet.core.xml new file mode 100644 index 000000000..f30a1de6e --- /dev/null +++ b/id/server/auth/.settings/org.eclipse.wst.common.project.facet.core.xml @@ -0,0 +1,5 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<faceted-project>
+ <installed facet="jst.java" version="1.4"/>
+ <installed facet="jst.web" version="2.3"/>
+</faceted-project>
diff --git a/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.container b/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.container new file mode 100644 index 000000000..3bd5d0a48 --- /dev/null +++ b/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.container @@ -0,0 +1 @@ +org.eclipse.wst.jsdt.launching.baseBrowserLibrary
\ No newline at end of file diff --git a/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.name b/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.name new file mode 100644 index 000000000..05bd71b6e --- /dev/null +++ b/id/server/auth/.settings/org.eclipse.wst.jsdt.ui.superType.name @@ -0,0 +1 @@ +Window
\ No newline at end of file diff --git a/id/server/auth/.settings/org.maven.ide.eclipse.prefs b/id/server/auth/.settings/org.maven.ide.eclipse.prefs new file mode 100644 index 000000000..a45f64227 --- /dev/null +++ b/id/server/auth/.settings/org.maven.ide.eclipse.prefs @@ -0,0 +1,9 @@ +#Tue Jul 07 16:07:00 CEST 2009
+activeProfiles=
+eclipse.preferences.version=1
+fullBuildGoals=process-test-resources
+includeModules=false
+resolveWorkspaceProjects=true
+resourceFilterGoals=process-resources resources\:testResources
+skipCompilerPlugin=true
+version=1
diff --git a/id/server/auth/pom.xml b/id/server/auth/pom.xml new file mode 100644 index 000000000..e1aeb2802 --- /dev/null +++ b/id/server/auth/pom.xml @@ -0,0 +1,123 @@ +<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> + <parent> + <groupId>MOA.id</groupId> + <artifactId>moa-id</artifactId> + <version>1.5.1</version> + </parent> + + <modelVersion>4.0.0</modelVersion> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-auth</artifactId> + <packaging>war</packaging> + <version>1.5.1</version> + <name>MOA ID-Auth WebService</name> + + <properties> + <repositoryPath>${basedir}/../../../repository</repositoryPath> + </properties> + + <build> + <!--sourceDirectory>${basedir}/../idserverlib/src/main/java</sourceDirectory--> + <!--testSourceDirectory>${basedir}/../idserverlib/src/test/java</testSourceDirectory--> + <plugins> + <plugin> + <groupId>org.apache.maven.plugins</groupId> + <artifactId>maven-war-plugin</artifactId> + <version>2.0.2</version> + <configuration> + <archive> + <manifest> + <addDefaultSpecificationEntries>false</addDefaultSpecificationEntries> + <addDefaultImplementationEntries>true</addDefaultImplementationEntries> + </manifest> + <addMavenDescriptor>false</addMavenDescriptor> + </archive> + + <!-- extract moa-id classes for debugging --> + <!--warSourceExcludes>WEB-INF/lib/moa-id-lib*.jar</warSourceExcludes--> + <webResources> + <resource> + <directory>${basedir}/src/main/wsdl</directory> + <targetPath>WEB-INF/classes/resources/wsdl</targetPath> + </resource> + <!-- + <resource> + <directory>${basedir}/../idserverlib/target/classes</directory> + <targetPath>WEB-INF/classes</targetPath> + </resource> +--> + </webResources> + </configuration> + </plugin> + </plugins> + </build> + + <dependencies> + <!-- we need Axis 1.1 here, 1.0 is included in SPSS --> + <dependency> + <groupId>axis</groupId> + <artifactId>axis</artifactId> + <version>1.1</version> + </dependency> + <dependency> + <groupId>MOA.spss.server</groupId> + <artifactId>moa-spss-lib</artifactId> + <!--version>${project.version}</version--> + </dependency> + <dependency> + <groupId>MOA.id.server</groupId> + <artifactId>moa-id-lib</artifactId> + <!--version>${project.version}</version --> + </dependency> + <!-- transitive dependencies we don't want to include into the war --> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_jce_full</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_ecc</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Provider</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>iaik.prod</groupId> + <artifactId>iaik_Pkcs11Wrapper</artifactId> + <!-- should be in the ext directory of the jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xalan</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xerces</groupId> + <artifactId>xercesImpl</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>xml-apis</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + <dependency> + <groupId>xalan-bin-dist</groupId> + <artifactId>serializer</artifactId> + <!-- should be provided by the container or jre --> + <scope>provided</scope> + </dependency> + </dependencies> + +</project> diff --git a/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory b/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory new file mode 100644 index 000000000..c4547e804 --- /dev/null +++ b/id/server/auth/src/main/resources/META-INF/services/org.apache.axis.components.net.SecureSocketFactory @@ -0,0 +1 @@ +at.gv.egovernment.moa.id.util.AxisSecureSocketFactory
diff --git a/id/server/auth/src/main/webapp/BKAuswahl-MOA-Template-Howto.pdf b/id/server/auth/src/main/webapp/BKAuswahl-MOA-Template-Howto.pdf Binary files differnew file mode 100644 index 000000000..857fcc1dd --- /dev/null +++ b/id/server/auth/src/main/webapp/BKAuswahl-MOA-Template-Howto.pdf diff --git a/id/server/auth/src/main/webapp/META-INF/MANIFEST.MF b/id/server/auth/src/main/webapp/META-INF/MANIFEST.MF new file mode 100644 index 000000000..58630c02e --- /dev/null +++ b/id/server/auth/src/main/webapp/META-INF/MANIFEST.MF @@ -0,0 +1,2 @@ +Manifest-Version: 1.0
+
diff --git a/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf b/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf Binary files differnew file mode 100644 index 000000000..3722c5d7e --- /dev/null +++ b/id/server/auth/src/main/webapp/WCAG-Pruefprotokoll.pdf diff --git a/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd new file mode 100644 index 000000000..0f0eb49d1 --- /dev/null +++ b/id/server/auth/src/main/webapp/WEB-INF/server-config.wsdd @@ -0,0 +1,29 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<deployment name="defaultClientConfig"
+ xmlns="http://xml.apache.org/axis/wsdd/"
+ xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"
+ xmlns:handler="http://xml.apache.org/axis/wsdd/providers/handler">
+
+ <handler name="URLMapper" type="java:org.apache.axis.handlers.http.URLMapper"/>
+ <handler name="MsgDispatcher" type="java:org.apache.axis.providers.java.MsgProvider"/>
+ <handler name="HTTPAuthHandler" type="java:org.apache.axis.handlers.http.HTTPAuthHandler"/>
+
+ <service name="GetAuthenticationData" provider="java:MSG">
+ <namespace>urn:oasis:names:tc:SAML:1.0:protocol</namespace>
+ <parameter name="allowedMethods" value="Request"/>
+ <parameter name="className" value="at.gv.egovernment.moa.id.auth.servlet.GetAuthenticationDataService"/>
+ <wsdlFile>/resources/wsdl/MOA-ID-1.x.wsdl</wsdlFile>
+ <requestFlow>
+ </requestFlow>
+ <responseFlow>
+ </responseFlow>
+ </service>
+
+ <transport name="http">
+ <requestFlow>
+ <handler type="URLMapper"/>
+ <handler type="HTTPAuthHandler"/>
+ </requestFlow>
+ </transport>
+
+</deployment>
diff --git a/id/server/auth/src/main/webapp/WEB-INF/web.xml b/id/server/auth/src/main/webapp/WEB-INF/web.xml new file mode 100644 index 000000000..ef75dff24 --- /dev/null +++ b/id/server/auth/src/main/webapp/WEB-INF/web.xml @@ -0,0 +1,153 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'> +<web-app> + <display-name>MOA ID Auth</display-name> + <description>MOA ID Authentication Service</description> + <servlet> + <servlet-name>SelectBKU</servlet-name> + <display-name>SelectBKU</display-name> + <description>Select Bürgerkartenartenumgebung</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SelectBKUServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>StartAuthentication</servlet-name> + <display-name>StartAuthentication</display-name> + <description>Start authentication process</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet</servlet-class> + <load-on-startup>0</load-on-startup> + </servlet> + <servlet> + <servlet-name>VerifyIdentityLink</servlet-name> + <display-name>VerifyIdentityLink</display-name> + <description>Verify identity link coming from security layer</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>VerifyCertificate</servlet-name> + <display-name>VerifyCertificate</display-name> + <description>Verify the certificate coming from security layer</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>GetMISSessionID</servlet-name> + <display-name>GetMISSessionID</display-name> + <description>Get the MIS session ID coming from security layer</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet</servlet-class> + </servlet> + + <servlet> + <servlet-name>GetForeignID</servlet-name> + <display-name>GetForeignID</display-name> + <description>Gets the foreign eID from security layer</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>ProcessInput</servlet-name> + <display-name>ProcessInput</display-name> + <description>Process user input needed by infobox validators</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>VerifyAuthBlock</servlet-name> + <display-name>VerifyAuthBlock</display-name> + <description>Verify AUTH block coming from security layer</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>ConfigurationUpdate</servlet-name> + <display-name>ConfigurationUpdate</display-name> + <description>Update MOA-ID Auth configuration from the configuration file</description> + <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class> + </servlet> + <servlet> + <servlet-name>AxisServlet</servlet-name> + <display-name>Apache-Axis Servlet</display-name> + <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class> + </servlet> + + <!-- JSP servlet --> + <servlet> + <servlet-name>jspservlet</servlet-name> + <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> + </servlet> + + <!-- servlet mapping for jsp pages --> + <!-- errorpage.jsp (customizeable) --> + <servlet-mapping> + <servlet-name>jspservlet</servlet-name> + <url-pattern>/errorpage-auth.jsp</url-pattern> + </servlet-mapping> + <!-- message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) --> + <servlet-mapping> + <servlet-name>jspservlet</servlet-name> + <url-pattern>/message-auth.jsp</url-pattern> + </servlet-mapping> + + <servlet-mapping> + <servlet-name>SelectBKU</servlet-name> + <url-pattern>/SelectBKU</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>StartAuthentication</servlet-name> + <url-pattern>/StartAuthentication</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>VerifyIdentityLink</servlet-name> + <url-pattern>/VerifyIdentityLink</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>VerifyCertificate</servlet-name> + <url-pattern>/VerifyCertificate</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>GetMISSessionID</servlet-name> + <url-pattern>/GetMISSessionID</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>GetForeignID</servlet-name> + <url-pattern>/GetForeignID</url-pattern> + </servlet-mapping> + + <servlet-mapping> + <servlet-name>ProcessInput</servlet-name> + <url-pattern>/ProcessInput</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>VerifyAuthBlock</servlet-name> + <url-pattern>/VerifyAuthBlock</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>ConfigurationUpdate</servlet-name> + <url-pattern>/ConfigurationUpdate</url-pattern> + </servlet-mapping> + <servlet-mapping> + <servlet-name>AxisServlet</servlet-name> + <url-pattern>/services/*</url-pattern> + </servlet-mapping> + <session-config> + <session-timeout>30</session-timeout> + </session-config> + <error-page> + <error-code>500</error-code> + <location>/errorpage.jsp</location> + </error-page> + <security-constraint> + <web-resource-collection> + <web-resource-name>ConfigurationUpdate</web-resource-name> + <url-pattern>/ConfigurationUpdate</url-pattern> + </web-resource-collection> + <auth-constraint> + <role-name>moa-admin</role-name> + </auth-constraint> + </security-constraint> + <login-config> + <auth-method>BASIC</auth-method> + <realm-name>UserDatabase</realm-name> + </login-config> + <security-role> + <description> + The role that is required to log in to the moa Application + </description> + <role-name>moa-admin</role-name> + </security-role> +</web-app> diff --git a/id/server/auth/src/main/webapp/css/index.css b/id/server/auth/src/main/webapp/css/index.css new file mode 100644 index 000000000..18a0dccde --- /dev/null +++ b/id/server/auth/src/main/webapp/css/index.css @@ -0,0 +1,256 @@ +@charset "utf-8";
+
+* {
+ margin:0;
+ padding:0;
+ border:0;
+}
+
+body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ font-family : Verdana, Geneva, Arial, sans-serif;
+ font-size:76%;
+}
+
+/* skiplink */
+
+#skiplinks {
+ position:relative;
+}
+
+p#skiplinks a {
+
+ position: absolute;
+ top: -999em;
+ left: -999em;
+ height: 0;
+ width: 0;
+ overflow: hidden;
+}
+
+p#skiplinks a:focus,
+p#skiplinks a:hover,
+p#skiplinks a:active {
+ height: auto;
+ width:auto;
+ left: 0;
+ top: 0;
+ padding: 4px;
+ position: absolute;
+ overflow: visible;
+ text-decoration: none;
+ z-index: 100;
+}
+
+/*layout */
+
+#wrapper {
+ min-width:746px;
+ max-width:1258px;
+ padding: 0 10px;
+}
+
+#banner {
+ width:100%;
+ min-height:100px;
+ padding-top:20px;
+ position:relative;
+}
+
+#bannerleft {
+ float:left;
+}
+
+#bannerleft h1 {
+ font-size:2em;
+ padding-top:10px;
+}
+
+#bannerright {
+ float:right;
+}
+
+#main {
+ clear:both;
+ position:relative;
+}
+
+/* left */
+
+#leftcontent {
+ float:left;
+ width:220px;
+}
+
+h2#tabheader, h2#contentheader {
+ padding:2px;
+ font-size:1.1em;
+ color:#fff;
+ border-bottom:2px solid #fff;
+}
+
+#bkulogin {
+ overflow:hidden;
+ width:220px;
+}
+
+#bkukarte {
+ float:left;
+ background: url(../img/karte.gif) no-repeat top center;
+ padding: 90px 10px 10px 10px;
+ text-align:center;
+ width:40%;
+}
+
+#bkuhandy {
+ float:right;
+ background: url(../img/handy.gif) no-repeat top center;
+ padding: 90px 10px 10px 10px;
+ text-align:center;
+ width:40%;
+}
+
+#mandate{
+ text-align:center;
+ padding : 5px 5px 5px 5px;
+}
+
+button {
+ background: #efefef;
+ border:1px solid #000;
+ cursor: pointer;
+}
+
+#installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+}
+
+#localBKU {
+ padding:4px;
+}
+
+.sendButton {
+ background-color: DarkGray;
+ border-style: solid;
+ border-width: 1px;
+ border-color: black;
+}
+
+
+#tab {
+ margin-top:2px;
+ padding:2px;
+ clear:both;
+}
+
+#leftcontent a {
+ text-decoration:none;
+ color: #000;
+/* display:block;*/
+ padding:4px;
+}
+
+#leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
+ text-decoration:underline;
+ color: #000;
+}
+
+#navlist {
+ margin-top:20px;
+}
+
+#navlist ul {
+ list-style: none;
+ margin-left: 0;
+}
+
+#navlist li {
+ border-bottom:1px solid #fff;
+}
+
+iframe {
+ width:220px;
+}
+
+/* right */
+
+#rightcontent {
+ float:right;
+ width:220px;
+}
+
+#centercontent {
+ width:auto;
+ margin: 0 230px;
+}
+
+/* center */
+
+#content {
+ padding:20px;
+}
+
+#content a {
+ text-decoration:underline;
+ color: #000;
+}
+
+#content a:hover, #content a:focus, #content a:active {
+ text-decoration:underline;
+ color: #000;
+}
+
+p {
+ margin-bottom:1em;
+}
+
+.lightblock{
+ text-align : left;
+ padding : 5px 5px 5px 5px;
+}
+
+
+#mandateLogin {
+ vertical-align: middle;
+}
+
+
+.infobutton {
+ background-color: #005a00;
+ color: white;
+ font-family: serif;
+ text-decoration: none;
+ padding-top: 2px;
+ padding-right: 4px;
+ padding-bottom: 2px;
+ padding-left: 4px;
+ font-weight: bold;
+}
+
+
+/* [OPTIONAL] Geben Sie hier die Farbe fuer den hellen Hintergrund an */
+.hell {
+ background-color : #DDDDDD;
+}
+
+/* [OPTIONAL] Geben Sie hier die Farbe fuer den dunklen Hintergrund an */
+.dunkel {
+ background-color: #A02D2D;
+}
+
+/* [OPTIONAL] Geben Sie hier die Farbe fuer Links an */
+#leftcontent a, #content a {
+ color: blue;
+}
+
+@media print {
+ #wrapper { width:100%;}
+ #banner {width:640px;}
+ #rightcontent {display: none;}
+ #centercontent {width:400px; margin-right:0;}
+}
diff --git a/id/server/auth/src/main/webapp/errorpage-auth.jsp b/id/server/auth/src/main/webapp/errorpage-auth.jsp new file mode 100644 index 000000000..07f3e7f69 --- /dev/null +++ b/id/server/auth/src/main/webapp/errorpage-auth.jsp @@ -0,0 +1,50 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>Ein Fehler ist aufgetreten</title>
+</head>
+<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
+ String errorMessage = (String)request.getAttribute("ErrorMessage");
+ String wrongParameters = (String)request.getAttribute("WrongParameters");
+%>
+
+<body>
+<h1>Fehler bei der Anmeldung</h1>
+<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
+
+<% if (errorMessage != null) { %>
+<p>
+<%= errorMessage%><br>
+</p>
+<% } %>
+<% if (exceptionThrown != null) { %>
+<p>
+<%= exceptionThrown.getMessage()%>
+</p>
+<% } %>
+<% if (wrongParameters != null) { %>
+<p>Die Angabe der Parameter ist unvollständig.<br></p>
+<b> <%= wrongParameters %> </b><br>
+<p>
+ Beispiele für korrekte Links zur MOA-ID Authentisierung sind:
+</p>
+<p>
+<tt><a href="https://<MOA-URL>/StartAuthentication?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>"></tt>
+</p>
+<p>
+<tt><a href="https://<MOA-URL>/SelectBKU?Target=<Geschäftsbereich>&OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
+</p>
+<p>
+Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entfällt die Angabe des <i>Target</i> Parameters:
+</p>
+<p>
+<tt><a href="https://<MOA-URL>/StartAuthentication?OA=<OA-URL>&Template=<Template-URL>"></tt>
+</p>
+<p>
+<tt><a href="https://<MOA-URL>/SelectBKU?OA=<OA-URL>&Template=<Template-URL>&BKUSelectionTemplate=<BKU-Template-URL>"></tt>
+</p>
+<p>Die Angabe der Parameter <tt>"Template"</tt> und <tt>"BKUSelectionTemplate"</tt> ist optional.</p>
+<% } %>
+</body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/iframeHandyBKU.html b/id/server/auth/src/main/webapp/iframeHandyBKU.html new file mode 100644 index 000000000..0f6e1e282 --- /dev/null +++ b/id/server/auth/src/main/webapp/iframeHandyBKU.html @@ -0,0 +1,57 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title>iFrame Handy BKU</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <meta http-equiv="CACHE-CONTROL" content="NO-CACHE">
+ <meta http-equiv="PRAGMA" content="NO-CACHE">
+ <script type="text/javascript">
+ // [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
+ // z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
+
+ // [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Handy Signatur an -->
+ <!-- z.B.: value="https://yoururl.at/moa-id-auth/template_handyBKU.html"-->
+ var URL_TO_HANDYSIGNATUR_TEMPLATE = "[URL_TO_HANDYSIGNATUR_TEMPLATE]";
+
+
+ window.onload=function() {
+
+ document.getElementById('moaidform').action = MOA_ID_STARTAUTHENTICATION;
+ document.getElementById('Template').value = URL_TO_HANDYSIGNATUR_TEMPLATE;
+
+ var useMandate = gup("useMandate");
+
+ if (useMandate == "true")
+ document.getElementById('useMandate').value = "true";
+ else
+ document.getElementById('useMandate').value = "false";
+
+
+ document.moaidform.submit();
+ return;
+ }
+
+ function gup(name) {
+ name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
+ var regexS = "[\\?&]"+name+"=([^&#]*)";
+ var regex = new RegExp( regexS );
+ var results = regex.exec( window.location.href );
+ if( results == null )
+ return "";
+ else
+ return results[1];
+ }
+
+ </script>
+ </head>
+ <body>
+ Bitte warten...
+ <form name="moaidform" method="post" id="moaidform">
+ <input type="hidden" name="Template" id="Template">
+ <input type="hidden" name="bkuURI" value="https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx">
+ <input type="hidden" name="useMandate" id="useMandate">
+ </form>
+ <hr>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/iframeOnlineBKU.html b/id/server/auth/src/main/webapp/iframeOnlineBKU.html new file mode 100644 index 000000000..a039005e0 --- /dev/null +++ b/id/server/auth/src/main/webapp/iframeOnlineBKU.html @@ -0,0 +1,59 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title>iFrame Online BKU</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <meta http-equiv="CACHE-CONTROL" content="NO-CACHE">
+ <meta http-equiv="PRAGMA" content="NO-CACHE">
+ <script type="text/javascript">
+ // [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
+ // z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
+
+ // [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die Online BKU an
+ // z.B.: "https://yoururl.at/moa-id-auth/template_onlineBKU.html"
+ var URL_TO_ONLINEBKU_TEMPLATE = "[URL_TO_ONLINEBKU_TEMPLATE]";
+
+ // [MUSS] Geben Sie hier die URL zur Online BKU an
+ // z.B.: value="https://yoururl.at/bkuonline/https-security-layer-request"
+ // Hinweis: Diese URL muss auch bei den vertrauenswürdigen BKUs in der MOA-ID Konfiguration angegeben werden (siehe Element MOA-IDConfiguration/TrustedBKUs/BKUURL)
+ var URL_TO_ONLINEBKU = "[URL_TO_ONLINEBKU]";
+
+ window.onload=function() {
+ document.getElementById('moaidform').action = MOA_ID_STARTAUTHENTICATION;
+ document.getElementById('Template').value = URL_TO_ONLINEBKU_TEMPLATE;
+ document.getElementById('bkuURI').value = URL_TO_ONLINEBKU;
+
+ var useMandate = gup("useMandate");
+
+ if (useMandate == "true")
+ document.getElementById('useMandate').value = "true";
+ else
+ document.getElementById('useMandate').value = "false";
+
+ document.moaidform.submit();
+ return;
+ }
+
+ function gup(name) {
+ name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
+ var regexS = "[\\?&]"+name+"=([^&#]*)";
+ var regex = new RegExp( regexS );
+ var results = regex.exec( window.location.href );
+ if( results == null )
+ return "";
+ else
+ return results[1];
+ }
+ </script>
+ </head>
+ <body>
+ Bitte warten...
+ <form method="POST" name="moaidform" id="moaidform">
+ <input type="hidden" name="Template" id="Template">
+ <input type="hidden" name="bkuURI" id="bkuURI">
+ <input type="hidden" name="useMandate" id="useMandate">
+ </form>
+ <hr>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/img/bk_aktivieren.jpg b/id/server/auth/src/main/webapp/img/bk_aktivieren.jpg Binary files differnew file mode 100644 index 000000000..a6436dc72 --- /dev/null +++ b/id/server/auth/src/main/webapp/img/bk_aktivieren.jpg diff --git a/id/server/auth/src/main/webapp/img/handy.gif b/id/server/auth/src/main/webapp/img/handy.gif Binary files differnew file mode 100644 index 000000000..5aeb542db --- /dev/null +++ b/id/server/auth/src/main/webapp/img/handy.gif diff --git a/id/server/auth/src/main/webapp/img/karte.gif b/id/server/auth/src/main/webapp/img/karte.gif Binary files differnew file mode 100644 index 000000000..ee9ab7cad --- /dev/null +++ b/id/server/auth/src/main/webapp/img/karte.gif diff --git a/id/server/auth/src/main/webapp/img/logo.jpg b/id/server/auth/src/main/webapp/img/logo.jpg Binary files differnew file mode 100644 index 000000000..bafbccc84 --- /dev/null +++ b/id/server/auth/src/main/webapp/img/logo.jpg diff --git a/id/server/auth/src/main/webapp/index.html b/id/server/auth/src/main/webapp/index.html new file mode 100644 index 000000000..533f2830a --- /dev/null +++ b/id/server/auth/src/main/webapp/index.html @@ -0,0 +1,242 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <!-- [OPTIONAL] Aendern Sie hier den Titel der Seite -->
+ <title>
+ MOA-Template zur Bürgerkartenauswahl (Musterseite)
+ </title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <meta http-equiv="Content-Style-Type" content="text/css">
+ <link rel="stylesheet" type="text/css" href="css/index.css">
+ <script type="text/javascript">
+ // [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an
+ // z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at
+ var MOA_ID_STARTAUTHENTICATION = "[MOA_ID_STARTAUTHENTICATION]";
+
+ // [MUSS] Geben Sie hier die URL zum MOA-ID Template fuer die lokale BKU an
+ // z.B.: https://yoururl.at/moa-id-auth/template_localBKU.html
+ var URL_TO_LOKALBKU_TEMPLATE = "[URL_TO_LOKALBKU_TEMPLATE]";
+
+
+ window.onload=function() {
+
+ document.getElementById("localBKU").style.display="none";
+ return;
+ }
+
+ function bkuOnlineClicked() {
+ <!-- [OPTIONAL] Um die lokale BKU auszublenden, ersetzen Sie in der folgenden Zeile "block" durch "none" -->
+ document.getElementById("localBKU").style.display="block";
+
+ document.getElementById("moaidform").action = MOA_ID_STARTAUTHENTICATION;
+ document.getElementById("Template").value = URL_TO_LOKALBKU_TEMPLATE;
+
+ document.getElementById("useMandate").value = "false";
+ var checkbox = document.getElementById("mandateCheckBox")
+ if (checkbox != null) {
+ if (document.getElementById("mandateCheckBox").checked) {
+ document.getElementById("useMandate").value = "true";
+ }
+ }
+
+ var el = document.getElementById("bkulogin");
+ var parent = el.parentNode;
+
+ var iFrameURL = "iframeOnlineBKU.html" + "?";
+ iFrameURL += "useMandate=" + document.getElementById("useMandate").value;
+
+ var iframe = document.createElement("iframe");
+ iframe.setAttribute("src", iFrameURL);
+ iframe.setAttribute("width", "220");
+ iframe.setAttribute("height", "165");
+ iframe.setAttribute("frameborder", "0");
+ iframe.setAttribute("scrolling", "no");
+ iframe.setAttribute("title", "Login");
+
+ parent.replaceChild(iframe, el);
+ }
+
+
+ function bkuHandyClicked() {
+ document.getElementById("localBKU").style.display="none";
+
+ document.getElementById("useMandate").value = "false";
+ var checkbox = document.getElementById("mandateCheckBox")
+ if (checkbox != null) {
+ if (document.getElementById("mandateCheckBox").checked) {
+ document.getElementById("useMandate").value = "true";
+ }
+ }
+
+ var el = document.getElementById("bkulogin");
+ var parent = el.parentNode;
+
+ var iFrameURL = "iframeHandyBKU.html" + "?";
+ iFrameURL += "useMandate=" + document.getElementById("useMandate").value;
+
+ var iframe = document.createElement("iframe");
+ iframe.setAttribute("src", iFrameURL);
+ iframe.setAttribute("width", "220");
+ iframe.setAttribute("height", "159");
+ iframe.setAttribute("frameborder", "0");
+ iframe.setAttribute("scrolling", "no");
+ iframe.setAttribute("title", "Login");
+
+ parent.replaceChild(iframe, el);
+ }
+ </script>
+ </head>
+ <body>
+ <div id="wrapper">
+ <p id="skiplinks">
+ <a href="#content">Zum Inhalt springen</a>
+ </p>
+ <div id="banner">
+ <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
+ <div id="bannerleft">
+ <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1>
+ </div>
+ <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
+ <div id="bannerright">
+ <img src="img/logo.jpg" alt="Logo">
+ </div>
+ </div>
+ <div id="main">
+ <div id="leftcontent">
+ <h2 id="tabheader" class="dunkel">
+ Login mit Bürgerkarte
+ </h2>
+ <div id="bkulogin" class="hell">
+ <!-- No-Script Variante, wenn im Browser JavaScript deaktiviert ist -->
+ <!-- Defaulteinstellung: No-Script Variante mit Anmeldung via lokaler BKU oder Handysignatur ohne Vollmacht -->
+ <noscript>
+ Kein JavaScript aktiviert!
+
+ <!-- [OPTIONAL] kommentieren sie folgende entsprechenden Blöcke aus, wenn Sie keine No-Script Variante anbieten möchten oder nur bestimmte BKU/Vollmachten Varianten anzeigen möchten -->
+
+ <!-- Block "KARTE": Anmeldung mit lokaler BKU *ohne* Vollmacht (No-Script Variante) -->
+ <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
+ <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=false -->
+ <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_LOKALBKU_TEMPLATE]&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=false">
+ <div id="bkukarte" class="hell">
+ <button name="bkuButton" type="button">KARTE</button>
+ </div>
+ </a>
+
+ <!-- Block "KARTE+Vollmacht": Anmeldung mit lokaler BKU *mit* Vollmacht (No-Script Variante) -->
+ <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
+ <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_localBKU.html&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=true -->
+ <!-- <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_LOKALBKU_TEMPLATE]&bkuURI=https://127.0.0.1:3496/https-security-layer-request&useMandate=true">
+ <div id="bkukarte" class="hell">
+ <button name="bkuButton" type="button">KARTE+<br>Vollmacht</button>
+ </div>
+ </a> -->
+
+
+ <!-- Block "HANDY": Anmeldung mit Handysignatur *ohne* Vollmacht (No-Script Variante) -->
+ <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
+ <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_handyBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=false -->
+ <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_HANDYSIGNATUR_TEMPLATE]&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=false">
+ <div id="bkuhandy" class="hell">
+ <button name="bkuButton" type="button">HANDY</button>
+ </div>
+ </a>
+
+ <!-- Block "HANDY+Vollnacht": Anmeldung mit Handysignatur *mit* Vollmacht (No-Script Variante) -->
+ <!-- [MUSS] Geben Sie hier die URL zum Aufruf von MOA-ID an (inkl. Template-URL, bkuURI und useMandate Parameter!) -->
+ <!-- z.B.: https://yoururl.at/moa-id-auth/StartAuthentication?Target=IT&OA=https://youronlineapplication.at&Template=https://yoururl.at/moa-id-auth/template_handyBKU.html&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=true -->
+ <!-- <a href="[MOA_ID_STARTAUTHENTICATION]&Template=[URL_TO_HANDYSIGNATUR_TEMPLATE]&bkuURI=https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx&useMandate=true">
+ <div id="bkuhandy" class="hell">
+ <button name="bkuButton" type="button">HANDY</button>
+ </div>
+ </a> -->
+
+ </noscript>
+
+ <script>
+ <!-- [OPTIONAL] Um die Online BKU auszublenden, kommentieren sie folgende drei Zeilen aus aus -->
+ document.write("<div id=\"bkukarte\" class=\"hell\">");
+ document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuOnlineClicked();\">KARTE</button>");
+ document.write("</div>");
+
+ <!-- [OPTIONAL] Um die Handysignatur auszublenden, kommentieren sie folgende drei Zeilen aus aus -->
+ document.write("<div id=\"bkuhandy\" class=\"hell\">");
+ document.write("<button name=\"bkuButton\" type=\"button\" onClick=\"bkuHandyClicked();\">HANDY</button>");
+ document.write("</div>");
+
+ <!-- [OPTIONAL] Um die Anmeldung mit Vollmachten auszublenden, kommentieren Sie folgende fünf Zeilen aus -->
+ document.write("<div id=\"mandate\">");
+ document.write("<input type=\"checkbox\" name=\"Mandate\" style=\"vertical-align: middle; margin-right: 5px;\" id=\"mandateCheckBox\">");
+ document.write("<label>in Vertretung anmelden</label>");
+ document.write(" <a href=\"info_mandates.html\" target=\"_blank\" class=\"infobutton\" style=\"color:#FFF\">i</a>");
+ document.write("</div> ");
+ </script>
+ </div>
+
+
+
+
+ <div id="localBKU" style="display:none" class="hell">
+ <hr>
+ <form method="post" id="moaidform">
+ <input type="hidden" name="show" value="false">
+ <input type="hidden" name="Template" id="Template">
+ <input type="hidden" name="bkuURI" value="https://127.0.0.1:3496/https-security-layer-request">
+ <input type="hidden" name="useMandate" id="useMandate">
+ <input type="submit" size="400" value="Lokale BKU" class="sendButton">
+ </form>
+ <p>
+ <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small>
+ </p>
+ </div>
+
+ <div id="tab" class="hell">
+ <a href="info_bk.html" class="link_nav">Informationen zur Bürgerkarte</a>
+ </div>
+
+ <div id="navlist" class="hell">
+ <ul>
+ <li>
+ <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte.at</a>
+ </li>
+ <li>
+ <a href="http://www.digitales.oesterreich.gv.at/" target="_blank">Digitales Österreich</a>
+ </li>
+ <li>
+ <a href="http://www.a-sit.at/" target="_blank">A-SIT</a>
+ </li>
+ <li>
+ <a href="http://www.a-trust.at/" target="_blank">A-Trust</a>
+ </li>
+ <li>
+ <a href="http://www.egiz.gv.at/" target="_blank">EGIZ</a>
+ </li>
+ </ul>
+ </div>
+ </div>
+
+ <div id="rightcontent">
+ <p>
+ <a href="http://www.buergerkarte.at/aktivieren.de.php" target="_blank"><img src="img/bk_aktivieren.jpg" border="0" alt="B6uuml;rgerkarte aktivieren" width="210"></a>
+ </p>
+ </div>
+
+ <div id="centercontent">
+
+ <h2 id="contentheader" class="dunkel">
+ Hinweise zum MOA-Template
+ </h2>
+
+ <div id="content" class="hell">
+ <p>
+ Eine Anleitung zur Nutzung des MOA-Template finden Sie hier: <a href="BKAuswahl-MOA-Template-Howto.pdf" target="_blank">BKAuswahl-MOA-Template-Howto.pdf (PDF, 190B)</a>.
+ So müssen vor einem Login noch die Parameter für den MOA-ID Aufruf angegeben werden.</p>
+ <p>
+ Diese Musterseite erfüllt die Richtlinie für barrierefreie Webinhalte 2.0 (WCAG 2.0 des W3C) Stufe AA. Das Prüfprotokoll hierzu finden Sie hier: <a href="WCAG-Pruefprotokoll.pdf" target="_blank">Pruefprotokoll.pdf (PDF, 705kB)</a>.
+ </p>
+ </div>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/info_bk.html b/id/server/auth/src/main/webapp/info_bk.html new file mode 100644 index 000000000..59aea64cb --- /dev/null +++ b/id/server/auth/src/main/webapp/info_bk.html @@ -0,0 +1,100 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title>Information</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <meta http-equiv="Content-Style-Type" content="text/css">
+ <link rel="stylesheet" type="text/css" href="css/index.css">
+ </head>
+ <body>
+ <div id="wrapper">
+ <p id="skiplinks">
+ <a href="#content">Zum Inhalt springen</a>
+ </p>
+ <div id="banner">
+ <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
+ <div id="bannerleft">
+ <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1>
+ <!-- Meldung im Browser, wenn JavaScript nicht aktiviert -->
+ <noscript>
+ <p>
+ Bitte aktivieren Sie JavaScript.
+ </p>
+ </noscript>
+ </div>
+ <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
+ <div id="bannerright">
+ <img src="img/logo.jpg" alt="Logo">
+ </div>
+ </div>
+ <div id="main">
+ <div id="centercontent">
+ <h2 id="contentheader" class="dunkel">
+ Informationen zur Bürgerkarte
+ </h2>
+ <div id="content" class="hell">
+ <p>
+ <B>Hinweis:</B>
+ Für natürliche Personen ist beim Login mit Bürgerkarte keine Erstanmeldung erforderlich.
+ </p>
+ <p>
+ Um mit der Bürgerkarte einsteigen zu können, benötigen Sie:
+ </p>
+ <ul>
+ <li>
+ eine Chipkarte, die für die Verwendung als Bürgerkarte geeignet ist, wie zum Beispiel Ihre e-card, Bankomatkarte oder Signaturkarte von A-Trust
+ </li>
+ <li>
+ einen Kartenleser mit den dazugehörigen Treibern
+ </li>
+ <li>
+ eine Bürgerkartensoftware (BKU)
+ </li>
+ </ul>
+ <p> </p>
+ <p>oder</p>
+ <ul>
+ <li>
+ ein Mobiltelefon, das zur Nutzung als Handysignatur registriert ist.
+ </li>
+ </ul>
+<p>
+ </p>
+<p>Als Bürgerkartensoftware stehen Ihnen folgende drei Varianten zur Verfügung:
+ </p>
+ <ul>
+ <li><i>Lokale BKU</i>: Diese Software wird lokal auf Ihrem Computer installiert. Die Software finden sie unter <a href="http://www.buergerkarte.at/download.de.php" target="_blank">http://www.buergerkarte.at/download.de.php</a>
+ </li>
+ <li><i>Online BKU</i>: Mit der Online BKU wird keine lokale Bürgerkartensoftware am PC benötigt. Über JAVA Technologien werden die benötigten Funktionen als Applet im Browser ausgeführt. Einzige Voraussetzung ist eine aktuelle JAVA Version (ab Java 6).
+ </li>
+ <li><i>Handysignatur</i>: Mit der Handysignatur können Sie sich mittels ihres Mobiltelefons anmelden. Voraussetzung ist eine vorherige Registrierung. Mehr Informationen hierzu finden Sie auf: <a href="https://www.handy-signatur.at/" target="_blank">https://www.handy-signatur.at/</a><br>
+ <br>
+ <b>Informationen zur Bürgerkarte finden Sie hier:</b>
+ </li>
+ </ul>
+ <ul>
+ <li>
+ <a href="http://www.digitales.oesterreich.gv.at" target="_blank">Digitales Österreich</a>: Informationen rund um E-Government
+ </li>
+ <li>
+ <a href="http://www.buergerkarte.at" target="_blank">Bürgerkarte</a>: Informationen zur Bürgerkarte
+ </li>
+ </ul>
+ <p>
+ <br>
+ <b>Hier bekommen Sie Ihre Bürgerkarte:</b>
+ </p>
+ <ul>
+ <li>
+ <a href="http://www.a-trust.at/" target="_blank">A-Trust</a>: Aktivieren der Bankomatkarte/e-card als Bürgerkarte oder Registrierung ihres Mobiltelefons als Bürgerkarte oder Ausstellung einer eigenen Bürgerkarte
+ </li>
+ </ul>
+ <p align="center">
+ <a href="javascript:history.back();" class="link_nav">zurück</a>
+ </p>
+ </div>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/info_mandates.html b/id/server/auth/src/main/webapp/info_mandates.html new file mode 100644 index 000000000..c46b91636 --- /dev/null +++ b/id/server/auth/src/main/webapp/info_mandates.html @@ -0,0 +1,58 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title>Information</title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <meta http-equiv="Content-Style-Type" content="text/css">
+ <link rel="stylesheet" type="text/css" href="css/index.css">
+ </head>
+ <body>
+ <div id="wrapper">
+ <p id="skiplinks">
+ <a href="#content">Zum Inhalt springen</a>
+ </p>
+ <div id="banner">
+ <!-- [OPTIONAL] Aendern Sie hier die Titelueberschrift der Seite) -->
+ <div id="bannerleft">
+ <h1>MOA-Template zur Bürgerkartenauswahl (Musterseite)</h1>
+ <!-- Meldung im Browser, wenn JavaScript nicht aktiviert -->
+ <noscript>
+ <p>
+ Bitte aktivieren Sie JavaScript.
+ </p>
+ </noscript>
+ </div>
+ <!-- [OPTIONAL] Aendern Sie hier das Logo der Seite (und Alternativtext fuer das Bild) -->
+ <div id="bannerright">
+ <img src="img/logo.jpg" alt="Logo">
+ </div>
+ </div>
+ <div id="main">
+ <div id="centercontent">
+ <h2 id="contentheader" class="dunkel">
+ Information zur Anmeldung mittels elektronischer Vollmacht
+ </h2>
+ <div id="content" class="hell">
+ <p>
+ <p>Aktivieren Sie das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden",
+ wenn Sie sich als Vertreter für eine andere Person anmelden möchten. Das Vollmachtenservice
+ der Stammzahlenregisterbehörde bietet Ihnen Ihre verfügbaren Vollmachten zur Auswahl an.</p>
+
+
+ <p>Das Service zum Eintragen einer Vollmacht zwischen zwei natürlichen Personen können Sie
+ unter dem Hyperlink <a href="https://vollmachten.stammzahlenregister.gv.at/">Bilaterale Vollmacht</a>
+ eintragen.</p>
+
+ <p>Als Organwalter (gemäß § 5 Abs. 3 E-GovG) und berufsmäßige Parteinvertreter,
+ aktivieren Sie bitte ebenfalls das Kästchen <input type="checkbox" checked="true" readonly="true" enabled="false"/> "in Vertretung anmelden".</p>
+
+
+ <p><span style="text-decoration: underline">Hinweis</span>: Welche Vollmachten Ihnen bei der jeweiligen
+ Bürgerkartenapplikation zur Verfügung stehen, hängt vom Anwendungsbetreiber ab.</p>
+ </p>
+ </div>
+ </div>
+ </div>
+ </div>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/message-auth.jsp b/id/server/auth/src/main/webapp/message-auth.jsp new file mode 100644 index 000000000..0c28c1ba7 --- /dev/null +++ b/id/server/auth/src/main/webapp/message-auth.jsp @@ -0,0 +1,20 @@ +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
+<%@ page contentType="text/html; charset=UTF-8" %>
+<html>
+<head>
+<title>MOA-ID AUTH</title>
+</head>
+<% String message = (String)request.getAttribute("Message");
+%>
+
+<body>
+<h1>MOA-ID AUTH</h1>
+
+<% if (message != null) { %>
+<p>
+<%= message%><br>
+</p>
+<% } %>
+
+</body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/template_handyBKU.html b/id/server/auth/src/main/webapp/template_handyBKU.html new file mode 100644 index 000000000..0ad73a6f3 --- /dev/null +++ b/id/server/auth/src/main/webapp/template_handyBKU.html @@ -0,0 +1,38 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title></title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <script language="javascript" type="text/javascript">
+ function onAnmeldeSubmit() {
+ document.CustomizedForm.submit();
+ document.CustomizedForm.Senden.disabled=true;
+ }
+ </script>
+ </head>
+ <body onLoad="onAnmeldeSubmit()">
+ <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
+ Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
+ <input class="button" type="submit" value="Starte Anmeldung" name="Senden">
+ <input type="hidden" name="XMLRequest" value="<XMLRequest>">
+ <input type="hidden" name="DataURL" value="<DataURL>">
+ <input type="hidden" name="PushInfobox" value="<PushInfobox>">
+
+ <!-- Angabe der Parameter für die Handy-BKU -->
+ <input type="hidden" name="appletWidth" value="220">
+ <input type="hidden" name="appletHeight" value="159">
+
+ <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Handy-BKU -->
+ <input type="hidden" name="backgroundColor" value="#DDDDDD">
+
+ <input type="hidden" name="redirecttarget" value="_parent">
+ </form>
+
+ <form name="CustomizedInfoForm" action="<BKU>" method="post">
+ <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
+ <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
+ </form>
+ <form name="DummyForm" action="<BKU>" method="post">
+ </form>
+ </body>
+</html>
\ No newline at end of file diff --git a/id/server/auth/src/main/webapp/template_localBKU.html b/id/server/auth/src/main/webapp/template_localBKU.html new file mode 100644 index 000000000..f197d2c5c --- /dev/null +++ b/id/server/auth/src/main/webapp/template_localBKU.html @@ -0,0 +1,30 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title></title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <script language="javascript" type="text/javascript">
+ function onAnmeldeSubmit() {
+ document.CustomizedForm.submit();
+ document.CustomizedForm.Senden.disabled=true;
+ }
+ </script>
+ </head>
+ <body onLoad="onAnmeldeSubmit()">
+ <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
+ Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
+ <input class="button" type="submit" value="Starte Anmeldung" name="Senden">
+ <input type="hidden" name="XMLRequest" value="<XMLRequest>">
+ <input type="hidden" name="DataURL" value="<DataURL>">
+ <input type="hidden" name="PushInfobox" value="<PushInfobox>">
+ </form>
+
+ <form name="CustomizedInfoForm" action="<BKU>" method="post">
+ <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
+ <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
+ </form>
+
+ <form name="DummyForm" action="<BKU>" method="post">
+ </form>
+ </body>
+</html>
diff --git a/id/server/auth/src/main/webapp/template_onlineBKU.html b/id/server/auth/src/main/webapp/template_onlineBKU.html new file mode 100644 index 000000000..565955538 --- /dev/null +++ b/id/server/auth/src/main/webapp/template_onlineBKU.html @@ -0,0 +1,36 @@ +<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html lang="de">
+ <head>
+ <title></title>
+ <meta http-equiv="Content-Type" content="text/html; charset=utf-8">
+ <script language="javascript" type="text/javascript">
+ function onAnmeldeSubmit() {
+ document.CustomizedForm.submit();
+ document.CustomizedForm.Senden.disabled=true;
+ }
+ </script>
+ </head>
+ <body onLoad="onAnmeldeSubmit()">
+ <form name="CustomizedForm" action="<BKU>" method="post" enctype="multipart/form-data<>">
+ Falls Sie nicht automatisch weitergeleitet werden klicken Sie bitte hier:
+ <input class="button" type="hidden" value="Starte Anmeldung" name="Senden">
+ <input type="hidden" name="XMLRequest" value="<XMLRequest>">
+ <input type="hidden" name="DataURL" value="<DataURL>">
+ <input type="hidden" name="PushInfobox" value="<PushInfobox>">
+
+ <!-- Angabe der Parameter fuer die Online-BKU -->
+ <input type="hidden" name="appletWidth" value="220">
+ <input type="hidden" name="appletHeight" value="140">
+
+ <!-- [OPTIONAL] Aendern Sie hier die Hintergrundfarbe der Online-BKU -->
+ <input type="hidden" name="appletBackgroundColor" value="#DDDDDD">
+ </form>
+
+ <form name="CustomizedInfoForm" action="<BKU>" method="post">
+ <input type="hidden" name="XMLRequest" value="<CertInfoXMLRequest>">
+ <input type="hidden" name="DataURL" value="<CertInfoDataURL>">
+ </form>
+ <form name="DummyForm" action="<BKU>" method="post">
+ </form>
+ </body>
+</html>
diff --git a/id/server/auth/src/main/wsdl/MOA-ID-1.0.wsdl b/id/server/auth/src/main/wsdl/MOA-ID-1.0.wsdl new file mode 100644 index 000000000..5751b3e58 --- /dev/null +++ b/id/server/auth/src/main/wsdl/MOA-ID-1.0.wsdl @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/ http://schemas.xmlsoap.org/wsdl/">
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-20020812.xsd"/>
+ <message name="GetAuthenticationDataInput">
+ <part name="body" element="samlp:Request"/>
+ </message>
+ <message name="GetAuthenticationDataOutput">
+ <part name="body" element="samlp:Response"/>
+ </message>
+ <message name="MOAFault">
+ <part name="body" element="moa:ErrorResponse"/>
+ </message>
+ <portType name="IdentificationPortType">
+ <operation name="getAuthenticationData">
+ <input message="tns:GetAuthenticationDataInput"/>
+ <output message="tns:GetAuthenticationDataOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
+ </operation>
+ </portType>
+ <binding name="IdentificationBinding" type="tns:IdentificationPortType" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/soap/ http://schemas.xmlsoap.org/wsdl/soap/">
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+ <operation name="getAuthenticationData">
+ <soap:operation soapAction="urn:GetAuthenticationDataAction"/>
+ <input>
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </input>
+ <output>
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </output>
+ <fault name="MOAFault">
+ <soap:fault name="MOAFault" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </fault>
+ </operation>
+ </binding>
+ <service name="GetAuthenticationDataService">
+ <port name="IdentificationPort" binding="tns:IdentificationBinding">
+ <soap:address location="http://localhost/moa-id-auth/services/GetAuthenticationData"/>
+ </port>
+ </service>
+</definitions>
diff --git a/id/server/auth/src/main/wsdl/MOA-ID-1.x.wsdl b/id/server/auth/src/main/wsdl/MOA-ID-1.x.wsdl new file mode 100644 index 000000000..5466a0b6f --- /dev/null +++ b/id/server/auth/src/main/wsdl/MOA-ID-1.x.wsdl @@ -0,0 +1,40 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<definitions name="MOA" targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:xsd="http://www.w3.org/1999/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/ http://schemas.xmlsoap.org/wsdl/">
+ <import namespace="http://reference.e-government.gv.at/namespace/moa/20020822#" location="MOA-SPSS-1.2.xsd"/>
+ <message name="GetAuthenticationDataInput">
+ <part name="body" element="samlp:Request"/>
+ </message>
+ <message name="GetAuthenticationDataOutput">
+ <part name="body" element="samlp:Response"/>
+ </message>
+ <message name="MOAFault">
+ <part name="body" element="moa:ErrorResponse"/>
+ </message>
+ <portType name="IdentificationPortType">
+ <operation name="getAuthenticationData">
+ <input message="tns:GetAuthenticationDataInput"/>
+ <output message="tns:GetAuthenticationDataOutput"/>
+ <fault name="MOAFault" message="tns:MOAFault"/>
+ </operation>
+ </portType>
+ <binding name="IdentificationBinding" type="tns:IdentificationPortType" xsi:schemaLocation="http://schemas.xmlsoap.org/wsdl/soap/ http://schemas.xmlsoap.org/wsdl/soap/">
+ <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
+ <operation name="getAuthenticationData">
+ <soap:operation soapAction="urn:GetAuthenticationDataAction"/>
+ <input>
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </input>
+ <output>
+ <soap:body use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </output>
+ <fault name="MOAFault">
+ <soap:fault name="MOAFault" use="literal" namespace="http://reference.e-government.gv.at/namespace/moa/20020822#"/>
+ </fault>
+ </operation>
+ </binding>
+ <service name="GetAuthenticationDataService">
+ <port name="IdentificationPort" binding="tns:IdentificationBinding">
+ <soap:address location="http://localhost/Identification"/>
+ </port>
+ </service>
+</definitions>
diff --git a/id/server/auth/src/main/wsdl/MOA-SPSS-1.2.xsd b/id/server/auth/src/main/wsdl/MOA-SPSS-1.2.xsd new file mode 100644 index 000000000..d7a06d6e7 --- /dev/null +++ b/id/server/auth/src/main/wsdl/MOA-SPSS-1.2.xsd @@ -0,0 +1,454 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<!--
+ MOA SP/SS 1.2 Schema
+-->
+<xsd:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.2">
+ <xsd:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="http://www.w3.org/TR/xmldsig-core/xmldsig-core-schema.xsd"/>
+ <xsd:import namespace="http://www.w3.org/XML/1998/namespace" schemaLocation="http://www.w3.org/2001/xml.xsd"/>
+ <!--########## Create XML Signature ###-->
+ <!--### Create XML Signature Request ###-->
+ <xsd:element name="CreateXMLSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="CreateXMLSignatureRequestType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="CreateXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="KeyIdentifier" type="KeyIdentifierType"/>
+ <xsd:element name="SingleSignatureInfo" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ermöglichung der Stapelsignatur durch wiederholte Angabe dieses Elements</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="DataObjectInfo" maxOccurs="unbounded">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="DataObjectInfoType">
+ <xsd:attribute name="ChildOfManifest" type="xsd:boolean" use="optional" default="false"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="CreateSignatureInfo" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe des Signaturorts sowie ggf. sinnvoller Supplements im Zshg. mit der Signaturumgebung, oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateSignatureEnvironmentProfile"/>
+ <xsd:element name="CreateSignatureEnvironmentProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="SecurityLayerConformity" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Create XML Signature Response ###-->
+ <xsd:complexType name="CreateXMLSignatureResponseType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Kardinalität 1..oo erlaubt die Antwort auf eine Stapelsignatur-Anfrage</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="SignatureEnvironment">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung erfolgreich war</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element ref="ErrorResponse"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="CreateXMLSignatureResponse" type="CreateXMLSignatureResponseType"/>
+ <!--########## Verify CMS Signature ###-->
+ <!--### Verifiy CMS Signature Request ###-->
+ <xsd:element name="VerifyCMSSignatureRequest">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="VerifyCMSSignatureRequestType">
+ <xsd:attribute name="Signatories" type="SignatoriesType" use="optional" default="1"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:complexType name="VerifyCMSSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="CMSSignature" type="xsd:base64Binary"/>
+ <xsd:element name="DataObject" type="CMSDataObjectOptionalMetaType" minOccurs="0"/>
+ <xsd:element name="TrustProfileID">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify CMS Signature Response ###-->
+ <xsd:element name="VerifyCMSSignatureResponse" type="VerifyCMSSignatureResponseType"/>
+ <xsd:complexType name="VerifyCMSSignatureResponseType">
+ <xsd:sequence maxOccurs="unbounded">
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any;publicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="SignatureCheck" type="CheckResultType"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Verify XML Signature ###-->
+ <!--### Verify XML Signature Request ###-->
+ <xsd:element name="VerifyXMLSignatureRequest" type="VerifyXMLSignatureRequestType"/>
+ <xsd:complexType name="VerifyXMLSignatureRequestType">
+ <xsd:sequence>
+ <xsd:element name="DateTime" type="xsd:dateTime" minOccurs="0"/>
+ <xsd:element name="VerifySignatureInfo">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="VerifySignatureEnvironment" type="ContentOptionalRefType"/>
+ <xsd:element name="VerifySignatureLocation" type="xsd:token"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice minOccurs="0" maxOccurs="unbounded">
+ <xsd:element ref="SupplementProfile"/>
+ <xsd:element name="SupplementProfileID" type="xsd:string"/>
+ </xsd:choice>
+ <xsd:element name="SignatureManifestCheckParams" minOccurs="0">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="ReferenceInfo" type="VerifyTransformsDataType" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Pro dsig:Reference-Element in der zu überprüfenden XML-Signatur muss hier ein ReferenceInfo-Element erscheinen. Die Reihenfolge der einzelnen ReferenceInfo Elemente entspricht jener der dsig:Reference Elemente in der XML-Signatur.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ <xsd:attribute name="ReturnReferenceInputData" type="xsd:boolean" use="optional" default="true"/>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="ReturnHashInputData" minOccurs="0"/>
+ <xsd:element name="TrustProfileID">
+ <xsd:annotation>
+ <xsd:documentation>mit diesem Profil wird eine Menge von vertrauenswürdigen Wurzelzertifikaten spezifiziert</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--### Verify XML Signature Response ###-->
+ <xsd:element name="VerifyXMLSignatureResponse" type="VerifyXMLSignatureResponseType"/>
+ <xsd:complexType name="VerifyXMLSignatureResponseType">
+ <xsd:sequence>
+ <xsd:element name="SignerInfo" type="dsig:KeyInfoType">
+ <xsd:annotation>
+ <xsd:documentation>only ds:X509Data and ds:RetrievalMethod is supported; QualifiedCertificate is included as X509Data/any; PublicAuthority is included as X509Data/any</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="HashInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferenceInputData" type="ContentExLocRefBaseType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="SignatureCheck" type="ReferencesCheckResultType"/>
+ <xsd:element name="SignatureManifestCheck" type="ReferencesCheckResultType" minOccurs="0"/>
+ <xsd:element name="XMLDSIGManifestCheck" type="ManifestRefsCheckResultType" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="CertificateCheck" type="CheckResultType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="ProfileIdentifierType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="MimeType" type="MimeTypeType"/>
+ <xsd:element name="Description" type="xsd:anyURI" minOccurs="0"/>
+ <xsd:any namespace="##other" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="FinalDataMetaInfoType">
+ <xsd:complexContent>
+ <xsd:extension base="MetaInfoType">
+ <xsd:sequence>
+ <xsd:element name="Type" type="xsd:anyURI" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="DataObjectInfoType">
+ <xsd:sequence>
+ <xsd:element name="DataObject">
+ <xsd:complexType>
+ <xsd:complexContent>
+ <xsd:extension base="ContentOptionalRefType"/>
+ </xsd:complexContent>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:choice>
+ <xsd:annotation>
+ <xsd:documentation>Auswahl: Entweder explizite Angabe EINER Transformationskette inklusive ggf. sinnvoller Supplements oder Verweis auf ein benanntes Profil</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="CreateTransformsInfoProfile"/>
+ <xsd:element name="CreateTransformsInfoProfileID" type="ProfileIdentifierType"/>
+ </xsd:choice>
+ </xsd:sequence>
+ <xsd:attribute name="Structure" use="required">
+ <xsd:simpleType>
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="detached"/>
+ <xsd:enumeration value="enveloping"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ </xsd:attribute>
+ </xsd:complexType>
+ <xsd:complexType name="TransformsInfoType">
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="FinalDataMetaInfo" type="FinalDataMetaInfoType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLDataObjectAssociationType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="ContentRequiredRefType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSDataObjectOptionalMetaType">
+ <xsd:sequence>
+ <xsd:element name="MetaInfo" type="MetaInfoType" minOccurs="0"/>
+ <xsd:element name="Content" type="CMSContentBaseType"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="CMSContentBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="AnyChildrenType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ReferencesCheckResultInfoType" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ReferencesCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultType">
+ <xsd:complexContent>
+ <xsd:restriction base="CheckResultType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:nonNegativeInteger"/>
+ <xsd:element name="Info" type="ManifestRefsCheckResultInfoType"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ManifestRefsCheckResultInfoType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:restriction base="AnyChildrenType">
+ <xsd:sequence>
+ <xsd:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="FailedReference" type="xsd:positiveInteger" minOccurs="0" maxOccurs="unbounded"/>
+ <xsd:element name="ReferringSigReference" type="xsd:positiveInteger"/>
+ </xsd:sequence>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <!--########## Error Response ###-->
+ <xsd:element name="ErrorResponse" type="ErrorResponseType">
+ <xsd:annotation>
+ <xsd:documentation>Resultat, falls die Signaturerstellung gescheitert ist</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:complexType name="ErrorResponseType">
+ <xsd:sequence>
+ <xsd:element name="ErrorCode" type="xsd:integer"/>
+ <xsd:element name="Info" type="xsd:string"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <!--########## Auxiliary Types ###-->
+ <xsd:simpleType name="KeyIdentifierType">
+ <xsd:restriction base="xsd:string"/>
+ </xsd:simpleType>
+ <xsd:simpleType name="KeyStorageType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="Software"/>
+ <xsd:enumeration value="Hardware"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:simpleType name="MimeTypeType">
+ <xsd:restriction base="xsd:token"/>
+ </xsd:simpleType>
+ <xsd:complexType name="AnyChildrenType" mixed="true">
+ <xsd:sequence>
+ <xsd:any namespace="##any" processContents="lax" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:complexType name="XMLContentType" mixed="true">
+ <xsd:complexContent mixed="true">
+ <xsd:extension base="AnyChildrenType">
+ <xsd:attribute ref="xml:space" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:complexType name="ContentExLocRefBaseType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentBaseType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ </xsd:choice>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentOptionalRefType">
+ <xsd:complexContent>
+ <xsd:extension base="ContentBaseType">
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="optional"/>
+ </xsd:extension>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="ContentRequiredRefType">
+ <xsd:complexContent>
+ <xsd:restriction base="ContentOptionalRefType">
+ <xsd:choice minOccurs="0">
+ <xsd:element name="Base64Content" type="xsd:base64Binary"/>
+ <xsd:element name="XMLContent" type="XMLContentType"/>
+ <xsd:element name="LocRefContent" type="xsd:anyURI"/>
+ </xsd:choice>
+ <xsd:attribute name="Reference" type="xsd:anyURI" use="required"/>
+ </xsd:restriction>
+ </xsd:complexContent>
+ </xsd:complexType>
+ <xsd:complexType name="VerifyTransformsDataType">
+ <xsd:choice maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Ein oder mehrere Transformationswege können von der Applikation an MOA mitgeteilt werden. Die zu prüfende Signatur hat zumindest einem dieser Transformationswege zu entsprechen. Die Angabe kann explizit oder als Profilbezeichner erfolgen.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element ref="VerifyTransformsInfoProfile"/>
+ <xsd:element name="VerifyTransformsInfoProfileID" type="xsd:string">
+ <xsd:annotation>
+ <xsd:documentation>Profilbezeichner für einen Transformationsweg</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:choice>
+ </xsd:complexType>
+ <xsd:element name="QualifiedCertificate"/>
+ <xsd:element name="PublicAuthority" type="PublicAuthorityType"/>
+ <xsd:complexType name="PublicAuthorityType">
+ <xsd:sequence>
+ <xsd:element name="Code" type="xsd:string" minOccurs="0"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ <xsd:simpleType name="SignatoriesType">
+ <xsd:union memberTypes="AllSignatoriesType">
+ <xsd:simpleType>
+ <xsd:list itemType="xsd:positiveInteger"/>
+ </xsd:simpleType>
+ </xsd:union>
+ </xsd:simpleType>
+ <xsd:simpleType name="AllSignatoriesType">
+ <xsd:restriction base="xsd:string">
+ <xsd:enumeration value="all"/>
+ </xsd:restriction>
+ </xsd:simpleType>
+ <xsd:complexType name="CreateSignatureLocationType">
+ <xsd:simpleContent>
+ <xsd:extension base="xsd:token">
+ <xsd:attribute name="Index" type="xsd:nonNegativeInteger" use="required"/>
+ </xsd:extension>
+ </xsd:simpleContent>
+ </xsd:complexType>
+ <xsd:complexType name="TransformParameterType">
+ <xsd:choice minOccurs="0">
+ <xsd:annotation>
+ <xsd:documentation>Die Angabe des Transformationsparameters (explizit oder als Hashwert) kann unterlassen werden, wenn die Applikation von der Unveränderlichkeit des Inhalts der in "Transformationsparamter", Attribut "URI" angegebenen URI ausgehen kann.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:element name="Base64Content" type="xsd:base64Binary">
+ <xsd:annotation>
+ <xsd:documentation>Der Transformationsparameter explizit angegeben.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ <xsd:element name="Hash">
+ <xsd:annotation>
+ <xsd:documentation>Der Hashwert des Transformationsparameters.</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:DigestMethod"/>
+ <xsd:element ref="dsig:DigestValue"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ </xsd:choice>
+ <xsd:attribute name="URI" type="xsd:anyURI" use="required"/>
+ </xsd:complexType>
+ <xsd:element name="CreateSignatureEnvironmentProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateSignatureLocation" type="CreateSignatureLocationType"/>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="VerifyTransformsInfoProfile">
+ <xsd:annotation>
+ <xsd:documentation>Explizite Angabe des Transformationswegs</xsd:documentation>
+ </xsd:annotation>
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element ref="dsig:Transforms" minOccurs="0"/>
+ <xsd:element name="TransformParameter" type="TransformParameterType" minOccurs="0" maxOccurs="unbounded">
+ <xsd:annotation>
+ <xsd:documentation>Alle impliziten Transformationsparameter, die zum Durchlaufen der oben angeführten Transformationskette bekannt sein müssen, müssen hier angeführt werden. Das Attribut "URI" bezeichnet den Transformationsparameter in exakt jener Weise, wie er in der zu überprüfenden Signatur gebraucht wird.</xsd:documentation>
+ </xsd:annotation>
+ </xsd:element>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+ <xsd:element name="Supplement" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="SupplementProfile" type="XMLDataObjectAssociationType"/>
+ <xsd:element name="CreateTransformsInfoProfile">
+ <xsd:complexType>
+ <xsd:sequence>
+ <xsd:element name="CreateTransformsInfo" type="TransformsInfoType"/>
+ <xsd:element ref="Supplement" minOccurs="0" maxOccurs="unbounded"/>
+ </xsd:sequence>
+ </xsd:complexType>
+ </xsd:element>
+</xsd:schema>
|