aboutsummaryrefslogtreecommitdiff
path: root/id/server/data
diff options
context:
space:
mode:
Diffstat (limited to 'id/server/data')
-rw-r--r--id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html68
-rw-r--r--id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css977
-rw-r--r--id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js23
-rw-r--r--id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html68
-rw-r--r--id/server/data/deploy/conf/moa-id/keys/sl20.jksbin0 -> 7348 bytes
-rw-r--r--id/server/data/deploy/conf/moa-id/log4j.properties1
-rw-r--r--id/server/data/deploy/conf/moa-id/logback_config.xml74
-rw-r--r--id/server/data/deploy/conf/moa-id/moa-id.properties74
-rw-r--r--id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml15
-rw-r--r--id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml8
-rw-r--r--id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml8
-rw-r--r--id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt24
-rw-r--r--id/server/data/deploy/tomcat/unix/tomcat-start.sh5
-rw-r--r--id/server/data/deploy/tomcat/win32/startTomcat.bat5
14 files changed, 601 insertions, 749 deletions
diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
index fe9bc2166..4e548e58c 100644
--- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
+++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html
@@ -4,7 +4,7 @@
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<!-- MOA-ID 2.x BKUSelection Layout CSS -->
- <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" />
+ <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/>
<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
<script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script>
@@ -26,8 +26,8 @@
<div id="mandateLogin" class="$MANDATEVISIBLE">
<div>
<input tabindex="1" type="checkbox" name="Mandate"
- id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED>
- <label for="mandateCheckBox" class="verticalcenter">in
+ id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED>
+ <label for="mandateCheckBox" class="mandate">in
Vertretung anmelden</label>
<!--a href="info_mandates.html"
target="_blank"
@@ -37,31 +37,41 @@
</div>
<div id="bkuselectionarea">
<div id="bkukarte">
- <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" />
+ <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/>
- <!-- Remove support for Online BKU and swith the card button to local BKU-->
- <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
+ <!-- Remove support for Online BKU and swith the card button to local BKU-->
+ <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
- <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
- <input type="hidden" name="bkuURI" value="$bkuLocal" />
- <input type="hidden" name="useMandate" id="useMandate" />
- <input type="hidden" name="SSO" id="useSSO" />
- <input type="hidden" name="ccc" id="ccc" />
- <input type="hidden" name="pendingid" value="$pendingReqID" />
- <input type="submit" value=" Karte " tabindex="4" role="button">
- </form>
+ <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="bkuURI" value="$bkuLocal" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="SSO" id="useSSO" />
+ <input type="hidden" name="ccc" id="ccc" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input type="submit" value=" Karte " tabindex="5" role="button" />
+ </form>
- <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
+ <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
- <!-- BKU detection with static template-->
- <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
-
- </div>
- <div id="bkuhandy">
- <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
- <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
- </div>
- </div>
+ <!-- BKU detection with static template-->
+ <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
+ </div>
+
+ <div id="bkuhandy">
+ <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
+ <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
+ </div>
+
+
+ <div id="bkueulogin" class="$eIDASVisible">
+ <img id="eIDASImage" class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" />
+ <form method="get" id="moaideIDASform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="useeIDAS" value="true" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input id="buttonEULogin" name="bkuButtonEULogin" type="submit" role="button" value="EULogin" />
+ </form>
+ </div>
<!--div id="localBKU">
<form method="get" id="moaidform" action="$contextPath$submitEndpoint"
class="verticalcenter" target="_parent">
@@ -80,7 +90,11 @@
<!--div id="ssoSessionTransferBlock">
<a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a>
</div-->
-
+
+
+
+
+ <!--
<div id="stork" align="center" class="$STORKVISIBLE">
<h2 id="tabheader" class="dunkel">Home Country Selection</h2>
<p>
@@ -88,9 +102,9 @@
$countryList
</select>
<button id="eIDASButton" name="bkuButton" type="button">Proceed</button>
- <!--a href="info_stork.html" target="_blank" class="infobutton">i</a-->
+ a href="info_stork.html" target="_blank" class="infobutton">i</a
</p>
- </div>
+ </div>-->
<div id="metroDetected" class="unvisible">
<p>Anscheinend verwenden Sie Internet Explorer im
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
index c8de82c50..40e8eae7a 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
@@ -1,687 +1,368 @@
@charset "utf-8";
- @media screen and (min-width: 650px) {
-
- body {
- margin:0;
- padding:0;
- color : #000;
- background-color : #fff;
- text-align: center;
- background-color: #6B7B8B;
- }
-
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
-
- #localBKU p {
- font-size: 0.7em;
- }
-
- #localBKU input{
- font-size: 0.85em;
- /*border-radius: 5px;*/
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{
- font-size: 0.85em;
- /*border-radius: 7px;*/
- margin-bottom: 25px;
- min-width: 80px;
- }
-
- #mandateLogin {
- font-size: 0.85em;
- }
-
- #bku_header h2 {
- font-size: 0.8em;
- }
-
-
- #page {
- display: block;
- border: 2px solid rgb(0,0,0);
- width: 650px;
- height: 460px;
- margin: 0 auto;
- margin-top: 5%;
- position: relative;
- border-radius: 25px;
- background: rgb(255,255,255);
- }
-
- #page1 {
- text-align: center;
- }
+ body {
+ margin:0;
+ padding:0;
+ color : #000;
+ background-color : #fff;
+ text-align: left;
+ background-color: #E6E6E6;
+ }
+
+ .browserInfoButton{
+ color: rgb(128, 128, 128);
+ }
+
+ #page {
+ display: block;
+ margin: 0 auto;
+ margin-top: 5%;
+ position: relative;
+ background: rgb(255,255,255);
+ }
- #main {
- /* clear:both; */
- position:relative;
- margin: 0 auto;
- /*width: 250px;*/
- text-align: center;
- }
+ #page1 {
+ padding-top: 1%;
+ text-align: center;
+ }
- .OA_header {
- /* background-color: white;*/
- font-size: 20pt;
- margin-bottom: 25px;
- margin-top: 25px;
- }
- #alert_area {
- width: 500px;
- padding-left: 80px;
- }
- #leftcontent {
- /*float:left; */
- width:250px;
- margin-bottom: 25px;
- text-align: left;
- border: 1px solid rgb(0,0,0);
- }
-
- #selectArea {
- font-size: 15px;
- padding-bottom: 65px;
- }
-
- #leftcontent {
- width: 300px;
- /*margin-top: 30px;*/
- margin: auto;
- }
-
- #bku_header {
- height: 5%;
- padding-bottom: 3px;
- padding-top: 3px;
- }
-
- #bkulogin {
- overflow:hidden;
- min-width: 190px;
- min-height: 180px;
- /*height: 260px;*/
- }
-
- h2#tabheader{
- font-size: 1.1em;
- padding-left: 2%;
- padding-right: 2%;
- position: relative;
- }
-
- #stork h2 {
- font-size: 1.0em;
- margin-bottom: 2%;
- }
-
- .setAssertionButton_full {
- background: #efefef;
- cursor: pointer;
- margin-top: 15px;
- width: 100px;
- height: 30px
- }
-
- #leftbutton {
- width: 30%;
- float:left;
- margin-left: 40px;
- }
-
- #rightbutton {
- width: 30%;
- float:right;
- margin-right: 45px;
- text-align: right;
- }
-
- button {
- height: 25px;
- width: 75px;
- margin-bottom: 10px;
- }
-
-
-
- #validation {
- position: absolute;
- bottom: 0px;
- margin-left: 270px;
- padding-bottom: 10px;
- }
-
+ #main {
+ float:left;
+ width: 100%;
+ text-align: center;
+ }
+
+ h2#tabheader{
+ font-size: 1.0em;
+ padding-left: 2%;
+ padding-right: 2%;
+ position: relative;
+ }
+
+ #bkulogin {
+ min-width: 200px;
+ min-height: 155px;
+ margin-bottom: 5%;
+ }
+ #mandateLogin {
+ padding-bottom: 1%;
+ padding-top: 2%;
+ position: relative;
+ text-align: left;
}
- @media screen and (max-width: 205px) {
- #localBKU p {
- font-size: 0.6em;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
-
- #localBKU input {
- font-size: 0.6em;
- min-width: 60px;
- /* max-width: 65px; */
- min-height: 1.0em;
- /* border-radius: 5px; */
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{
- font-size: 0.7em;
- min-width: 55px;
- /*min-height: 1.1em;
- border-radius: 5px;*/
- margin-bottom: 2%
- }
-
- #mandateLogin {
- font-size: 0.65em;
- }
-
- #bku_header h2 {
- font-size: 0.8em;
- margin-top: -0.4em;
- padding-top: 0.4em;
- }
-
- #bkulogin {
- min-height: 150px;
- }
+ .unvisible {
+ visibility: hidden;
}
- @media screen and (max-width: 249px) and (min-width: 206px) {
- #localBKU p {
- font-size: 0.7em;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
-
- #localBKU input {
- font-size: 0.7em;
- min-width: 70px;
- /* max-width: 75px; */
- min-height: 0.95em;
- /* border-radius: 6px; */
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] {
- font-size: 0.75em;
- min-width: 60px;
- /* min-height: 0.95em;
- border-radius: 6px; */
- margin-bottom: 5%
- }
-
- #mandateLogin {
- font-size: 0.75em;
- }
-
- #bku_header h2 {
- font-size: 0.9em;
- margin-top: -0.45em;
- padding-top: 0.45em;
- }
-
- #bkulogin {
- min-height: 180px;
- }
- }
+ .OA_header {
+ /* background-color: white;*/
+ font-size: 2.1em;
+ margin-bottom: 1%;
+ margin-top: 1%;
+ }
- @media screen and (max-width: 299px) and (min-width: 250px) {
- #localBKU p {
- font-size: 0.9em;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
-
- #localBKU input {
- font-size: 0.8em;
- min-width: 70px;
- /* max-width: 75px; */
- /* border-radius: 6px; */
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] {
- font-size: 0.85em;
- /* min-height: 1.05em;
- border-radius: 7px; */
- margin-bottom: 10%;
- }
-
- #mandateLogin {
- font-size: 1em;
- }
-
- #bku_header h2 {
- font-size: 1.0em;
- margin-top: -0.50em;
- padding-top: 0.50em;
- }
+ #ssoSessionTransferBlock {
+ font-size: 0.8em;
+ margin-left: 1%;
+ margin-bottom: 1%;
}
- @media screen and (max-width: 399px) and (min-width: 300px) {
- #localBKU p {
- font-size: 0.9em;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
- #localBKU input {
- font-size: 0.8em;
- min-width: 70px;
- /* max-width: 75px; */
- /* border-radius: 6px; */
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] {
- font-size: 0.9em;
- /* min-height: 1.2em;
- border-radius: 8px; */
- margin-bottom: 10%;
- max-width: 80px;
- }
-
- #mandateLogin {
- font-size: 1em;
- }
-
- #bku_header h2 {
- font-size: 1.1em;
- margin-top: -0.55em;
- padding-top: 0.55em;
- }
+ #processInfoArea {
+ margin-bottom: 4%;
+ margin-top: 4%;
+ }
+
+ #processSelectionArea {
+ width: 550px;
+ margin-left: 25px;
+ margin-top: 35px;
+ }
+
+ .processSelectionButtonArea {
+ float: none;
+ margin-bottom: 5%;
+ height: 35px;
+ }
+
+ .processSelectionButton {
+ background: #ababab;
+ cursor: pointer;
+ height: 40px;
+ width: 200px;
+ float: right;
+ }
+
+ .buttonDescription {
+ float: left;
+ margin-left: 10px;
+ padding-bottom: 0.4em;
+ text-align: left;
+ width: 60%;
+ }
+
+ #processContent {
+ margin-top: 10%;
}
-
- @media screen and (max-width: 649px) and (min-width: 400px) {
- #localBKU p {
- font-size: 0.9em;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
- #localBKU input {
- font-size: 0.8em;
- min-width: 70px;
- /* max-width: 80px; */
- /* border-radius: 6px; */
- }
-
- #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] {
- font-size: 1.0em;
- /* min-height: 1.3em;
- border-radius: 10px; */
- margin-bottom: 10%;
- max-width: 85px;
- }
-
- #mandateLogin {
- font-size: 1.2em;
- }
-
- #bku_header h2 {
- font-size: 1.3em;
- margin-top: -0.65em;
- padding-top: 0.65em;
- }
+
+ #eIDASSelection {
+ width: 120px;
+ margin-right: 5px;
}
+ #bkukarte {
+ float:left;
+ width:33%;
+ text-align:center;
+ margin-top: 2%;
+ }
-
- @media screen and (max-width: 649px) {
-
- body {
- margin:0;
- padding:0;
- color : #000;
- text-align: center;
- font-size: 100%;
- background-color: $MAIN_BACKGOUNDCOLOR;
- }
- .browserInfoButton{
- color: rgb(128, 128, 128);
- }
- #page {
- visibility: hidden;
- margin-top: 0%;
- }
-
- #page1 {
- visibility: hidden;
- }
-
- #main {
- visibility: hidden;
- }
-
- #validation {
- visibility: hidden;
- display: none;
- }
-
- .OA_header {
- margin-bottom: 0px;
- margin-top: 0px;
- font-size: 0pt;
- visibility: hidden;
- }
-
- #alert_area {
- visibility: visible;
- width: 250px;
- }
- #alert_area > p:first-child {
- display: none;
- visibility: hidden;
- }
-
- #leftcontent {
- visibility: visible;
- margin-bottom: 0px;
- text-align: left;
- border:none;
- vertical-align: middle;
- min-height: 173px;
- min-width: 204px;
-
- }
-
- #bku_header {
- height: 10%;
- min-height: 1.2em;
- margin-top: 1%;
- }
-
- h2#tabheader{
- padding-left: 2%;
- padding-right: 2%;
- position: relative;
- top: 50%;
- }
-
- #stork h2 {
- font-size: 0.9em;
- margin-bottom: 2%;
- }
-
- #bkulogin {
- min-width: 190px;
- min-height: 155px;
- }
+ #bkuhandy {
+ float:left;
+ width:33%;
+ text-align:center;
+ margin-top: 2%;
+ }
+
+ #bkueulogin {
+ display:block;
+ float:left;
+ text-align:center;
+ width:33%;
+ margin-top: 2%;
+ }
+
+ .bkuimage {
+ width: 55%;
+ }
+
+ input {
+ width:auto;
+ cursor: pointer;
- .setAssertionButton_full {
- background: #efefef;
- cursor: pointer;
- margin-top: 15px;
- width: 70px;
- height: 25px;
- }
-
- input[type=button],input[type=submit] {
-/* height: 11%; */
- width: 70%;
- }
- }
-
- * {
- margin: 0;
- padding: 0;
- #if($FONTTYPE)
- font-family: $FONTTYPE;
- #end
- }
-
- #selectArea {
- padding-top: 10px;
- padding-bottom: 55px;
- padding-left: 10px;
- }
-
- .setAssertionButton {
- background: #efefef;
- cursor: pointer;
- margin-top: 15px;
- width: 70px;
- height: 25px;
- }
-
- #leftbutton {
- width: 35%;
- float:left;
- margin-left: 15px;
- }
+ }
+
+ #localBKU input {
+ display: inline-block;
+
+ }
- #rightbutton {
- width: 35%;
- float:right;
- margin-right: 25px;
- text-align: right;
- }
+ #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
+ /*text-decoration: underline;*/
+ }
+
+ #installJava, #BrowserNOK {
+ clear:both;
+ font-size:0.8em;
+ padding:4px;
+ }
+
- #ssoSessionTransferBlock {
+ #ssoSessionTransferBlock {
clear: both;
- }
-
- #stork {
- /*margin-bottom: 10px;*/
- /* margin-top: 5px; */
- clear: both;
- }
+ }
+
+ #stork {
+ clear: both;
+ }
- #mandateLogin {
- padding-bottom: 4%;
- padding-top: 4%;
- height: 10%;
- position: relative;
- text-align: center;
- }
+
- .verticalcenter {
+ .verticalcenter {
vertical-align: middle;
}
+
+ .mandate{
+ float: left;
+ margin-left: 2%;
+ font-size: 1.3em;
+ }
- #mandateLogin div {
+ #mandateLogin div {
clear: both;
margin-top: -1%;
position: relative;
top: 50%;
- }
-
- #bkuselectionarea {
- position: relative;
- display: block;
- }
-
- #localBKU {
+ }
+
+ #localBKU {
padding-bottom: 4%;
/*padding-top: 4%;*/
position: relative;
clear: both;
text-align: center;
- }
-
- #bkukarte {
- float:left;
- text-align:center;
- width:40%;
- min-height: 70px;
- padding-left: 5%;
- padding-top: 2%;
- }
-
- #bkuhandy {
- float:right;
- text-align:center;
- width:40%;
- min-height: 90px;
- padding-right: 5%;
- padding-top: 2%;
- }
-
- .bkuimage {
- width: 60%;
- height: auto;
- margin-bottom: 10%;
- }
-
- #mandate{
- text-align:center;
- padding : 5px 5px 5px 5px;
- }
-
-/* input[type=button], .sendButton {
- background: $BUTTON_BACKGROUNDCOLOR;
- color: $BUTTON_COLOR;
-/* border:1px solid #000; */
-/* cursor: pointer;
-/* box-shadow: 3px 3px 3px #222222; */
-/* }
-
-/* button:hover, button:focus, button:active,
- .sendButton:hover , .sendButton:focus, .sendButton:active,
- #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active {
- background: $BUTTON_BACKGROUNDCOLOR_FOCUS;
- color: $BUTTON_COLOR;
-/* border:1px solid #000; */
-/* cursor: pointer;
-/* box-shadow: -1px -1px 3px #222222; */
-/* }
-
-*/
- input {
- /*border:1px solid #000;*/
- cursor: pointer;
- }
-
- #localBKU input {
-/* color: $BUTTON_COLOR; */
- /*border: 0px;*/
- display: inline-block;
-
- }
-
- #localBKU input:hover, #localBKU input:focus, #localBKU input:active {
- /*text-decoration: underline;*/
- }
-
- #installJava, #BrowserNOK {
- clear:both;
- font-size:0.8em;
- padding:4px;
- }
-
- .selectText{
-
- }
-
+ }
+
+ #selectArea {
+ width:90%;
+ padding-left: 4%
+ }
- .selectTextHeader{
-
- }
-
- .sendButton {
- width: 30%;
- margin-bottom: 1%;
- }
-
- #leftcontent a {
- text-decoration:none;
- color: #000;
- /* display:block;*/
- padding:4px;
- }
-
- #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active {
- text-decoration:underline;
- color: #000;
- }
-
- .infobutton {
- background-color: #005a00;
- color: white;
- font-family: serif;
- text-decoration: none;
- padding-top: 2px;
- padding-right: 4px;
- padding-bottom: 2px;
- padding-left: 4px;
- font-weight: bold;
- }
-
- .hell {
- background-color : $MAIN_BACKGOUNDCOLOR;
+ .setAssertionButton {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+ #leftcontent {
+ width: 70%;
+ margin-bottom: 4%;
+ text-align: left;
+ border: 1px solid rgb(0,0,0);
+ margin:auto;
+ }
+ .hell {
+ background-color : $MAIN_BACKGOUNDCOLOR;
color: $MAIN_COLOR;
- }
+ }
- .dunkel {
- background-color: $HEADER_BACKGROUNDCOLOR;
+ .dunkel {
+ background-color: $HEADER_BACKGROUNDCOLOR;
color: $HEADER_COLOR;
- }
-
- .main_header {
- color: black;
- font-size: 32pt;
- position: absolute;
- right: 10%;
- top: 40px;
-
- }
-
- #ssoSessionTransferBlock {
- font-size: 0.8em;
- margin-left: 5px;
- margin-bottom: 5px;
+ }
+
+
+@media screen and (min-width: 650px) {
+
+ #page {
+ width: 650px;
+ height: 460px;
+ }
+
+ #localBKU p {
+ font-size: 0.7em;
+ }
+
+ #localBKU input{
+ font-size: 0.85em;
+ /*border-radius: 5px;*/
+ }
+
+ #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{
+ font-size: 0.85em;
+ width:65%
+ }
+
+ #mandateLogin {
+ font-size: 0.85em;
+ }
+
+ #alert_area {
+ width: 500px;
+ padding-left: 80px;
+ }
+
+ #selectArea {
+ font-size: 15px;
+ padding-bottom: 65px;
}
- #processInfoArea {
- margin-bottom: 15px;
+
+ #stork h2 {
+ font-size: 1.0em;
+ margin-bottom: 2%;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
margin-top: 15px;
- }
- #processSelectionArea {
- width: 550px;
- margin-left: 25px;
- margin-top: 35px;
- }
- .processSelectionButtonArea {
- float: none;
- margin-bottom: 20px;
- height: 35px;
- }
- .processSelectionButton {
- background: #ababab;
- cursor: pointer;
- height: 30px;
- width: 200px;
- float: right;
- border-style: solid;
- border-bottom-width: 2px;
- border-right-width: 2px;
- border-left-width: 1px;
- border-top-width: 1px;
- border-color: #000000;
- }
- .buttonDescription {
- float: left;
- margin-left: 10px;
- padding-top: 4px;
- text-align: left;
- width: 330px;
- }
- #processContent {
- margin-top: 25px;
- }
- #eIDASButton {
- /*color:#FFF;*/
- }
- #eIDASSelection {
- width: 120px;
- margin-right: 5px;
- }
- .unvisible {
+ width: 100px;
+ height: 30px
+ }
+
+
+ #validation {
+ position: absolute;
+ bottom: 0px;
+ margin-left: 270px;
+ padding-bottom: 10px;
+ }
+}
+
+
+
+@media screen and (max-width: 649px) {
+
+ body {
+ background-color:#fff;
+ }
+
+ #page {
+ visibility: hidden;
+ margin-top: 0%;
+ }
+
+ #page1 {
+ visibility: hidden;
+ }
+
+ #main {
+ visibility: hidden;
+ }
+
+ #validation {
+ visibility: hidden;
display: none;
- } \ No newline at end of file
+ }
+
+ .OA_header {
+ margin-bottom: 0%;
+ margin-top: 0%;
+ font-size: 0pt;
+ visibility: hidden;
+ }
+
+ #alert_area {
+ visibility: visible;
+ width: 250px;
+ }
+
+ #alert_area > p:first-child {
+ display: none;
+ visibility: hidden;
+ }
+
+
+ h2#tabheader{
+ font-size: 1.5em;
+ position: relative;
+ }
+ .mandate{
+ font-size: 1.0em;
+ }
+
+ #leftcontent {
+ float: left;
+ width:auto;
+ border:none;
+ visibility:visible;
+ margin-bottom: 2%;
+ }
+ .bkuimage {
+ width: 40%;
+ }
+
+ #bkukarte {
+ box-sizing: border-box;
+ }
+
+ #bkuhandy {
+ box-sizing: border-box;
+ }
+
+ #bkueulogin {
+ box-sizing: border-box;
+ }
+
+ .setAssertionButton_full {
+ background: #efefef;
+ cursor: pointer;
+ margin-top: 15px;
+ width: 70px;
+ height: 25px;
+ }
+
+ input[type=button],input[type=submit] {
+ width:65%;
+ }
+} \ No newline at end of file
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js
index 313f14b4a..15b82614c 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/javascript_tempalte.js
@@ -84,9 +84,9 @@ function isIE() {
/* setSSOSelection(); */
var ccc = "AT";
- var countrySelection = document.getElementById("eIDASSelection");
+ var countrySelection = document.getElementById("cccSelection");
if (countrySelection != null) {
- ccc = document.getElementById("eIDASSelection").value;
+ ccc = document.getElementById("cccSelection").value;
}
var iFrameURL = "$contextPath$submitEndpoint" + "?";
iFrameURL += "&pendingid=" + "$pendingReqID";
@@ -238,7 +238,22 @@ function isIE() {
}
function setUseMandateFlag(e) {
/*document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);*/
- e.setAttribute("aria-checked", e.checked);
+ e.target.setAttribute("aria-checked", e.target.checked);
+ if (e.target.checked) {
+ var image = document.getElementById("eIDASImage");
+ var srcatt = image.getAttribute("src");
+ var last = srcatt.substring(srcatt.lastIndexOf('/')+1);
+ srcatt = srcatt.replace(last,'eIDAS_small_deactivated.png');
+ image.setAttribute("src",srcatt);
+ document.getElementById("buttonEULogin").disabled=true;
+ } else {
+ var image = document.getElementById("eIDASImage");
+ var srcatt = image.getAttribute("src");
+ var last = srcatt.substring(srcatt.lastIndexOf('/')+1);
+ srcatt = srcatt.replace(last,'eIDAS_small.png');
+ image.setAttribute("src",srcatt);
+ document.getElementById("buttonEULogin").disabled=false
+ }
}
document.addEventListener('resize', onChangeChecks);
@@ -246,7 +261,7 @@ function isIE() {
document.querySelector('#mandateCheckBox').addEventListener('click', setUseMandateFlag);
document.querySelector('#moaidform>input[type=submit]').addEventListener('click', setMandateSelection);
document.querySelector('#bkuhandy>input[type=button]').addEventListener('click', bkuHandyClicked);
- document.querySelector('#stork button[type=button]').addEventListener('click', storkClicked);
+ document.querySelector('#moaideIDASform>input[type=submit]').addEventListener('click', setMandateSelection);
onChangeChecks();
});
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
index fe9bc2166..4e548e58c 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
@@ -4,7 +4,7 @@
<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
<!-- MOA-ID 2.x BKUSelection Layout CSS -->
- <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" />
+ <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/>
<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
<script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script>
@@ -26,8 +26,8 @@
<div id="mandateLogin" class="$MANDATEVISIBLE">
<div>
<input tabindex="1" type="checkbox" name="Mandate"
- id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED>
- <label for="mandateCheckBox" class="verticalcenter">in
+ id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED>
+ <label for="mandateCheckBox" class="mandate">in
Vertretung anmelden</label>
<!--a href="info_mandates.html"
target="_blank"
@@ -37,31 +37,41 @@
</div>
<div id="bkuselectionarea">
<div id="bkukarte">
- <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" />
+ <img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/>
- <!-- Remove support for Online BKU and swith the card button to local BKU-->
- <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
+ <!-- Remove support for Online BKU and swith the card button to local BKU-->
+ <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->
- <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
- <input type="hidden" name="bkuURI" value="$bkuLocal" />
- <input type="hidden" name="useMandate" id="useMandate" />
- <input type="hidden" name="SSO" id="useSSO" />
- <input type="hidden" name="ccc" id="ccc" />
- <input type="hidden" name="pendingid" value="$pendingReqID" />
- <input type="submit" value=" Karte " tabindex="4" role="button">
- </form>
+ <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="bkuURI" value="$bkuLocal" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="SSO" id="useSSO" />
+ <input type="hidden" name="ccc" id="ccc" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input type="submit" value=" Karte " tabindex="5" role="button" />
+ </form>
- <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
+ <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
- <!-- BKU detection with static template-->
- <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
-
- </div>
- <div id="bkuhandy">
- <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
- <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
- </div>
- </div>
+ <!-- BKU detection with static template-->
+ <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
+ </div>
+
+ <div id="bkuhandy">
+ <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />
+ <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
+ </div>
+
+
+ <div id="bkueulogin" class="$eIDASVisible">
+ <img id="eIDASImage" class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" />
+ <form method="get" id="moaideIDASform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+ <input type="hidden" name="useeIDAS" value="true" />
+ <input type="hidden" name="useMandate" id="useMandate" />
+ <input type="hidden" name="pendingid" value="$pendingReqID" />
+ <input id="buttonEULogin" name="bkuButtonEULogin" type="submit" role="button" value="EULogin" />
+ </form>
+ </div>
<!--div id="localBKU">
<form method="get" id="moaidform" action="$contextPath$submitEndpoint"
class="verticalcenter" target="_parent">
@@ -80,7 +90,11 @@
<!--div id="ssoSessionTransferBlock">
<a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a>
</div-->
-
+
+
+
+
+ <!--
<div id="stork" align="center" class="$STORKVISIBLE">
<h2 id="tabheader" class="dunkel">Home Country Selection</h2>
<p>
@@ -88,9 +102,9 @@
$countryList
</select>
<button id="eIDASButton" name="bkuButton" type="button">Proceed</button>
- <!--a href="info_stork.html" target="_blank" class="infobutton">i</a-->
+ a href="info_stork.html" target="_blank" class="infobutton">i</a
</p>
- </div>
+ </div>-->
<div id="metroDetected" class="unvisible">
<p>Anscheinend verwenden Sie Internet Explorer im
diff --git a/id/server/data/deploy/conf/moa-id/keys/sl20.jks b/id/server/data/deploy/conf/moa-id/keys/sl20.jks
new file mode 100644
index 000000000..e1896b9e5
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/keys/sl20.jks
Binary files differ
diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties
index 2c3b8a311..2914fcff1 100644
--- a/id/server/data/deploy/conf/moa-id/log4j.properties
+++ b/id/server/data/deploy/conf/moa-id/log4j.properties
@@ -5,6 +5,7 @@ org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFacto
log4j.rootLogger=warn,stdout
### MOA-ID process log ###
+log4j.logger.at.gv.egiz.eaaf=info,moaid
log4j.logger.at.gv.egovernment.moa.id=info,moaid
log4j.logger.at.gv.egovernment.moa.spss=info,moaid
diff --git a/id/server/data/deploy/conf/moa-id/logback_config.xml b/id/server/data/deploy/conf/moa-id/logback_config.xml
index c00e62e52..fa221fbc2 100644
--- a/id/server/data/deploy/conf/moa-id/logback_config.xml
+++ b/id/server/data/deploy/conf/moa-id/logback_config.xml
@@ -8,14 +8,11 @@
<!-- http://www.qos.ch/shop/products/professionalSupport -->
<!-- -->
<configuration>
- <!-- Errors were reported during translation. -->
- <!-- No class found for appender CONFIGTOOL R -->
- <!-- Could not find transformer for null -->
- <appender name="R" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
<File>${catalina.base}/logs/moa-id.log</File>
<encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>1</maxIndex>
@@ -25,14 +22,25 @@
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
- <appender name="CONFIGTOOL R">
- <!--No layout specified for appender named [CONFIGTOOL R] of class [null]-->
+ <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/logs/moa-spss.log</File>
+ <encoder>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>1</maxIndex>
+ <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
</appender>
<appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
<!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
<File>${catalina.base}/logs/moa-id-webgui.log</File>
<encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
</encoder>
<rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
<maxIndex>1</maxIndex>
@@ -42,30 +50,56 @@
<MaxFileSize>10000KB</MaxFileSize>
</triggeringPolicy>
</appender>
+ <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+ <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+ <File>${catalina.base}/moa-id-reversion.log</File>
+ <encoder>
+ <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+ </encoder>
+ <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+ <maxIndex>9999</maxIndex>
+ <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern>
+ </rollingPolicy>
+ <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+ <MaxFileSize>10000KB</MaxFileSize>
+ </triggeringPolicy>
+ </appender>
<appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
<encoder>
- <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n</pattern>
+ <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
</encoder>
</appender>
- <logger name="eu.stork" level="info"/>
- <logger name="iaik.server" level="info"/>
- <logger name="at.gv.egovernment.moa.id" level="info">
- <appender-ref ref="R"/>
+ <logger name="at.gv.egiz.eaaf" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+ <logger name="at.gv.egovernment.moa.spss" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <logger name="pki" level="info">
+ <appender-ref ref="moaspss"/>
</logger>
<logger name="at.gv.egovernment.moa.id.commons" level="info">
- <appender-ref ref="CONFIGTOOL R"/>
+ <appender-ref ref="CONFIGTOOL"/>
</logger>
- <logger name="org.hibernate" level="warn"/>
- <logger name="at.gv.egiz.components.configuration" level="info">
+ <logger name="at.gv.egovernment.moa.id.configuration" level="info">
<appender-ref ref="CONFIGTOOL"/>
</logger>
- <logger name="at.gv.egovernment.moa.id.proxy" level="info"/>
+ <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+ <appender-ref ref="reversion"/>
+ </logger>
<logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
<appender-ref ref="CONFIGTOOL"/>
</logger>
- <logger name="at.gv.egovernment.moa.spss" level="info"/>
- <logger name="at.gv.egovernment.moa" level="info"/>
- <root level="info">
+ <logger name="at.gv.egiz.components.configuration" level="info">
+ <appender-ref ref="CONFIGTOOL"/>
+ </logger>
+ <logger name="at.gv.egovernment.moa.id" level="info">
+ <appender-ref ref="moaid"/>
+ </logger>
+ <logger name="iaik.server" level="info">
+ <appender-ref ref="moaspss"/>
+ </logger>
+ <root level="warn">
<appender-ref ref="stdout"/>
</root>
</configuration>
diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 24fe78261..6dddb454a 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -29,21 +29,26 @@ configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/moni
#MOA-ID 3.x Advanced Logging
configuration.advancedlogging.active=false
-##Webservice Client Configuration
-#MOA-SP webservice
-#service.moasp.acceptedServerCertificates=
-#service.moasp.clientKeyStore=
-#service.moasp.clientKeyStorePassword=
+######################## Externe Services ############################################
-#Online mandates webservice (MIS)
+######## Online mandates webservice (MIS) ########
service.onlinemandates.acceptedServerCertificates=
service.onlinemandates.clientKeyStore=keys/....
service.onlinemandates.clientKeyStorePassword=
-#Foreign Identities (SZRGW)
-service.foreignidentities.acceptedServerCertificates=
-service.foreignidentities.clientKeyStore=keys/....
-service.foreignidentities.clientKeyStorePassword=
+######## central eIDAS-node connector module ##########
+modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
+modules.eidascentralauth.keystore.password=password
+modules.eidascentralauth.metadata.sign.alias=pvp_metadata
+modules.eidascentralauth.metadata.sign.password=password
+modules.eidascentralauth.request.sign.alias=pvp_assertion
+modules.eidascentralauth.request.sign.password=password
+modules.eidascentralauth.response.encryption.alias=pvp_assertion
+modules.eidascentralauth.response.encryption.password=password
+modules.eidascentralauth.node.trustprofileID=centralnode_metadata
+
+
+######################## Protokolle am IDP ############################################
##Protocol configuration##
#PVP2
@@ -63,9 +68,9 @@ protocols.oauth20.jwt.ks.password=password
protocols.oauth20.jwt.ks.key.name=oauth
protocols.oauth20.jwt.ks.key.password=password
-##Database configuration##
-configuration.database.byteBasedValues=false
+######################## Datenbankkonfiguration ############################################
+configuration.database.byteBasedValues=false
#Hibnerate configuration for MOA-ID 3.x session store
moasession.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
@@ -147,11 +152,38 @@ advancedlogging.dbcp.testWhileIdle=false
advancedlogging.dbcp.validationQuery=select 1
-################ Additonal eID-modul configuration ####################################
-## This additional eID moduls add special functionality to MOA-ID-Auth.
-## The configuration of this modules is only needed if this modules are in use.
-########
-### eIDAS protocol configuration ###
+################ Additonal eID-modul configuration ################################
+## This additional eID moduls add special functionality to MOA-ID-Auth. #
+## The configuration of this modules is only needed if this modules are in use. #
+###################################################################################
+
+######## SL2.0 authentication module ########
+modules.sl20.vda.urls.qualeID.endpoint.default=https://www.handy-signatur.at/securitylayer2
+modules.sl20.vda.urls.qualeID.endpoint.1=https://hs-abnahme.a-trust.at/securitylayer2
+modules.sl20.vda.urls.qualeID.endpoint.2=https://test1.a-trust.at/securitylayer2
+modules.sl20.security.keystore.path=keys/sl20.jks
+modules.sl20.security.keystore.password=password
+modules.sl20.security.sign.alias=signing
+modules.sl20.security.sign.password=password
+modules.sl20.security.encryption.alias=encryption
+modules.sl20.security.encryption.password=password
+modules.sl20.vda.authblock.id=default
+modules.sl20.vda.authblock.transformation.id=SL20Authblock_v1.0,SL20Authblock_v1.0_SIC
+modules.sl20.security.eID.validation.disable=false
+modules.sl20.security.eID.signed.result.required=true
+modules.sl20.security.eID.encryption.enabled=true
+modules.sl20.security.eID.encryption.required=true
+
+######## user-restriction ##########
+configuration.restrictions.sp.entityIds=
+configuration.restrictions.sp.users.url=
+configuration.restrictions.sp.users.sector=
+
+####### Direkte Fremd-bPK Berechnung ########
+configuration.foreignsectors.pubkey.xxxxTargetxxx= xxx BASE64-Cert xxx
+
+######## eIDAS protocol configuration ########
+######## This is ONLY required, if MOA-ID operates as an eIDAS node!!! ########
moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml
moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml
moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml
@@ -160,7 +192,7 @@ moa.id.protocols.eIDAS.node.country=Austria
moa.id.protocols.eIDAS.node.countrycode=AT
moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high
-### HBV Mandate-Service client module ###
+######## HBV Mandate-Service client module ########
modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH
modules.elga_mandate.service.metadata.trustprofileID=
modules.elga_mandate.service.mandateprofiles=
@@ -173,7 +205,7 @@ modules.elga_mandate.request.sign.password=password
modules.elga_mandate.response.encryption.alias=pvp_assertion
modules.elga_mandate.response.encryption.password=password
-### SSO Interfederation client module ###
+######## SSO Interfederation client module ########
modules.federatedAuth.keystore.path=keys/moa_idp[password].p12
modules.federatedAuth.keystore.password=password
modules.federatedAuth.metadata.sign.alias=pvp_metadata
@@ -183,8 +215,8 @@ modules.federatedAuth.request.sign.password=password
modules.federatedAuth.response.encryption.alias=pvp_assertion
modules.federatedAuth.response.encryption.password=password
-#Redis Settings, if Redis is used as a backend for session data.
-#has to be enabled with the following parameter
+######## Redis Settings, if Redis is used as a backend for session data.
+# has to be enabled with the following parameter
#redis.active=true
redis.use-pool=true
redis.host-name=localhost
diff --git a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml
index 31fc8a16c..9dede486d 100644
--- a/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml
+++ b/id/server/data/deploy/conf/moa-spss/SampleMOASPSSConfiguration.xml
@@ -64,6 +64,10 @@
<cfg:Id>PVP_metadata</cfg:Id>
<cfg:TrustAnchorsLocation>trustProfiles/PVP_metadata</cfg:TrustAnchorsLocation>
</cfg:TrustProfile>
+ <cfg:TrustProfile>
+ <cfg:Id>centralnode_metadata</cfg:Id>
+ <cfg:TrustAnchorsLocation>trustProfiles/centralnode_metadata</cfg:TrustAnchorsLocation>
+ </cfg:TrustProfile>
</cfg:PathValidation>
<cfg:RevocationChecking>
<cfg:EnableChecking>true</cfg:EnableChecking>
@@ -125,5 +129,16 @@
<cfg:Id>MOAIDTransformAuthBlockTable_EN</cfg:Id>
<cfg:Location>profiles/MOAIDTransformAuthBlockTable_EN.xml</cfg:Location>
</cfg:VerifyTransformsInfoProfile>
+
+ <!-- AuthBlock transformations for Security Layer v2.0 -->
+ <cfg:VerifyTransformsInfoProfile>
+ <cfg:Id>SL20Authblock_v1.0</cfg:Id>
+ <cfg:Location>profiles/SL20_authblock_v1.0.xml</cfg:Location>
+ </cfg:VerifyTransformsInfoProfile>
+ <cfg:VerifyTransformsInfoProfile>
+ <cfg:Id>SL20Authblock_v1.0_SIC</cfg:Id>
+ <cfg:Location>profiles/SL20_authblock_v1.0_SIC.xml</cfg:Location>
+ </cfg:VerifyTransformsInfoProfile>
+
</cfg:SignatureVerification>
</cfg:MOAConfiguration>
diff --git a/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml
new file mode 100644
index 000000000..e67b1f5ce
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="saml2" version="1.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><xsl:output method="xml" xml:space="default" /><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Signatur der Anmeldedaten</title><style media="screen" type="text/css">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle { text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style { font-size: large; }
+ .hidden {display: none; }
+ </style></head><body><h4 class="h4style">Anmeldedaten:</h4><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue)"><tr><td class="italicstyle">Vorname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue)"><tr><td class="italicstyle">Nachname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">Vollmacht: </td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Identifikator: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderUniqueId']/saml2:AttributeValue" /></td></tr><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue)"><tr><td class="italicstyle">Name: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue" /></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue)"><tr><td class="italicstyle">Staat: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue" /></td></tr></xsl:if></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,9,2)" /><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,6,2)" /><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,1,4)" /></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,12,2)" /><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,15,2)" /><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,18,2)" /></td></tr><tr><td class="italicstyle">TransaktionsToken: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/@ID" /></td></tr><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">
+ Vollmachten-Referenz: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue" /></td></tr></xsl:if><tr class="hidden"><td class="italicstyle">DataURL: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience" /></td></tr><xsl:if test="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"><tr class="hidden"><td class="italicstyle">AuthBlockValidTo: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter" /></td></tr></xsl:if></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /></dsig:Transforms></VerifyTransformsInfoProfile>
diff --git a/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml
new file mode 100644
index 000000000..741013cd1
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/profiles/SL20_authblock_v1.0_SIC.xml
@@ -0,0 +1,8 @@
+<?xml version="1.0" encoding="UTF-8"?><VerifyTransformsInfoProfile xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet xmlns:xsl="http://www.w3.org/1999/XSL/Transform" exclude-result-prefixes="saml2" version="1.0" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"><xsl:output method="xml" xmlns:xml="http://www.w3.org/XML/1998/namespace" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html xmlns="http://www.w3.org/1999/xhtml"><head><title>Signatur der Anmeldedaten</title><style media="screen" type="text/css">
+ .normalstyle { font-size: medium; }
+ .italicstyle { font-size: medium; font-style: italic; }
+ .titlestyle { text-decoration:underline; font-weight:bold; font-size: medium; }
+ .h4style { font-size: large; }
+ .hidden {display: none; }
+ </style></head><body><h4 class="h4style">Anmeldedaten:</h4><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue)"><tr><td class="italicstyle">Vorname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:2.5.4.42']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue)"><tr><td class="italicstyle">Nachname: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.20']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.55']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">Vollmacht: </td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Identifikator: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderUniqueId']/saml2:AttributeValue"/></td></tr><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue)"><tr><td class="italicstyle">Name: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderFriendlyName']/saml2:AttributeValue"/></td></tr></xsl:if><xsl:if test="string(/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue)"><tr><td class="italicstyle">Staat: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='http://eid.gv.at/eID/attributes/ServiceProviderCountryCode']/saml2:AttributeValue"/></td></tr></xsl:if></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(/saml2:Assertion/@IssueInstant,18,2)"/></td></tr><tr><td class="italicstyle">TransaktionsTokken: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/@ID"/></td></tr><xsl:if test="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"><tr><td class="italicstyle">
+ Vollmachten-Referenz: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:AttributeStatement/saml2:Attribute[@Name='urn:oid:1.2.40.0.10.2.1.1.261.90']/saml2:AttributeValue"/></td></tr></xsl:if><tr class="hidden"><td class="italicstyle">DataURL: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/saml2:AudienceRestriction/saml2:Audience"/></td></tr><xsl:if test="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"><tr class="hidden"><td class="italicstyle">AuthBlockValidTo: </td><td class="normalstyle"><xsl:value-of select="/saml2:Assertion/saml2:Conditions/@NotOnOrAfter"/></td></tr></xsl:if></table></body></html></xsl:template></xsl:stylesheet></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transforms></VerifyTransformsInfoProfile>
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt
new file mode 100644
index 000000000..2babcef6a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIIEFTCCAn0CBFtIcMwwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCQVQxDTAL
+BgNVBAoMBEVHSVoxMTAvBgNVBAMMKG5hdGlvbmFsIGNlbnRyYWwgZUlEQVMgbm9k
+ZSAtIHRlc3RzeXN0ZW0wHhcNMTgwNzEzMDkyODQ0WhcNMjEwNDA3MDkyODQ0WjBP
+MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjExMC8GA1UEAwwobmF0aW9uYWwg
+Y2VudHJhbCBlSURBUyBub2RlIC0gdGVzdHN5c3RlbTCCAaIwDQYJKoZIhvcNAQEB
+BQADggGPADCCAYoCggGBALK4bdf5OremKkj0+xCjU0eN7RUd1A2VqoGnvFUst7xj
+LQ1PspHiDf9Pm2cwOIJabSnuZ01hYAGz9X+lU3Z3fwhVc+tEsuzsaAml/LPw3i3+
+ppoSTJDMiDvhCoUKTzJ8HBQj2gTvXNlqPljyGneuCJ+uBMr7Okq/XjMTJj2xzvut
+rHS3qIO+/w+OkY967QLVRXh0bdFqYqnyAnlYcWJPIwjanOJtE2difPYqers7ZW1F
+9djP0+IZRoyaook5rpLYvuQTHuvulgIE3zGlTuOx3sk8zMyInMndqi75Eh+ROnnd
+SZE7gN3u5CfFpuO5pxFa2jj1h/AnR39Tg8/sU+Se+AwHrNvee3IWhxk5LkelYevf
+eCQos7Dv2ASE9XMCCs7FoE47w8fDalECh09MFKDiotpklbq3OrPg9NQ4D//k0GXl
+W5jYUKP/Wq/+suAI6mfhSnNkjOGMcMlzNTmwxGD/v7Py6OVA+YcJQsqYalLrqbvT
+2tXVmYBVO3oqafg+kfevfwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBgQCioM8k0EEB
+FtY4QyxOYFufPDLw9PNPct01ltnTVjNEEt/L6/8zYlDwrDeULEkJS7mV9zV3657N
+PQ5IPT/Ib93Uk/RPi0iOA2CGWIMaDQIODN3BUYr+zPUqhbKS6OWOhTgV8GiRCUbx
+rT1uc1AiacP63pga3TJX8k8WFnfW+Dqm2MfWWlxr4X2YB9VUW55X5sBNy035jYhE
+pp8NCK/fTAhoEQNCG+rm3T9qhT6YyOnbW2kXU747+ZwXT2qA5o4ya/9+6dDc+LUl
+HCEm4X7c6bcGvCfNezB4k56FzbAJlOLf2VDGzvEQBf0hsB+kElezm1VBlEkZ4Mjz
+pBpHBMoR21SwTpcvrbR4ig0Bk1eEHNK44sw0F32K5yww3gnJftMIZtPhjhk8UdG2
+/H6vs9s/to2Vj4V6wN4o79RTULoQ8RjL6MPWEWzwOvOZXJAo2XJEECvDivSjIJvN
+C0lfrK3zI3LH3c1JR6q2EfeCZ50wTJMFoChSaqunJQXKo81g6wNhP00=
+-----END CERTIFICATE-----
diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
index 9e292540a..d717ecd25 100644
--- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh
+++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
@@ -4,6 +4,9 @@ export JAVA_HOME= <insert java home directory (no trailing path separator)>
export CATALINA_HOME= <insert Tomcat home directory (no trailing path separator)>
export CATALINA_BASE=$CATALINA_HOME
+FILE_ENCODING=-Dfile.encoding=UTF-8
+RAND_FILE=-Djava.security.egd=file:///dev/urandom
+
LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml
@@ -21,7 +24,7 @@ PROXY_OPT=-Dmoa.id.proxy.configuration=$CATALINA_BASE/conf/moa-id-proxy/MOAIDCon
#TRUST_STORE_PASS_OPT=-Djavax.net.ssl.trustStorePassword=changeit
#TRUST_STORE_TYPE_OPT=-Djavax.net.ssl.trustStoreType=jks
-export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m"
+export CATALINA_OPTS="$FILE_ENCODING $RAND_FILE $CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m"
echo CATALINA_HOME: $CATALINA_HOME
echo CATALINA_BASE: $CATALINA_BASE
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat
index 325ae1f20..afdd907c8 100644
--- a/id/server/data/deploy/tomcat/win32/startTomcat.bat
+++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat
@@ -9,6 +9,9 @@ set CATALINA_HOME=<Tomcat home directory>
rem ----------------------------------------------------------------------------------------------
+set FILE_ENCODING=-Dfile.encoding=UTF-8
+set RAND_FILE=-Djava.security.egd=file:///dev/urandom
+
set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties
set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml
@@ -20,7 +23,7 @@ set DEMOOA_OPT=-Dmoa.id.demoOA=%CATALINA_HOME%/conf/moa-id-oa/oa.properties
set STORK_OPT=-Deu.stork.samlengine.config.location=%CATALINA_HOME%/conf/moa-id/stork/
set PROXY_OPT=-Dmoa.id.proxy.configuration=%CATALINA_HOME%/conf/moa-id-proxy/MOAIDConfiguration.xml
-set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m
+set PARAMS_MOA=%FILE_ENCODING %RAND_FILE %CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m
rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks
rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit