aboutsummaryrefslogtreecommitdiff
path: root/id/server/data/deploy/conf/moa-id/moa-id.properties
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/data/deploy/conf/moa-id/moa-id.properties')
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties74
1 files changed, 53 insertions, 21 deletions
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 24fe78261..6dddb454a 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -29,21 +29,26 @@ configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/moni
#MOA-ID 3.x Advanced Logging
configuration.advancedlogging.active=false
-##Webservice Client Configuration
-#MOA-SP webservice
-#service.moasp.acceptedServerCertificates=
-#service.moasp.clientKeyStore=
-#service.moasp.clientKeyStorePassword=
+######################## Externe Services ############################################
-#Online mandates webservice (MIS)
+######## Online mandates webservice (MIS) ########
service.onlinemandates.acceptedServerCertificates=
service.onlinemandates.clientKeyStore=keys/....
service.onlinemandates.clientKeyStorePassword=
-#Foreign Identities (SZRGW)
-service.foreignidentities.acceptedServerCertificates=
-service.foreignidentities.clientKeyStore=keys/....
-service.foreignidentities.clientKeyStorePassword=
+######## central eIDAS-node connector module ##########
+modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
+modules.eidascentralauth.keystore.password=password
+modules.eidascentralauth.metadata.sign.alias=pvp_metadata
+modules.eidascentralauth.metadata.sign.password=password
+modules.eidascentralauth.request.sign.alias=pvp_assertion
+modules.eidascentralauth.request.sign.password=password
+modules.eidascentralauth.response.encryption.alias=pvp_assertion
+modules.eidascentralauth.response.encryption.password=password
+modules.eidascentralauth.node.trustprofileID=centralnode_metadata
+
+
+######################## Protokolle am IDP ############################################
##Protocol configuration##
#PVP2
@@ -63,9 +68,9 @@ protocols.oauth20.jwt.ks.password=password
protocols.oauth20.jwt.ks.key.name=oauth
protocols.oauth20.jwt.ks.key.password=password
-##Database configuration##
-configuration.database.byteBasedValues=false
+######################## Datenbankkonfiguration ############################################
+configuration.database.byteBasedValues=false
#Hibnerate configuration for MOA-ID 3.x session store
moasession.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
@@ -147,11 +152,38 @@ advancedlogging.dbcp.testWhileIdle=false
advancedlogging.dbcp.validationQuery=select 1
-################ Additonal eID-modul configuration ####################################
-## This additional eID moduls add special functionality to MOA-ID-Auth.
-## The configuration of this modules is only needed if this modules are in use.
-########
-### eIDAS protocol configuration ###
+################ Additonal eID-modul configuration ################################
+## This additional eID moduls add special functionality to MOA-ID-Auth. #
+## The configuration of this modules is only needed if this modules are in use. #
+###################################################################################
+
+######## SL2.0 authentication module ########
+modules.sl20.vda.urls.qualeID.endpoint.default=https://www.handy-signatur.at/securitylayer2
+modules.sl20.vda.urls.qualeID.endpoint.1=https://hs-abnahme.a-trust.at/securitylayer2
+modules.sl20.vda.urls.qualeID.endpoint.2=https://test1.a-trust.at/securitylayer2
+modules.sl20.security.keystore.path=keys/sl20.jks
+modules.sl20.security.keystore.password=password
+modules.sl20.security.sign.alias=signing
+modules.sl20.security.sign.password=password
+modules.sl20.security.encryption.alias=encryption
+modules.sl20.security.encryption.password=password
+modules.sl20.vda.authblock.id=default
+modules.sl20.vda.authblock.transformation.id=SL20Authblock_v1.0,SL20Authblock_v1.0_SIC
+modules.sl20.security.eID.validation.disable=false
+modules.sl20.security.eID.signed.result.required=true
+modules.sl20.security.eID.encryption.enabled=true
+modules.sl20.security.eID.encryption.required=true
+
+######## user-restriction ##########
+configuration.restrictions.sp.entityIds=
+configuration.restrictions.sp.users.url=
+configuration.restrictions.sp.users.sector=
+
+####### Direkte Fremd-bPK Berechnung ########
+configuration.foreignsectors.pubkey.xxxxTargetxxx= xxx BASE64-Cert xxx
+
+######## eIDAS protocol configuration ########
+######## This is ONLY required, if MOA-ID operates as an eIDAS node!!! ########
moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml
moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml
moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml
@@ -160,7 +192,7 @@ moa.id.protocols.eIDAS.node.country=Austria
moa.id.protocols.eIDAS.node.countrycode=AT
moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high
-### HBV Mandate-Service client module ###
+######## HBV Mandate-Service client module ########
modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH
modules.elga_mandate.service.metadata.trustprofileID=
modules.elga_mandate.service.mandateprofiles=
@@ -173,7 +205,7 @@ modules.elga_mandate.request.sign.password=password
modules.elga_mandate.response.encryption.alias=pvp_assertion
modules.elga_mandate.response.encryption.password=password
-### SSO Interfederation client module ###
+######## SSO Interfederation client module ########
modules.federatedAuth.keystore.path=keys/moa_idp[password].p12
modules.federatedAuth.keystore.password=password
modules.federatedAuth.metadata.sign.alias=pvp_metadata
@@ -183,8 +215,8 @@ modules.federatedAuth.request.sign.password=password
modules.federatedAuth.response.encryption.alias=pvp_assertion
modules.federatedAuth.response.encryption.password=password
-#Redis Settings, if Redis is used as a backend for session data.
-#has to be enabled with the following parameter
+######## Redis Settings, if Redis is used as a backend for session data.
+# has to be enabled with the following parameter
#redis.active=true
redis.use-pool=true
redis.host-name=localhost