diff options
Diffstat (limited to 'id/server/doc/conf/moa-id')
35 files changed, 2768 insertions, 0 deletions
diff --git a/id/server/doc/conf/moa-id/MOAIdentities.xsd b/id/server/doc/conf/moa-id/MOAIdentities.xsd new file mode 100644 index 000000000..e075ead5e --- /dev/null +++ b/id/server/doc/conf/moa-id/MOAIdentities.xsd @@ -0,0 +1,59 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- edited with XMLSPY v5 rel. 4 U (http://www.xmlspy.com) by Rudolf Schamberger (Stabsstelle IKT-Strategie) (Bundesrechenzentrum GmbH) --> +<xs:schema targetNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" elementFormDefault="qualified" attributeFormDefault="unqualified"> + <xs:element name="MOAIdentities"> + <xs:annotation> + <xs:documentation>MOAIdentities provides a mapping from identities to parameters used in the XMLLoginParameterResolver of MOA-ID</xs:documentation> + </xs:annotation> + <xs:complexType> + <xs:sequence maxOccurs="unbounded"> + <xs:element name="Mapping"> + <xs:complexType> + <xs:sequence> + <xs:element name="Identity"> + <xs:complexType> + <xs:choice> + <xs:element name="NamedIdentity" type="tns:NamedIdentityType"/> + <xs:element name="bPKIdentity" type="tns:bPKIdentitiyType"/> + <xs:element name="wbPKIdentity" type="tns:wbPKIdentitiyType"/> + </xs:choice> + </xs:complexType> + </xs:element> + <xs:element name="Parameters" type="tns:ParametersType"/> + </xs:sequence> + </xs:complexType> + </xs:element> + </xs:sequence> + </xs:complexType> + </xs:element> + <xs:complexType name="wbPKIdentitiyType"> + <xs:simpleContent> + <xs:extension base="xs:boolean"> + <xs:attribute name="wbPK" type="xs:string" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="bPKIdentitiyType"> + <xs:simpleContent> + <xs:extension base="xs:boolean"> + <xs:attribute name="bPK" type="xs:string" use="required"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="NamedIdentityType"> + <xs:simpleContent> + <xs:extension base="xs:boolean"> + <xs:attribute name="SurName" type="xs:string" use="required"/> + <xs:attribute name="GivenName" type="xs:string" use="required"/> + <xs:attribute name="BirthDate" type="xs:string" use="optional"/> + </xs:extension> + </xs:simpleContent> + </xs:complexType> + <xs:complexType name="ParametersType"> + <xs:attribute name="UN" type="xs:string" use="optional"/> + <xs:attribute name="PW" type="xs:string" use="optional"/> + <xs:attribute name="Param1" type="xs:string" use="optional"/> + <xs:attribute name="Param2" type="xs:string" use="optional"/> + <xs:attribute name="Param3" type="xs:string" use="optional"/> + </xs:complexType> +</xs:schema> diff --git a/id/server/doc/conf/moa-id/SampleIdentities.xml b/id/server/doc/conf/moa-id/SampleIdentities.xml new file mode 100644 index 000000000..abda0bf64 --- /dev/null +++ b/id/server/doc/conf/moa-id/SampleIdentities.xml @@ -0,0 +1,34 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Beispielkonfiguration für den Einsatz der MOA-ID Proxy-Komponenten unter Einsatz eines speziellen XMLLoginParameterResolver + Damit kann unter Einsatz des XMLLoginParameterResolverPlainData (s.u.) eine Einschränkung von Benutzer für OA erfolgen. --> +<!-- Beispiel für ein Element ProxyComponent in der MOA-ID Konfigurationsdatei welches den XMLLoginParameterResolverPlainData + mit der Benutzerdatei Identities.xml verwendet um sich über Basic Authentication (401) an einer Webseite anzumeldne --> + + +<!-- + <ProxyComponent configFileURL="oa/SampleOAConfiguration.xml" sessionTimeOut="600" + loginParameterResolverImpl="at.gv.egovernment.moa.id.proxy.XMLLoginParameterResolverPlainData" + loginParameterResolverConfiguration="Identities.xml"> + <ConnectionParameter URL="http://www.digitales.oesterreich.gv.at/"> + </ConnectionParameter> + </ProxyComponent> +--> +<MOAIdentities xmlns="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/20020822#/xmllpr20030814 MOAIdentities.xsd"> + <!-- Eintrag aller Benutzer mit Berechtigung --> + <!-- Die Daten müssen in der Schreibweise wie in der Personenbindung (= Schreibweise des ZMRs) eingegeben werden --> + + <!-- Benutzerin Kunz --> + <Mapping> + <Identity> + <NamedIdentity SurName="Kunz" GivenName="Karin Stella" BirthDate="1900-01-01">1</NamedIdentity> + </Identity> + <Parameters UN="KunzKS" PW="geheim"/> + </Mapping> + <!-- Benutzer Mustermann --> + <Mapping> + <Identity> + <NamedIdentity SurName="Mustermann-Fall" GivenName="Max Moriz" BirthDate="1900-01-01">1</NamedIdentity> + </Identity> + <Parameters UN="MustMM" PW="höchst?Geheim"/> + </Mapping> +</MOAIdentities> diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer Binary files differnew file mode 100644 index 000000000..33e776369 --- /dev/null +++ b/id/server/doc/conf/moa-id/certs/ca-certs/A-Trust-nQual-03.cer diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer b/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer Binary files differnew file mode 100644 index 000000000..a699436ca --- /dev/null +++ b/id/server/doc/conf/moa-id/certs/ca-certs/a-sign-SSL-03.cer diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer b/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer Binary files differnew file mode 100644 index 000000000..ff90e35f5 --- /dev/null +++ b/id/server/doc/conf/moa-id/certs/ca-certs/gateway.stammzahlenregister.gv.at.cer diff --git a/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt b/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt new file mode 100644 index 000000000..0780bc44f --- /dev/null +++ b/id/server/doc/conf/moa-id/certs/ca-certs/szrgw.egiz.gv.at.crt @@ -0,0 +1,33 @@ +-----BEGIN CERTIFICATE----- +MIIFsDCCBJigAwIBAgIHASBxw0JY9jANBgkqhkiG9w0BAQUFADCBrDEcMBoGA1UE +AxMTRXVyb1BLSSBJQUlLIFNTTCBDQTEmMCQGA1UEChMdR3JheiBVbml2ZXJzaXR5 +IG9mIFRlY2hub2xvZ3kxSDBGBgNVBAsTP0luc3RpdHV0ZSBmb3IgQXBwbGllZCBJ +bmZvcm1hdGlvbiBQcm9jZXNzaW5nIGFuZCBDb21tdW5pY2F0aW9uczENMAsGA1UE +BxMER3JhejELMAkGA1UEBhMCQVQwHhcNMTMxMjAzMTYzODUyWhcNMTUxMjAzMTYz +ODUyWjCBqTELMAkGA1UEBhMCQVQxDTALBgNVBAcTBEdyYXoxJjAkBgNVBAoTHUdy +YXogVW5pdmVyc2l0eSBvZiBUZWNobm9sb2d5MUgwRgYDVQQLEz9JbnN0aXR1dGUg +Zm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNh +dGlvbnMxGTAXBgNVBAMTEHN6cmd3LmVnaXouZ3YuYXQwggEiMA0GCSqGSIb3DQEB +AQUAA4IBDwAwggEKAoIBAQDPDRBxrsDziPzz+GAcdJ2m6kOkJcr4REzMzP9dULRv +R6EbVvvwQgPpAEcuqH+101ZwcIHNSCSQF30HnkJVF9hQ+4jIKjvUQ96hkZUC8OyI +9WfJfPjCtMea9Mk4YsI2DVc6xoiuNKSeZt6ER0b3YDRFX6x4QqQpgt3uIMKjHxBf +ESB9ehKLEPnQTgIzblvVrPWRAjVd+nZq40ZW1Im9Kq2pRk1gt5xiGh0q5qCV17Yj +mzTcO4tcgW7iFJ8Tj1Cdog7AOBkhGXGtndfhH/EwGo08PZ1PEYwA5wTVHEhq/Nom +zBKhDBRdDBhWOuxMeX8zSffuBYf9Oa9RGZBPErUi9HgHAgMBAAGjggHWMIIB0jAO +BgNVHQ8BAf8EBAMCBLAwFgYDVR0lAQH/BAwwCgYIKwYBBQUHAwEwDAYDVR0TAQH/ +BAIwADBQBgNVHSAESTBHMEUGDCsGAQQBlRIBAgMBATA1MDMGCCsGAQUFBwIBFido +dHRwOi8vZXVyb3BraS5pYWlrLmF0L2NhL2lhaWsvY3BzLzEuMy8wHQYDVR0OBBYE +FFi1nfsT7YEJ9PKNzMHBtXbl574ZMEgGA1UdHwRBMD8wPaA7oDmGN2h0dHA6Ly9j +YS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jcmxzL0V1cm9QS0lJQUlLX1NTTC5jcmww +gZoGCCsGAQUFBwEBBIGNMIGKMEIGCCsGAQUFBzABhjZodHRwOi8vY2EuaWFpay50 +dWdyYXouYXQvY2Fwc28vT0NTUD9jYT1FdXJvUEtJSUFJS19TU0wwRAYIKwYBBQUH +MAKGOGh0dHA6Ly9jYS5pYWlrLnR1Z3Jhei5hdC9jYXBzby9jZXJ0cy9FdXJvUEtJ +SUFJS19TU0wuY2VyMCEGA1UdEQQaMBiBFnRob21hcy5sZW56QGVnaXouZ3YuYXQw +HwYDVR0jBBgwFoAUFZk0u+CXsy4oNl3WeM9osRQzuEkwDQYJKoZIhvcNAQEFBQAD +ggEBAItlnRWi7nFbd9oahK06YNgkI6c3zPfWp3anaYOxZt+AakjI7IoV2YprNVWJ +2RZ2KA7rM3xNO1i1/H6TcWpjIJy+zsejvyXjQbC9e+wy3hD7iqtCt4oWqzIg61NE +u1j1u/r9/yozDEkOYv7XY+X5xNBCZ1YfbOwKltLdCWhk6MSK9xDUoeub0DyD3OIS +4VBVfftsVaJA9vY9e62aSpysEU6VoJpoXVLv1pGeCMajF9d7umCs+daguugbUNMM +FIfAll/9kcEG7FmpLaWA1qRpfTb8XZ6j/J0YrWAzyyCmLiQJRmhDDipi7PqAJBz6 +9aau5Lhfs4OYoKxgiw7WxOJldFo= +-----END CERTIFICATE----- diff --git a/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html new file mode 100644 index 000000000..ef070b8eb --- /dev/null +++ b/id/server/doc/conf/moa-id/htmlTemplates/loginFormFull.html @@ -0,0 +1,846 @@ +<!DOCTYPE html> +<html> +<head> +<meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <style type="text/css"> + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.7em; + /*border-radius: 5px;*/ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /*border-radius: 7px;*/ + margin-bottom: 25px; + min-width: 80px; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 460px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + width: 250px; + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + /*float:left; */ + width:250px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #leftcontent { + width: 300px; + margin-top: 30px; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:hidden; + min-width: 190px; + min-height: 180px; + /*height: 260px;*/ + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + #stork h2 { + font-size: 1.0em; + margin-bottom: 2%; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 75px; + margin-bottom: 10px; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + + #localBKU input { + font-size: 0.6em; + min-width: 60px; + /* max-width: 65px; */ + min-height: 1.0em; + /* border-radius: 5px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.7em; + min-width: 55px; + /*min-height: 1.1em; + border-radius: 5px;*/ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.65em; + } + + #bku_header h2 { + font-size: 0.8em; + margin-top: -0.4em; + padding-top: 0.4em; + } + + #bkulogin { + min-height: 150px; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + /* max-width: 75px; */ + min-height: 0.95em; + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.75em; + min-width: 60px; + /* min-height: 0.95em; + border-radius: 6px; */ + margin-bottom: 5% + } + + #mandateLogin { + font-size: 0.75em; + } + + #bku_header h2 { + font-size: 0.9em; + margin-top: -0.45em; + padding-top: 0.45em; + } + + #bkulogin { + min-height: 180px; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.85em; + /* min-height: 1.05em; + border-radius: 7px; */ + margin-bottom: 10%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.0em; + margin-top: -0.50em; + padding-top: 0.50em; + } + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 75px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 0.9em; + /* min-height: 1.2em; + border-radius: 8px; */ + margin-bottom: 10%; + max-width: 80px; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2 { + font-size: 1.1em; + margin-top: -0.55em; + padding-top: 0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.8em; + min-width: 70px; + /* max-width: 80px; */ + /* border-radius: 6px; */ + } + + #bkuselectionarea input[type=button] { + font-size: 1.0em; + /* min-height: 1.3em; + border-radius: 10px; */ + margin-bottom: 10%; + max-width: 85px; + } + + #mandateLogin { + font-size: 1.2em; + } + + #bku_header h2 { + font-size: 1.3em; + margin-top: -0.65em; + padding-top: 0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: #MAIN_BACKGOUNDCOLOR#; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + vertical-align: middle; + min-height: 173px; + min-width: 204px; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + position: relative; + top: 50%; + } + + #stork h2 { + font-size: 0.9em; + margin-bottom: 2%; + } + + #bkulogin { + min-width: 190px; + min-height: 155px; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + input[type=button] { +/* height: 11%; */ + width: 70%; + } + } + + * { + margin: 0; + padding: 0; + font-family: #FONTTYPE#; + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + #stork { + /*margin-bottom: 10px;*/ + /* margin-top: 5px; */ + } + + #mandateLogin { + padding-bottom: 4%; + padding-top: 4%; + height: 10%; + position: relative; + text-align: center; + } + + .verticalcenter { + vertical-align: middle; + } + + #mandateLogin div { + clear: both; + margin-top: -1%; + position: relative; + top: 50%; + } + + #bkuselectionarea { + position: relative; + display: block; + } + + #localBKU { + padding-left: 5%; + padding-right: 2%; + padding-bottom: 4%; + /*padding-top: 4%;*/ + position: relative; + clear: both; + } + + #bkukarte { + float:left; + text-align:center; + width:40%; + min-height: 70px; + padding-left: 5%; + padding-top: 2%; + } + + #bkuhandy { + float:right; + text-align:center; + width:40%; + min-height: 90px; + padding-right: 5%; + padding-top: 2%; + } + + .bkuimage { + width: 90%; + height: auto; + } + + #mandate{ + text-align:center; + padding : 5px 5px 5px 5px; + } + +/* input[type=button], .sendButton { + background: #BUTTON_BACKGROUNDCOLOR#; + color: #BUTTON_COLOR#; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: 3px 3px 3px #222222; */ +/* } + +/* button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { + background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; + color: #BUTTON_COLOR#; +/* border:1px solid #000; */ +/* cursor: pointer; +/* box-shadow: -1px -1px 3px #222222; */ +/* } + +*/ + input { + /*border:1px solid #000;*/ + cursor: pointer; + } + + #localBKU input { +/* color: #BUTTON_COLOR#; */ + border: 0px; + display: inline-block; + + } + + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + text-decoration: underline; + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + .sendButton { + width: 30%; + margin-bottom: 1%; + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : #MAIN_BACKGOUNDCOLOR#; + color: #MAIN_COLOR#; + } + + .dunkel { + background-color: #HEADER_BACKGROUNDCOLOR#; + color: #HEADER_COLOR#; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + </style> +<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> +<script type="text/javascript"> + function isIE() { + return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); + } + function isFullscreen() { + try { + return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); + } catch (e) { + return false; + } + } + function isActivexEnabled() { + var supported = null; + try { + supported = !!new ActiveXObject("htmlfile"); + } catch (e) { + supported = false; + } + return supported; + } + function isMetro() { + if (!isIE()) + return false; + return !isActivexEnabled() && isFullscreen(); + } + window.onload=function() { + document.getElementById("localBKU").style.display="block"; + return; + } + function bkuLocalClicked() { + setMandateSelection(); + } + + function bkuOnlineClicked() { + if (isMetro()) + document.getElementById("metroDetected").style.display="block"; + document.getElementById("localBKU").style.display="block"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "#AUTH_URL#" + "?"; + iFrameURL += "bkuURI=" + "#ONLINE#"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; +/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ + iFrameURL += "&MODUL=" + "#MODUL#"; + iFrameURL += "&ACTION=" + "#ACTION#"; + iFrameURL += "&MOASessionID=" + "#SESSIONID#"; + generateIFrame(iFrameURL); + } + function bkuHandyClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var iFrameURL = "#AUTH_URL#" + "?"; + iFrameURL += "bkuURI=" + "#HANDY#"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; +/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ + iFrameURL += "&MODUL=" + "#MODUL#"; + iFrameURL += "&ACTION=" + "#ACTION#"; + iFrameURL += "&MOASessionID=" + "#SESSIONID#"; + generateIFrame(iFrameURL); + } + function storkClicked() { + document.getElementById("localBKU").style.display="none"; +/* if (checkMandateSSO()) + return; */ + + setMandateSelection(); +/* setSSOSelection(); */ + + var ccc = "AT"; + var countrySelection = document.getElementById("cccSelection"); + if (countrySelection != null) { + ccc = document.getElementById("cccSelection").value; + } + var iFrameURL = "#AUTH_URL#" + "?"; + iFrameURL += "bkuURI=" + "#ONLINE#"; + iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; + iFrameURL += "&CCC=" + ccc; +/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ + iFrameURL += "&MODUL=" + "#MODUL#"; + iFrameURL += "&ACTION=" + "#ACTION#"; + iFrameURL += "&MOASessionID=" + "#SESSIONID#"; + generateIFrame(iFrameURL); + } + function generateIFrame(iFrameURL) { + var el = document.getElementById("bkulogin"); + var width = el.clientWidth; + var heigth = el.clientHeight - 20; + var parent = el.parentNode; + + iFrameURL += "&heigth=" + heigth; + iFrameURL += "&width=" + width; + + var iframe = document.createElement("iframe"); + iframe.setAttribute("src", iFrameURL); + iframe.setAttribute("width", el.clientWidth - 1); + iframe.setAttribute("height", el.clientHeight - 1); + iframe.setAttribute("frameborder", "0"); + iframe.setAttribute("scrolling", "no"); + iframe.setAttribute("title", "Login"); + parent.replaceChild(iframe, el); + } + function setMandateSelection() { + document.getElementById("moaidform").action = "#AUTH_URL#"; + document.getElementById("useMandate").value = "false"; + var checkbox = document.getElementById("mandateCheckBox"); + if (checkbox != null) { + if (document.getElementById("mandateCheckBox").checked) { + document.getElementById("useMandate").value = "true"; + } + } + } + function onChangeChecks() { + if (top.innerWidth < 650) { + document.getElementById("moaidform").setAttribute("target","_parent"); + } else { + document.getElementById("moaidform").removeAttribute("target"); + } + + } +/* function setSSOSelection() { + document.getElementById("useSSO").value = "false"; + var checkbox = document.getElementById("SSOCheckBox"); + if (checkbox != null) { + if (document.getElementById("SSOCheckBox").checked) { + document.getElementById("useSSO").value = "true"; + } + } + } */ + +/* function checkMandateSSO() { + var sso = document.getElementById("SSOCheckBox"); + var mandate = document.getElementById("mandateCheckBox"); + + + if (sso.checked && mandate.checked) { + alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") + mandate.checked = false; + sso.checked = false; + return true; + } else { + return false; + } + } */ + </script> +<title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> +</head> +<body onload="onChangeChecks();" onresize="onChangeChecks();"> + <div id="page"> + <div id="page1" class="case selected-case" role="main"> + <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> + <div id="main"> + <div id="leftcontent" class="hell" role="application"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> + </div> + <div id="bkulogin" class="hell" role="form"> + <div id="mandateLogin" style=""> + <div> + <input tabindex="1" type="checkbox" name="Mandate" + id="mandateCheckBox" class="verticalcenter" role="checkbox" + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> + <label for="mandateCheckBox" class="verticalcenter">in + Vertretung anmelden</label> + <!--a href="info_mandates.html" + target="_blank" + class="infobutton verticalcenter" + tabindex="5">i</a--> + </div> + </div> + <div id="bkuselectionarea"> + <div id="bkukarte"> + <img class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" + alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" + onClick="bkuOnlineClicked();" tabindex="2" role="button" + value="Karte" /> + </div> + <div id="bkuhandy"> + <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" + alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" + onClick="bkuHandyClicked();" tabindex="3" role="button" + value="HANDY" /> + </div> + </div> + <div id="localBKU"> + <form method="get" id="moaidform" action="#AUTH_URL#" + class="verticalcenter" target="_parent"> + <input type="hidden" name="bkuURI" value="#LOCAL#"> <input + type="hidden" name="useMandate" id="useMandate"> <input + type="hidden" name="SSO" id="useSSO"> <input + type="hidden" name="CCC" id="ccc"> <input type="hidden" + name="MODUL" value="#MODUL#"> <input type="hidden" + name="ACTION" value="#ACTION#"> <input type="hidden" + name="MOASessionID" value="#SESSIONID#"> + <input type="submit" value=">lokale Bürgerkartenumgebung" tabindex="4" + role="button" class="hell" + onclick="setMandateSelection();" + > + <!--p> + <small>Alternativ können Sie eine lokal installierte BKU verwenden.</small> + </p--> + </form> + </div> + + <div id="stork" align="center" style="#STORKVISIBLE#"> + <h2 id="tabheader" class="dunkel">Home Country Selection</h2> + <p> + <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > + #PEPSLIST# + </select> + <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> + <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> + </p> + </div> + + <div id="metroDetected" style="display: none"> + <p>Anscheinend verwenden Sie Internet Explorer im + Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den + Optionen um die Karten-Anmeldung starten zu können.</p> + </div> + </div> + </div> + </div> + </div> + <div id="validation"> + <a href="http://validator.w3.org/check?uri="> <img + style="border: 0; width: 88px; height: 31px" + src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> + </a> <a href="http://jigsaw.w3.org/css-validator/"> <img + style="border: 0; width: 88px; height: 31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div> + </div> +</body> +</html> diff --git a/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html b/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html new file mode 100644 index 000000000..b80d654cc --- /dev/null +++ b/id/server/doc/conf/moa-id/htmlTemplates/sendAssertionFormFull.html @@ -0,0 +1,617 @@ +<!DOCTYPE html> +<html> +<head> + <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> + <!-- MOA-ID 2.x BKUSelection Layout CSS --> + <style type="text/css"> + @media screen and (min-width: 650px) { + + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: center; + background-color: #6B7B8B; + } + + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.7em; + border-radius: 5px; + } + + #bkuselectionarea button { + font-size: 0.85em; + border-radius: 7px; + margin-bottom: 25px; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + + #page { + display: block; + border: 2px solid rgb(0,0,0); + width: 650px; + height: 440px; + margin: 0 auto; + margin-top: 5%; + position: relative; + border-radius: 25px; + background: rgb(255,255,255); + } + + #page1 { + text-align: center; + } + + #main { + /* clear:both; */ + position:relative; + margin: 0 auto; + width: 250px; + text-align: center; + } + + .OA_header { + /* background-color: white;*/ + font-size: 20pt; + margin-bottom: 25px; + margin-top: 25px; + } + + #leftcontent { + width: 300px; + margin-top: 30px; + padding-bottom: 15px; + margin-bottom: 25px; + text-align: left; + border: 1px solid rgb(0,0,0); + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; + } + + #selectArea h3 { + margin-bottom: 25px; + } + + #bku_header { + height: 5%; + padding-bottom: 3px; + padding-top: 3px; + } + + #bkulogin { + overflow:hidden; + min-width: 190px; + min-height: 180px; + /*height: 260px;*/ + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + .setAssertionButton_full { + margin-top: 15px; + width: 100px; + height: 30px; + font-size: 1.3em; + min-height: 1.3em; +/* border-radius: 10px;*/ + } + + #leftbutton { + width: 30%; + float:left; + margin-left: 40px; + } + + #rightbutton { + width: 30%; + float:right; + margin-right: 45px; + text-align: right; + } + + button { + height: 25px; + width: 90px; + margin-bottom: 10px; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } + + } + + @media screen and (max-width: 205px) { + #localBKU p { + font-size: 0.6em; + } + + #localBKU input { + font-size: 0.7em; + min-width: 70px; + min-height: 1.2em; + border-radius: 5px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 0.8em; + min-width: 65px; + min-height: 1.3em; + /* border-radius: 5px; */ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.65em; + } + + #bku_header h2, #selectArea h3 { + font-size: 0.8em; + margin-top: -0.4em; + } + } + + @media screen and (max-width: 249px) and (min-width: 206px) { + #localBKU p { + font-size: 0.7em; + } + + #localBKU input { + font-size: 0.85em; + min-width: 80px; + min-height: 0.95em; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 0.85em; + min-width: 70px; + min-height: 0.95em; + /* border-radius: 6px; */ + margin-bottom: 2% + } + + #mandateLogin { + font-size: 0.75em; + } + + #bku_header h2, #selectArea h3 { + font-size: 0.9em; + margin-top: -0.45em; + } + } + + @media screen and (max-width: 299px) and (min-width: 250px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.0em; + min-height: 1.05em; + /* border-radius: 7px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.0em; + margin-top: -0.50em; + } + } + + @media screen and (max-width: 399px) and (min-width: 300px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.1em; + min-height: 1.2em; + /* border-radius: 8px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.1em; + margin-top: -0.55em; + } + } + + @media screen and (max-width: 649px) and (min-width: 400px) { + #localBKU p { + font-size: 0.9em; + } + + #localBKU input { + font-size: 0.9em; + min-width: 100px; + border-radius: 6px; + } + + #bkuselectionarea button, .setAssertionButton_full { + font-size: 1.3em; + min-height: 1.3em; +/* border-radius: 10px; */ + margin-bottom: 5%; + } + + #mandateLogin { + font-size: 1.2em; + } + + #bku_header h2, #selectArea h3 { + font-size: 1.3em; + margin-top: -0.65em; + } + } + + + + @media screen and (max-width: 649px) { + + body { + margin:0; + padding:0; + color : #000; + text-align: center; + font-size: 100%; + background-color: #MAIN_BACKGOUNDCOLOR#; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0px; + margin-top: 0px; + font-size: 0pt; + visibility: hidden; + } + + #leftcontent { + visibility: visible; + margin-bottom: 0px; + text-align: left; + border:none; + min-width: 190px; +/* min-height: 190px; */ + vertical-align: middle; + + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + padding-top: 1%; + position: relative; + top: 50%; + } + + #bkulogin { + min-width: 190px; + min-height: 150px; + } + + .setAssertionButton_full { + margin-top: 15px; + width: 70%; + height: 11%; + min-width: 60px; + min-height: 25px; + } + + #selectArea h3 { + margin-top: 2%; + } + + button { + height: 11%; + width: 70%; + } + } + + * { + margin: 0; + padding: 0; +/* border: 0; */ + font-family: #FONTTYPE#; + } + + #selectArea { + padding-top: 10px; + padding-bottom: 55px; + padding-left: 10px; + } + + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + + #leftbutton { + width: 35%; + float:left; + margin-left: 15px; + } + + #rightbutton { + width: 35%; + float:right; + margin-right: 25px; + text-align: right; + } + + #stork { + margin-bottom: 10px; + margin-top: 5px; + } + + #mandateLogin { + padding-bottom: 2%; + padding-top: 2%; + height: 10%; + position: relative; + text-align: center; + } + + .verticalcenter { + vertical-align: middle; + } + + #mandateLogin > div { + clear: both; + margin-top: -1%; + position: relative; + top: 50%; + } + + #bkuselectionarea { + position: relative; + display: block; + } + + #localBKU { + padding-left: 5%; + padding-right: 2%; + padding-bottom: 2%; + position: relative; + clear: both; + } + + #bkukarte { + float:left; + text-align:center; + width:40%; + min-height: 70px; + padding-left: 5%; + padding-top: 2%; + } + + #bkuhandy { + float:right; + text-align:center; + width:40%; + min-height: 90px; + padding-right: 5%; + padding-top: 2%; + } + + .bkuimage { + width: 90%; + height: auto; + } + + #mandate{ + text-align:center; + padding : 5px 5px 5px 5px; + } + + button, .sendButton { +/* background: #BUTTON_BACKGROUNDCOLOR#; + color: #BUTTON_COLOR#; */ + cursor: pointer; + +/* border:1px solid #000; + box-shadow: 3px 3px 3px #222222; */ + } + + button:hover, button:focus, button:active, + .sendButton:hover , .sendButton:focus, .sendButton:active, + #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { +/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; + color: #BUTTON_COLOR#; */ + cursor: pointer; + +/* border:1px solid #000; + box-shadow: -1px -1px 3px #222222; */ + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + + .selectText{ + + } + + .selectTextHeader{ + + } + + #leftcontent a { + text-decoration:none; + color: #000; + /* display:block;*/ + padding:4px; + } + + #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { + text-decoration:underline; + color: #000; + } + + .infobutton { + background-color: #005a00; + color: white; + font-family: serif; + text-decoration: none; + padding-top: 2px; + padding-right: 4px; + padding-bottom: 2px; + padding-left: 4px; + font-weight: bold; + } + + .hell { + background-color : #MAIN_BACKGOUNDCOLOR#; + color: #MAIN_COLOR#; + } + + .dunkel { + background-color: #HEADER_BACKGROUNDCOLOR#; + color: #HEADER_COLOR#; + } + + .main_header { + color: black; + font-size: 32pt; + position: absolute; + right: 10%; + top: 40px; + + } + + </style> + + + <title>Anmeldung an Online-Applikation</title> +</head> + + +<body> + <div id="page"> + + <div id="page1" class="case selected-case" role="main"> + +<!-- <h2 class="OA_header">Anmeldung an: #OAName#</h2> --> + + <div id="main"> + <div id="leftcontent" class="hell"> + <div id="bku_header" class="dunkel"> + <h2 id="tabheader" class="dunkel" role="heading"> + Anmeldeinformationen: + </h2> + </div> + + <div id="selectArea" class="hell" role="application"> + <h3>Anmeldung an: #OAName#</h3> + +<!-- <div class="hell"> --> + <div id="leftbutton"> + <form method="post" id="moaidform_yes" action="#URL#"> + <input type="hidden" name="value" value="true"> + <input type="hidden" name="mod" value="#MODUL#"> + <input type="hidden" name="action" value="#ACTION#"> + <input type="hidden" name="identifier" value="#ID#"> + <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + </form> + </div> + <div id="rightbutton"> + <form method="post" id="moaidform_no" action="#URL#"> + <input type="hidden" name="value" value="false"> + <input type="hidden" name="mod" value="#MODUL#"> + <input type="hidden" name="action" value="#ACTION#"> + <input type="hidden" name="identifier" value="#ID#"> + <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + </form> + </div> + + </div> + </div> + </div> + </div> + <div id="validation"> + <a href="http://validator.w3.org/check?uri="> + <img style="border:0;width:88px;height:31px" + src="#CONTEXTPATH#/img/valid-html5-blue.png" + alt="HTML5 ist valide!" /> + </a> + <a href="http://jigsaw.w3.org/css-validator/"> + <img style="border:0;width:88px;height:31px" + src="http://jigsaw.w3.org/css-validator/images/vcss-blue" + alt="CSS ist valide!" /> + </a> + </div> + </div> +</body> +</html> diff --git a/id/server/doc/conf/moa-id/keys/assertion.crt b/id/server/doc/conf/moa-id/keys/assertion.crt new file mode 100644 index 000000000..aa4e23cb1 --- /dev/null +++ b/id/server/doc/conf/moa-id/keys/assertion.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEDDCCAvSgAwIBAgIJAI6ivoxdit5XMA0GCSqGSIb3DQEBBQUAMGExCzAJBgNV +BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxGjAYBgNVBAMTEUFzc2VydGlvbiBTaWduaW5nMB4XDTE0 +MDIwNDEwNDEzOVoXDTI0MDIwMjEwNDEzOVowYTELMAkGA1UEBhMCQVQxEzARBgNV +BAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0 +ZDEaMBgGA1UEAxMRQXNzZXJ0aW9uIFNpZ25pbmcwggEiMA0GCSqGSIb3DQEBAQUA +A4IBDwAwggEKAoIBAQD5tysT9qt3zoIf6GZJP0qCO0wuAD9lS0v6IzF6lKmY2sts +2OHjC2KX2CQWruLmA2bdxeVSX21JrcCJrLh3qzpEkBGrcaqJz2AeJ6jRamYgWa/y ++4AADlPHJntdX3w+H/z6quCgvuylGcOhEo5Eoaef0U1cn3AR5Cu1yAtSMhnhrBU8 +upiHfpRvGx+UA55zQpctlhB8vw2i+6zvFI2MGV5cmJ56dF7IlDa+Yp6udlUhUAEn +SKVLSiEifvnYD3F5F/yHg08zxvjU0Q2Yx/dp+gYK7obZvDtsmPRd24oo+CThhdf9 +8PHtfHew4cwUXyUiMzDYC0i4m8a4FsViryPBnjL9AgMBAAGjgcYwgcMwHQYDVR0O +BBYEFCx2GmAN2fE3EdGbt/9tQZZFKGR6MIGTBgNVHSMEgYswgYiAFCx2GmAN2fE3 +EdGbt/9tQZZFKGR6oWWkYzBhMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29tZS1T +dGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRowGAYDVQQD +ExFBc3NlcnRpb24gU2lnbmluZ4IJAI6ivoxdit5XMAwGA1UdEwQFMAMBAf8wDQYJ +KoZIhvcNAQEFBQADggEBAPIKVBFv+lGInuACtVTVfkhHp9OJWQxDaf6vxYjvqmDl +DZ6XMQgglNRTrF1iXxWGWU+JQQWITAWFeGJ83KhFcP7jycsW3cUmwoQDmI34Zv/b +crS0/NFug/n8hITUCBfZwpyrBXUnJrIqtPdfPXYJNN4D/XHZBJ8NeaQWg8SApJ60 +LuUIAZcFSyTiOC0qI9VlBmSpqp5rJwLnvoadNECubwuHlws0e0lTtRBNOuq0mId3 +0isb3ct7x4628JIWTH1GjuFa05YG1d6Tt0mkyfNXK2I9OYx44b9UrJIpfIDdE6E5 +ljapkxheZJuBZWjH01dgo5/Fl3OLczcWQKdSHdHREfo= +-----END CERTIFICATE----- diff --git a/id/server/doc/conf/moa-id/keys/encryption.crt b/id/server/doc/conf/moa-id/keys/encryption.crt new file mode 100644 index 000000000..c9d94f9b6 --- /dev/null +++ b/id/server/doc/conf/moa-id/keys/encryption.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIID9zCCAt+gAwIBAgIJAMC/5DRgVin3MA0GCSqGSIb3DQEBBQUAMFoxCzAJBgNV +BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxEzARBgNVBAMTCkVuY3J5cHRpb24wHhcNMTQwMjA0MTA0 +MjA2WhcNMjQwMjAyMTA0MjA2WjBaMQswCQYDVQQGEwJBVDETMBEGA1UECBMKU29t +ZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRkMRMwEQYD +VQQDEwpFbmNyeXB0aW9uMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA +qgKWs3IW4giGsbAUm/wRH+lcggVpOPkNqqtNA48Qfwkq/lSWdeHp0+xXOwR1Oull +TpmfbqJouUoHf6jCt1EXqlQR2oQ1oYYjLncVMhZ9ajXVFJEBl6tw9Em4aCzkkTdL +HfWoh21iDnYOXTgP23/59xpuvy85O39hKnysXIcniqeb1uHthMiN25R8g4bPOQNb +OfoMXpXdVbHxM77ZDSbk88BMRsq8SnlPdelaf8HsZomtnLKXvSDLivTZloxtHjBa +aJNS/H1zr3HI+lq4S4VH+8ilj53OeWHjstGCFiTRtZy2hZvG2PegNIL7shMN/h4i +h+OCn/ImAW9Kf599wve5iQIDAQABo4G/MIG8MB0GA1UdDgQWBBQzMzOrGfjN+Tnz +zbFTyLPgHS4FkjCBjAYDVR0jBIGEMIGBgBQzMzOrGfjN+TnzzbFTyLPgHS4FkqFe +pFwwWjELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoT +GEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDETMBEGA1UEAxMKRW5jcnlwdGlvboIJ +AMC/5DRgVin3MAwGA1UdEwQFMAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAADZoknf +lcG0O9sL8CALO6UmPy1+ZlOXndoqqNu3uvzj7hvjT5RPY4hTyfrkUn5EqlHwLSCf +C7rOxcGvRHT3/REwOef8H3MGdSV81esa5EbrRfGWjLOXoQFrIOhz5bxqoU0B7Obh +3IUA2yCGz4SlXjMdMWN670ETglnthdY4z2Ot8n4E2YNXlRSubowat7ylkqjKvyaB +Iz/RVgDxblkOK+bqPSKaNWvadItnMyh7Y8C3LD3tQpwYViJ0QOJ9BMujULma7Tb8 +lVIhmx3y2cU8nCqG0VPSTE6AMnuONuQjJTGFsRdDREFrALtjUpsUOXU6+19ywYSi +LYiLYskPglktuck= +-----END CERTIFICATE----- diff --git a/id/server/doc/conf/moa-id/keys/metadata.crt b/id/server/doc/conf/moa-id/keys/metadata.crt new file mode 100644 index 000000000..bd9640b37 --- /dev/null +++ b/id/server/doc/conf/moa-id/keys/metadata.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIECTCCAvGgAwIBAgIJAIHjIpba8E6mMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNV +BAYTAkFUMRMwEQYDVQQIEwpTb21lLVN0YXRlMSEwHwYDVQQKExhJbnRlcm5ldCBX +aWRnaXRzIFB0eSBMdGQxGTAXBgNVBAMTEE1ldGFkYXRhIFNpZ25pbmcwHhcNMTQw +MjA0MTA0MTA4WhcNMjQwMjAyMTA0MTA4WjBgMQswCQYDVQQGEwJBVDETMBEGA1UE +CBMKU29tZS1TdGF0ZTEhMB8GA1UEChMYSW50ZXJuZXQgV2lkZ2l0cyBQdHkgTHRk +MRkwFwYDVQQDExBNZXRhZGF0YSBTaWduaW5nMIIBIjANBgkqhkiG9w0BAQEFAAOC +AQ8AMIIBCgKCAQEAvfDn2hbBnvywRNc7wmToItDzXitkl9nfM9Q3ubEN9qAh4/PD +ICrKdzFBq08a7NR5xNJhDCUhhZ/W20ZJvh+1dwQdgSzanA91iVKbL4YFYKbnM9/x +tarTAMZMWH34qIkfwkKyTEDWeOqFG2653azO5e+0DFiBV7AytR3dmy1ZnJoqhGIY +O4EzINikof1M7t5I8xBS3gAyQKyu0yhbj5AyUujpNIPX0JeE1C1DsrHaeuAHZXLh +zHEWSG3NVXrn8HAXAAtqGJ+E9SRztqsigDjNjbqrrp/vmPUag9Rb2o8/flEZTPRS +ttCQTHK8jst/I2qgLkePB5kSp65caXUf4xuFqQIDAQABo4HFMIHCMB0GA1UdDgQW +BBQFbqjmW9JHVCWwocMdO0EodAfy/jCBkgYDVR0jBIGKMIGHgBQFbqjmW9JHVCWw +ocMdO0EodAfy/qFkpGIwYDELMAkGA1UEBhMCQVQxEzARBgNVBAgTClNvbWUtU3Rh +dGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEZMBcGA1UEAxMQ +TWV0YWRhdGEgU2lnbmluZ4IJAIHjIpba8E6mMAwGA1UdEwQFMAMBAf8wDQYJKoZI +hvcNAQEFBQADggEBAECK58eJgkd54gQAV9gGXRC2LV1tdBzn89Q57Ff/UwBQzN0M ++uytem8lwVCpUeAk6N01/krzmSbJojqpXId+O/iHhQ8lwDmJnXRrCZH7APiQ3yC0 +p4ufWtxhqixc+Itl96HzHDRXb7eZkXdVERGM26UGwyaBfxkIcLdpMoojlHBJlHaA +oHDYiJHQBmqk5+YMOuEOnpsKY0115MZ38DoppNfeAFG8K4ZDI5vH9VWk8PDJu+jv +tWbhXNsKiiCMdZrsnvGjxPpk/6zJpJpBcwCzhIvnaEobijKMO+6aH/6zfbB6JKn/ +Dz3Rw+0WbypFYbbpIzWRCkXSAQju/w3vHBGnCyI= +-----END CERTIFICATE----- diff --git a/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 b/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 Binary files differnew file mode 100644 index 000000000..78cab1e89 --- /dev/null +++ b/id/server/doc/conf/moa-id/keys/moa_idp[password].p12 diff --git a/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks b/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks Binary files differnew file mode 100644 index 000000000..8196ab319 --- /dev/null +++ b/id/server/doc/conf/moa-id/keys/storkDemoKeys.jks diff --git a/id/server/doc/conf/moa-id/log4j.properties b/id/server/doc/conf/moa-id/log4j.properties new file mode 100644 index 000000000..310b58a3d --- /dev/null +++ b/id/server/doc/conf/moa-id/log4j.properties @@ -0,0 +1,27 @@ +# commons-logging setup +org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory + +# define log4j root loggers +log4j.rootLogger=info, stdout, R +log4j.logger.at.gv.egovernment.moa=info +log4j.logger.at.gv.egovernment.moa.spss=info +log4j.logger.iaik.server=info +log4j.logger.at.gv.egovernment.moa.id=info +log4j.logger.at.gv.egovernment.moa.id.proxy=info +log4j.logger.eu.stork=info +log4j.logger.org.hibernate=warn + +# configure the stdout appender +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +#log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n +log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20.20c | %10t | %m%n + +# configure the rolling file appender (R) +log4j.appender.R=org.apache.log4j.RollingFileAppender +log4j.appender.R.File=${catalina.base}/logs/moa-id.log +log4j.appender.R.MaxFileSize=10000KB +log4j.appender.R.MaxBackupIndex=1 +log4j.appender.R.layout=org.apache.log4j.PatternLayout +log4j.appender.R.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n + diff --git a/id/server/doc/conf/moa-id/moa-id.properties b/id/server/doc/conf/moa-id/moa-id.properties new file mode 100644 index 000000000..bf9cf84d0 --- /dev/null +++ b/id/server/doc/conf/moa-id/moa-id.properties @@ -0,0 +1,117 @@ +##General MOA-ID 2.0 Configuration + +#MOA-ID 2.0 XML configuration files (necessary, if inmemory database is used) +#configuration.xml=$PATH_TO_CONFIG$/conf/moa-id/MOAIDConfiguration-2.0.xml + +##For Testing +configuration.validation.certificate.QC.ignore=false +protocols.pvp2.assertion.encryption.active=false + +##General MOA-ID 2.0 operations +#MOA-ID 2.0 session information encryption key (PassPhrase) +configuration.moasession.key=SessionEncryptionKey + +#MOA-ID 2.0 Monitoring Servlet +configuration.monitoring.active=false +configuration.monitoring.message.success=All Tests passed! +configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/monitoring/monitoring_idl.xml + +#MOA-ID 2.0 Advanced Logging +configuration.advancedlogging.active=false + +##Webservice Client Configuration +#MOA-SP webservice +#service.moasp.acceptedServerCertificates= +#service.moasp.clientKeyStore= +#service.moasp.clientKeyStorePassword= + +#Online mandates webservice (MIS) +service.onlinemandates.acceptedServerCertificates= +service.onlinemandates.clientKeyStore=keys/.... +service.onlinemandates.clientKeyStorePassword= + +#Foreign Identities (SZRGW) +service.foreignidentities.acceptedServerCertificates= +service.foreignidentities.clientKeyStore=keys/.... +service.foreignidentities.clientKeyStorePassword= + + +##Protocol configuration## +#PVP2 +protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12 +protocols.pvp2.idp.ks.kspassword=password +protocols.pvp2.idp.ks.metadata.alias=pvp_metadata +protocols.pvp2.idp.ks.metadata.keypassword=password +protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion +protocols.pvp2.idp.ks.assertion.sign.keypassword=password + +#OpenID connect (OAuth) +protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp.p12 +protocols.oauth20.jwt.ks.password=password +protocols.oauth20.jwt.ks.key.name=oauth +protocols.oauth20.jwt.ks.key.password=password + +##Database configuration## +#Hibnerate configuration for MOA-ID 2.0 session store +moasession.hibernate.dialect=org.hibernate.dialect.MySQLDialect +moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8 +moasession.hibernate.connection.charSet=utf-8 +moasession.hibernate.connection.driver_class=com.mysql.jdbc.Driver +moasession.hibernate.connection.username= +moasession.hibernate.connection.password= + +moasession.hibernate.hbm2ddl.auto=update +moasession.hibernate.current_session_context_class=thread +moasession.hibernate.transaction.flush_before_completion=true +moasession.hibernate.transaction.auto_close_session=true +moasession.hibernate.show_sql=false +moasession.hibernate.format_sql=true +moasession.hibernate.c3p0.acquire_increment=3 +moasession.hibernate.c3p0.idle_test_period=60 +moasession.hibernate.c3p0.timeout=60 +moasession.hibernate.c3p0.max_size=20 +moasession.hibernate.c3p0.max_statements=0 +moasession.hibernate.c3p0.min_size=3 + +#Hibnerate configuration for MOA-ID 2.0 configuration +configuration.hibernate.dialect=org.hibernate.dialect.MySQLDialect +configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true +configuration.hibernate.connection.charSet=utf-8 +configuration.hibernate.connection.driver_class=com.mysql.jdbc.Driver +configuration.hibernate.connection.username= +configuration.hibernate.connection.password= + +configuration.hibernate.hbm2ddl.auto=update +configuration.hibernate.current_session_context_class=thread +configuration.hibernate.transaction.auto_close_session=true +configuration.hibernate.show_sql=false +configuration.hibernate.format_sql=true +configuration.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider +configuration.hibernate.c3p0.acquire_increment=3 +configuration.hibernate.c3p0.idle_test_period=60 +configuration.hibernate.c3p0.timeout=300 +configuration.hibernate.c3p0.max_size=20 +configuration.hibernate.c3p0.max_statements=0 +configuration.hibernate.c3p0.min_size=3 + +# +#Hibnerate configuration for MOA-ID 2.0 advanced statistic logging +advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQLDialect +advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true +advancedlogging.hibernate.connection.charSet=utf-8 +advancedlogging.hibernate.connection.driver_class=com.mysql.jdbc.Driver +advancedlogging.hibernate.connection.username= +advancedlogging.hibernate.connection.password= + +advancedlogging.hibernate.hbm2ddl.auto=update +advancedlogging.hibernate.current_session_context_class=thread +advancedlogging.hibernate.transaction.auto_close_session=true +advancedlogging.hibernate.show_sql=false +advancedlogging.hibernate.format_sql=true +advancedlogging.hibernate.connection.provider_class=org.hibernate.service.jdbc.connections.internal.C3P0ConnectionProvider +advancedlogging.hibernate.c3p0.acquire_increment=3 +advancedlogging.hibernate.c3p0.idle_test_period=60 +advancedlogging.hibernate.c3p0.timeout=300 +advancedlogging.hibernate.c3p0.max_size=20 +advancedlogging.hibernate.c3p0.max_statements=0 +advancedlogging.hibernate.c3p0.min_size=3 diff --git a/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt b/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt new file mode 100644 index 000000000..7c3252dcb --- /dev/null +++ b/id/server/doc/conf/moa-id/monitoring/MOA-ID-Auth_Monitoring.crt @@ -0,0 +1,18 @@ +-----BEGIN CERTIFICATE----- +MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL +BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN +MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG +A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y +/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD +31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa +Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN +QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5 +bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA +ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj +COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS +QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ +ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V +GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA +RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw== +-----END CERTIFICATE----- diff --git a/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml b/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml new file mode 100644 index 000000000..6a0602c04 --- /dev/null +++ b/id/server/doc/conf/moa-id/monitoring/monitoring_idl.xml @@ -0,0 +1,87 @@ +<?xml version="1.0" encoding="UTF-8"?> +<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID13456264458587874" IssueInstant="2012-08-22T11:07:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <saml:AttributeStatement> + <saml:Subject> + <saml:SubjectConfirmation> + <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod> + <saml:SubjectConfirmationData> + <pr:Person si:type="pr:PhysicalPersonType"> + <pr:Identification> + <pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value> + <pr:Type>urn:publicid:gv.at:baseid</pr:Type> + </pr:Identification> + <pr:Name> + <pr:GivenName>XXXRúùd</pr:GivenName> + <pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy</pr:FamilyName> + </pr:Name> + <pr:DateOfBirth>1969-02-13</pr:DateOfBirth> + </pr:Person> + </saml:SubjectConfirmationData> + </saml:SubjectConfirmation> + </saml:Subject> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <ecdsa:ECDSAKeyValue> + <ecdsa:DomainParameters> + <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/> + </ecdsa:DomainParameters> + <ecdsa:PublicKey> + <ecdsa:X Value="22280299907126338788314199678167217078072953115254374209747379168424021905237" si:type="ecdsa:PrimeFieldElemType"/> + <ecdsa:Y Value="40387096985250872237992703378062984723606079359080588656963239072881568409170" si:type="ecdsa:PrimeFieldElemType"/> + </ecdsa:PublicKey> + </ecdsa:ECDSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"> + <saml:AttributeValue> + <dsig:RSAKeyValue> + <dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/ +t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm +P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg +gaM2EyuB1HxH8/+Mfqa4UgeqIH65</dsig:Modulus> + <dsig:Exponent>AQAB</dsig:Exponent> + </dsig:RSAKeyValue> + </saml:AttributeValue> + </saml:Attribute> + </saml:AttributeStatement> + <dsig:Signature> + <dsig:SignedInfo> + <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/> + <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> + <dsig:Reference URI=""> + <dsig:Transforms> + <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> + </dsig:Transforms> + <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> + <dsig:DigestValue>s/7GYPVfkHIvy5RcB5QRnXVSWwo=</dsig:DigestValue> + </dsig:Reference> + </dsig:SignedInfo> + <dsig:SignatureValue>LSsx2zO/XyJ9RCEcChmQ2+251PtaFz07sBw1DBw0Eui4mjRRMSaKXxD0GoQDRzvQQNYusLNqpGiixscBIb4XcR8ipSjZVPnH2E19o/O2fz2uFDWnlCHEhhG8OMNT2XzS6lZtMSSzVcAJINLBlz6DKG63+NhClb+1lUHoLa5CpwYDW/guVKLng8PNElBY5mw3GOSL8PskFsYK+bnRUAvvgGigm3XLtlZ4QQWDsGBNgJxW0boAm5vei+YVHVxrkL2YDkdvGUmD+RjzwZx8fxlfN4ajR00Q5mNc0xQtaL/g+vKdL6EeegZAKPZ/jrEpN0RZfuxPaAmt4t0Jav51mTKa4w==</dsig:SignatureValue> + <dsig:KeyInfo> + <dsig:KeyValue> + <dsig:RSAKeyValue> + <dsig:Modulus>lJAFH5vcqZFSSU72WZDNW1YJjhj+YjcVHkmZrmGOiyYpoV8usTHClcxkikMWWNQu0XX6k5qWfrquWpEE6/OSEm9jnEPfUYQbVdGLqtbEsY5uZO4bZl5KHcqk85F5TKuStDZQVASjli1z8L8B3e9Al3DeE9oqiLRSzODJ/drVEPxvYR7CphfE8cyiu1LNumD1xnsFiDb6IAXZZuACZTHQqnsa981Cc8xZm27QT+kESflApzpRmbUXQpH9Wr/KYN0Q+Vf7jbrUCTbqXIklyfQFFGCuQrltx5379K/HNc1p7Td49LHir2DhUtnD6PbyUimTWeAfxXwQCPNAM4HO9BDqOw==</dsig:Modulus> + <dsig:Exponent>AAEAAQ==</dsig:Exponent> + </dsig:RSAKeyValue> + </dsig:KeyValue> + <dsig:X509Data> + <dsig:X509Certificate>MIIC8TCCAdkCBFM0RyYwDQYJKoZIhvcNAQEFBQAwPTELMAkGA1UEBhMCQVQxDTAL +BgNVBAoMBEVHSVoxHzAdBgNVBAMMFk1PQS1JRC1BdXRoX01vbml0b3JpbmcwHhcN +MTQwMzI3MTU0MzM0WhcNMTYwOTEyMTU0MzM0WjA9MQswCQYDVQQGEwJBVDENMAsG +A1UECgwERUdJWjEfMB0GA1UEAwwWTU9BLUlELUF1dGhfTW9uaXRvcmluZzCCASIw +DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJSQBR+b3KmRUklO9lmQzVtWCY4Y +/mI3FR5Jma5hjosmKaFfLrExwpXMZIpDFljULtF1+pOaln66rlqRBOvzkhJvY5xD +31GEG1XRi6rWxLGObmTuG2ZeSh3KpPOReUyrkrQ2UFQEo5Ytc/C/Ad3vQJdw3hPa +Koi0Uszgyf3a1RD8b2EewqYXxPHMortSzbpg9cZ7BYg2+iAF2WbgAmUx0Kp7GvfN +QnPMWZtu0E/pBEn5QKc6UZm1F0KR/Vq/ymDdEPlX+4261Ak26lyJJcn0BRRgrkK5 +bced+/SvxzXNae03ePSx4q9g4VLZw+j28lIpk1ngH8V8EAjzQDOBzvQQ6jsCAwEA +ATANBgkqhkiG9w0BAQUFAAOCAQEAPis2r4hI6ld6KDnHs+f8wC3Vr/atFqeryqlj +COIoX6HoxSczvGY7uimek43ezD+PDUntohrlukZO6YfqKrlgKBWg1kiBxK0ISZkS +QgIraHexuT6eZ4558I43eGEiATzEkb+h60aO4YI7IyVbS5T9Rwb8fv9LzUgDtTtZ +ALtVVr9c3ZG+O7bYEFNA0jkHU3n8gzLNsR5TVB8S693VDv8OMn8oef0EXRCuTW9V +GUQyNpAO/gtlSW43NOc/ZL4lPdl0qzYtil5mKUTvuMvec37lhlpbzywSHq8boGBA +RDjfEDR8ObgjGU7ik9nBkNMgeB6rEOAYZmiCZVMMUxPuIF9Nzw==</dsig:X509Certificate> + </dsig:X509Data> + </dsig:KeyInfo> + </dsig:Signature> +</saml:Assertion> diff --git a/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml new file mode 100644 index 000000000..fc99cea79 --- /dev/null +++ b/id/server/doc/conf/moa-id/oa/BasicOAConfiguration.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet --> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateless</LoginType> + <BasicAuth> + <UserID>MOAFamilyName</UserID> + <Password>MOAGivenName</Password> + </BasicAuth> +</Configuration> diff --git a/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml new file mode 100644 index 000000000..4d34c3646 --- /dev/null +++ b/id/server/doc/conf/moa-id/oa/HeaderOAConfiguration.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Header Authentication zur Uebergabe der Parameter verwendet --> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateless</LoginType> + <HeaderAuth> + <!-- zusaetzlicher Header GivenName --> + <Header Name="X-MOAParameterGivenName" Value="MOAGivenName"></Header> + <Header Name="X-MOAParameterFamilyName" Value="MOAFamilyName"></Header> + </HeaderAuth> +</Configuration> diff --git a/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml new file mode 100644 index 000000000..979faca95 --- /dev/null +++ b/id/server/doc/conf/moa-id/oa/ParamOAConfiguration.xml @@ -0,0 +1,10 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Demokonfiguration fuer eine Online Applikation (OA) welche Parameter Authentication verwendet --> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateless</LoginType> + <ParamAuth> + <!-- URL Parameter GivenName und FamilyName --> + <Parameter Name="GivenName" Value="MOAGivenName"></Parameter> + <Parameter Name="FamilyName" Value="MOAFamilyName"></Parameter> + </ParamAuth> +</Configuration> diff --git a/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml new file mode 100644 index 000000000..edbfe7aa5 --- /dev/null +++ b/id/server/doc/conf/moa-id/oa/SampleOAConfiguration.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Demokonfiguration fuer Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet --> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateless</LoginType> + <BasicAuth> + <UserID>MOAFamilyName</UserID> + <Password>MOAGivenName</Password> + </BasicAuth> +</Configuration> diff --git a/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml b/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml new file mode 100644 index 000000000..2cff3bd67 --- /dev/null +++ b/id/server/doc/conf/moa-id/oa/SamplewbPKOAConfiguration.xml @@ -0,0 +1,9 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!-- Demokonfiguration fuer eine Online Applikation (OA) welche 401 Basic Authentication zur Uebergabe der Parameter verwendet --> +<Configuration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> + <LoginType>stateless</LoginType> + <BasicAuth> + <UserID>MOAWBPK</UserID> + <Password>MOAGivenName</Password> + </BasicAuth> +</Configuration> diff --git a/id/server/doc/conf/moa-id/stork/SamlEngine.xml b/id/server/doc/conf/moa-id/stork/SamlEngine.xml new file mode 100644 index 000000000..166a48ff8 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/SamlEngine.xml @@ -0,0 +1,70 @@ +<?xml version="1.0" encoding="UTF-8"?> +<instances> + + + <!-- Configuration name--> + <instance name="outgoing"> + <!-- Configurations parameters StorkSamlEngine --> + <configuration name="SamlEngineConf"> + <parameter name="fileConfiguration" value="StorkSamlEngine_outgoing.xml" /> + </configuration> + + <!-- Settings module signature--> + <configuration name="SignatureConf"> + <!-- Specific signature module --> + <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> + <!-- Settings specific module --> + <parameter name="fileConfiguration" value="SignModule_outgoing.xml" /> + </configuration> + </instance> + + <instance name="incoming"> + <!-- Configurations parameters StorkSamlEngine --> + <configuration name="SamlEngineConf"> + <parameter name="fileConfiguration" value="StorkSamlEngine_incoming.xml" /> + </configuration> + + <!-- Settings module signature--> + <configuration name="SignatureConf"> + <!-- Specific signature module --> + <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> + <!-- Settings specific module --> + <parameter name="fileConfiguration" value="SignModule_incoming.xml" /> + </configuration> + </instance> + + + <instance name="incoming_attr"> + <!-- Configurations parameters StorkSamlEngine --> + <configuration name="SamlEngineConf"> + <parameter name="fileConfiguration" value="StorkSamlEngine_incoming_attr.xml" /> + </configuration> + + <!-- Settings module signature--> + <configuration name="SignatureConf"> + <!-- Specific signature module --> + <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> + <!-- Settings specific module --> + <parameter name="fileConfiguration" value="SignModule_incoming_attr.xml" /> + </configuration> + </instance> + + + <instance name="VIDP"> + <!-- Configurations parameters StorkSamlEngine --> + <configuration name="SamlEngineConf"> + <parameter name="fileConfiguration" value="StorkSamlEngine_VIDP.xml" /> + </configuration> + + <!-- Settings module signature--> + <configuration name="SignatureConf"> + <!-- Specific signature module --> + <parameter name="class" value="eu.stork.peps.auth.engine.core.impl.SignSW" /> + <!-- Settings specific module --> + <parameter name="fileConfiguration" value="SignModule_incoming.xml" /> + </configuration> + </instance> + + + +</instances> diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml new file mode 100644 index 000000000..68b15e667 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/SignModule_incoming.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SWModule sign with JKS.</comment> + <entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry> + <entry key="keyStorePassword">local-demo</entry> + <entry key="keyPassword">local-demo</entry> + <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> + <entry key="serialNumber">4BA89DB2</entry> + <entry key="keystoreType">JKS</entry> +</properties> diff --git a/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml new file mode 100644 index 000000000..68b15e667 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/SignModule_incoming_attr.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SWModule sign with JKS.</comment> + <entry key="keystorePath">/home/stork/repos/moa-idspss/id/server/data/deploy/conf/moa-id/stork/storkDemoKeysPT.jks</entry> + <entry key="keyStorePassword">local-demo</entry> + <entry key="keyPassword">local-demo</entry> + <entry key="issuer">CN=local-demo, O=Indra, L=Madrid, ST=Spain, C=ES</entry> + <entry key="serialNumber">4BA89DB2</entry> + <entry key="keystoreType">JKS</entry> +</properties> diff --git a/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml b/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml new file mode 100644 index 000000000..7139c5a41 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/SignModule_outgoing.xml @@ -0,0 +1,12 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SWModule sign with JKS.</comment> + <entry key="keystorePath">projects/stork2/code/moa-idspss/id/server/stork2-saml-engine/src/test/resources/storkDemoKeys.jks</entry> + <entry key="keyStorePassword">local-demo</entry> + <entry key="keyPassword">local-demo</entry> + <entry key="issuer">CN=local-demo-cert, O=Indra, L=Madrid, ST=Spain, C=ES</entry> + <entry key="serialNumber">4BA89DB2</entry> + <entry key="keystoreType">JKS</entry> +</properties>
\ No newline at end of file diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml new file mode 100644 index 000000000..83e69ac23 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_VIDP.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SAML constants for AuthnRequests and Responses.</comment> + + <!-- + Types of consent obtained from the user for this authentication and + data transfer. + Allow values: 'unspecified'. + --> + <entry key="consentAuthnRequest">unspecified</entry> + + <!-- + Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. + --> + <entry key="consentAuthnResponse">obtained</entry> + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + --> + <entry key="formatEntity">entity</entry> + + <!--Only HTTP-POST binding is only supported for inter PEPS--> + <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> + <entry key="protocolBinding">HTTP-POST</entry> + + + + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + <entry key="eIDSectorShare">true</entry> + <entry key="eIDCrossSectorShare">true</entry> + <entry key="eIDCrossBorderShare">true</entry> + --> + + + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="friendlyName">false</entry> + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="isRequired">true</entry> + + <!--PEPS in the Service Provider's country--> + <entry key="requester">http://S-PEPS.gov.xx</entry> + + <!--PEPS in the citizen's origin country--> + <entry key="responder">http://C-PEPS.gov.xx</entry> + + <!--Subject cannot be confirmed on or after this seconds time (positive number)--> + <entry key="timeNotOnOrAfter">300</entry> + + <!--Validation IP of the response--> + <entry key="ipAddrValidation">false</entry> + + + <!--Subject Attribute Definitions--> + <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> + <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> + <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> + <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> + <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> + <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> + <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> + <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> + <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> + <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> + <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> + <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> + <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> + <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> + <entry key="age">http://www.stork.gov.eu/1.0/age</entry> + <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> + <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> + + <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> + <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> + + <entry key="title">http://www.stork.gov.eu/1.0/title</entry> + <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> + + <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> + <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> + + <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> + <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> + <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> + <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> + <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> + <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> + +</properties> diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml new file mode 100644 index 000000000..83e69ac23 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SAML constants for AuthnRequests and Responses.</comment> + + <!-- + Types of consent obtained from the user for this authentication and + data transfer. + Allow values: 'unspecified'. + --> + <entry key="consentAuthnRequest">unspecified</entry> + + <!-- + Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. + --> + <entry key="consentAuthnResponse">obtained</entry> + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + --> + <entry key="formatEntity">entity</entry> + + <!--Only HTTP-POST binding is only supported for inter PEPS--> + <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> + <entry key="protocolBinding">HTTP-POST</entry> + + + + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + <entry key="eIDSectorShare">true</entry> + <entry key="eIDCrossSectorShare">true</entry> + <entry key="eIDCrossBorderShare">true</entry> + --> + + + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="friendlyName">false</entry> + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="isRequired">true</entry> + + <!--PEPS in the Service Provider's country--> + <entry key="requester">http://S-PEPS.gov.xx</entry> + + <!--PEPS in the citizen's origin country--> + <entry key="responder">http://C-PEPS.gov.xx</entry> + + <!--Subject cannot be confirmed on or after this seconds time (positive number)--> + <entry key="timeNotOnOrAfter">300</entry> + + <!--Validation IP of the response--> + <entry key="ipAddrValidation">false</entry> + + + <!--Subject Attribute Definitions--> + <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> + <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> + <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> + <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> + <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> + <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> + <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> + <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> + <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> + <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> + <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> + <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> + <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> + <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> + <entry key="age">http://www.stork.gov.eu/1.0/age</entry> + <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> + <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> + + <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> + <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> + + <entry key="title">http://www.stork.gov.eu/1.0/title</entry> + <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> + + <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> + <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> + + <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> + <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> + <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> + <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> + <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> + <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> + +</properties> diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml new file mode 100644 index 000000000..83e69ac23 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_incoming_attr.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SAML constants for AuthnRequests and Responses.</comment> + + <!-- + Types of consent obtained from the user for this authentication and + data transfer. + Allow values: 'unspecified'. + --> + <entry key="consentAuthnRequest">unspecified</entry> + + <!-- + Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. + --> + <entry key="consentAuthnResponse">obtained</entry> + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + --> + <entry key="formatEntity">entity</entry> + + <!--Only HTTP-POST binding is only supported for inter PEPS--> + <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> + <entry key="protocolBinding">HTTP-POST</entry> + + + + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + <entry key="eIDSectorShare">true</entry> + <entry key="eIDCrossSectorShare">true</entry> + <entry key="eIDCrossBorderShare">true</entry> + --> + + + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="friendlyName">false</entry> + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="isRequired">true</entry> + + <!--PEPS in the Service Provider's country--> + <entry key="requester">http://S-PEPS.gov.xx</entry> + + <!--PEPS in the citizen's origin country--> + <entry key="responder">http://C-PEPS.gov.xx</entry> + + <!--Subject cannot be confirmed on or after this seconds time (positive number)--> + <entry key="timeNotOnOrAfter">300</entry> + + <!--Validation IP of the response--> + <entry key="ipAddrValidation">false</entry> + + + <!--Subject Attribute Definitions--> + <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> + <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> + <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> + <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> + <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> + <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> + <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> + <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> + <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> + <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> + <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> + <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> + <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> + <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> + <entry key="age">http://www.stork.gov.eu/1.0/age</entry> + <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> + <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> + + <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> + <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> + + <entry key="title">http://www.stork.gov.eu/1.0/title</entry> + <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> + + <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> + <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> + + <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> + <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> + <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> + <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> + <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> + <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> + +</properties> diff --git a/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml new file mode 100644 index 000000000..b095b9e7e --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/StorkSamlEngine_outgoing.xml @@ -0,0 +1,94 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd"> + +<properties> + <comment>SAML constants for AuthnRequests and Responses.</comment> + + <!-- + Types of consent obtained from the user for this authentication and + data transfer. + Allow values: 'unspecified'. + --> + <entry key="consentAuthnRequest">unspecified</entry> + + <!-- + Allow values: 'obtained', 'prior', 'current-implicit', 'current-explicit', 'unspecified'. + --> + <entry key="consentAuthnResponse">obtained</entry> + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + --> + <entry key="formatEntity">entity</entry> + + <!--Only HTTP-POST binding is only supported for inter PEPS--> + <!--The SOAP binding is only supported for direct communication between SP-MW and VIdP--> + <entry key="protocolBinding">HTTP-POST</entry> + + + + + <!--URI representing the classification of the identifier + Allow values: 'entity'. + <entry key="eIDSectorShare">true</entry> + <entry key="eIDCrossSectorShare">true</entry> + <entry key="eIDCrossBorderShare">true</entry> + --> + + + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="friendlyName">false</entry> + + <!-- A friendly name for the attribute that can be displayed to a user --> + <entry key="isRequired">true</entry> + + <!--PEPS in the Service Provider's country--> + <entry key="requester">http://S-PEPS.gov.xx</entry> + + <!--PEPS in the citizen's origin country--> + <entry key="responder">http://C-PEPS.gov.xx</entry> + + <!--Subject cannot be confirmed on or after this seconds time (positive number)--> + <entry key="timeNotOnOrAfter">300</entry> + + <!--Validation IP of the response--> + <entry key="ipAddrValidation">false</entry> + + + <!--Subject Attribute Definitions--> + <entry key="eIdentifier">http://www.stork.gov.eu/1.0/eIdentifier</entry> + <entry key="givenName">http://www.stork.gov.eu/1.0/givenName</entry> + <entry key="surname">http://www.stork.gov.eu/1.0/surname</entry> + <entry key="inheritedFamilyName">http://www.stork.gov.eu/1.0/inheritedFamilyName</entry> + <entry key="adoptedFamilyName">http://www.stork.gov.eu/1.0/adoptedFamilyName</entry> + <entry key="gender">http://www.stork.gov.eu/1.0/gender</entry> + <entry key="dateOfBirth">http://www.stork.gov.eu/1.0/dateOfBirth</entry> + <entry key="countryCodeOfBirth">http://www.stork.gov.eu/1.0/countryCodeOfBirth</entry> + <entry key="nationalityCode">http://www.stork.gov.eu/1.0/nationalityCode</entry> + <entry key="maritalStatus">http://www.stork.gov.eu/1.0/maritalStatus</entry> + <entry key="residenceAddress">http://www.stork.gov.eu/1.0/residenceAddress</entry> + <entry key="eMail">http://www.stork.gov.eu/1.0/eMail</entry> + <entry key="academicTitle">http://www.stork.gov.eu/1.0/academicTitle</entry> + <entry key="pseudonym">http://www.stork.gov.eu/1.0/pseudonym</entry> + <entry key="age">http://www.stork.gov.eu/1.0/age</entry> + <entry key="isAgeOver">http://www.stork.gov.eu/1.0/isAgeOver</entry> + <entry key="fiscalNumber">http://www.stork.gov.eu/1.0/fiscalNumber</entry> + + <entry key="textResidenceAddress">http://www.stork.gov.eu/1.0/textResidenceAddress</entry> + <entry key="canonicalResidenceAddress">http://www.stork.gov.eu/1.0/canonicalResidenceAddress</entry> + + <entry key="title">http://www.stork.gov.eu/1.0/title</entry> + <entry key="residencePermit">http://www.stork.gov.eu/1.0/residencePermit</entry> + + <entry key="signedDoc">http://www.stork.gov.eu/1.0/signedDoc</entry> + <entry key="citizen509Certificate">http://www.stork.gov.eu/1.0/citizen509Certificate</entry> + + <entry key="newAttribute1">http://www.stork.gov.eu/1.0/newAttribute1</entry> + <entry key="newAttribute2">http://www.stork.gov.eu/1.0/newAttribute2</entry> + <entry key="hasDegree">http://www.stork.gov.eu/1.0/hasDegree</entry> + <entry key="mandateContent">http://www.stork.gov.eu/1.0/mandateContent</entry> + <entry key="representative">http://www.stork.gov.eu/1.0/representative</entry> + <entry key="represented">http://www.stork.gov.eu/1.0/represented</entry> + +</properties>
\ No newline at end of file diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks Binary files differnew file mode 100644 index 000000000..f9baad202 --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/storkDemoKeysPT.jks diff --git a/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks b/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks Binary files differnew file mode 100644 index 000000000..efaeac86c --- /dev/null +++ b/id/server/doc/conf/moa-id/stork/storkDemoKeys_minividp_old.jks diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml new file mode 100644 index 000000000..1165d8b32 --- /dev/null +++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE.xml @@ -0,0 +1,161 @@ +<sl10:TransformsInfo> + <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"> + <xsl:output method="xml" xml:space="default"/> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html> + <head> + <title>Signatur der Anmeldedaten</title> + <style type="text/css" media="screen"> + .normalstyle { font-size: medium; } + .italicstyle { font-size: medium; font-style: italic; } + .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } + .h4style{ font-size: large; } + </style> + </head> + <body> + <h4 class="h4style">Anmeldedaten:</h4> + <p class="titlestyle">Daten zur Person</p> + <table class="parameters"> + <xsl:if test="normalize-space(//@Issuer)"> + <tr> + <td class="italicstyle">Name:</td> + <td class="normalstyle"> + <xsl:value-of select="//@Issuer"/> + </td> + </tr> + </xsl:if> + <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"> + <tr> + <td class="italicstyle">Geburtsdatum:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + <tr> + <td class="italicstyle">Rolle:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"> + <tr> + <td class="italicstyle">Vollmacht:</td> + <td class="normalstyle"> + <xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text> + </td> + </tr> + </xsl:if> + </table> + <p class="titlestyle">Daten zur Anwendung</p> + <table class="parameters"> + <tr> + <td class="italicstyle">Name:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td class="italicstyle">Staat:</td> + <td class="normalstyle">Österreich</td> + </tr> + </table> + <p class="titlestyle">Technische Parameter</p> + <table class="parameters"> + <tr> + <td class="italicstyle">URL:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/> + </td> + </tr> + <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"> + <tr> + <td class="italicstyle">Bereich:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"> + <tr> + <td class="italicstyle"> + Vollmachten-Referenz:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"> + <tr> + <td class="italicstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"> + <tr> + <td class="italicstyle">Identifikator:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + <tr> + <td class="italicstyle">OID:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <tr> + <td class="italicstyle">HPI:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <tr> + <td class="italicstyle">Datum:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//@IssueInstant,9,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,6,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,1,4)"/> + </td> + </tr> + <tr> + <td class="italicstyle">Uhrzeit:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//@IssueInstant,12,2)"/> + <xsl:text>:</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,15,2)"/> + <xsl:text>:</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,18,2)"/> + </td> + </tr> + </table> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> + </dsig:Transforms> + <sl10:FinalDataMetaInfo> + <sl10:MimeType>application/xhtml+xml</sl10:MimeType> + </sl10:FinalDataMetaInfo> +</sl10:TransformsInfo> diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml new file mode 100644 index 000000000..e225ca6e0 --- /dev/null +++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_DE_2.0.xml @@ -0,0 +1,7 @@ +<sl10:TransformsInfo><dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"><xsl:output method="xml" xml:space="default"/><xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"><html><head><title>Signatur der Anmeldedaten</title><style type="text/css" media="screen"> + .normalstyle { font-size: medium; } + .italicstyle { font-size: medium; font-style: italic; } + .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } + .h4style{ font-size: large; } + </style></head><body><h4 class="h4style">Anmeldedaten:</h4><xsl:if test="string(//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue)"><p class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='SpecialText']/saml:AttributeValue"/></p></xsl:if><p class="titlestyle">Daten zur Person</p><table class="parameters"><xsl:if test="normalize-space(//@Issuer)"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//@Issuer"/></td></tr></xsl:if><xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"><tr><td class="italicstyle">Geburtsdatum:</td><td class="normalstyle"><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">Rolle:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle">Vollmacht:</td><td class="normalstyle"><xsl:text>Ich melde mich in Vertretung an. Im nächsten Schritt wird mir eine Liste der für mich verfügbaren Vertretungsverhältnisse angezeigt, aus denen ich eines auswählen werde.</xsl:text></td></tr></xsl:if></table><p class="titlestyle">Daten zur Anwendung</p><table class="parameters"><tr><td class="italicstyle">Name:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/></td></tr><tr><td class="italicstyle">Staat:</td><td class="normalstyle">Österreich</td></tr></table><p class="titlestyle">Technische Parameter</p><table class="parameters"><tr><td class="italicstyle">URL:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr><xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"><tr><td class="italicstyle">Bereich:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"><tr><td class="italicstyle"> + Vollmachten-Referenz:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"><tr><td class="italicstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"><tr><td class="italicstyle">Identifikator:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/><xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"><tr><td class="italicstyle">OID:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='HPI']"><tr><td class="italicstyle">HPI:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/></td></tr></xsl:if><xsl:if test="//saml:Attribute[@AttributeName='UniqueTokken']"><tr><td class="italicstyle">SessionTokken:</td><td class="normalstyle"><xsl:value-of select="//saml:Attribute[@AttributeName='UniqueTokken']/saml:AttributeValue"/></td></tr></xsl:if><tr><td class="italicstyle">Datum:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,9,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,6,2)"/><xsl:text>.</xsl:text><xsl:value-of select="substring(//@IssueInstant,1,4)"/></td></tr><tr><td class="italicstyle">Uhrzeit:</td><td class="normalstyle"><xsl:value-of select="substring(//@IssueInstant,12,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,15,2)"/><xsl:text>:</xsl:text><xsl:value-of select="substring(//@IssueInstant,18,2)"/></td></tr></table></body></html></xsl:template></xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><sl10:FinalDataMetaInfo><sl10:MimeType>application/xhtml+xml</sl10:MimeType></sl10:FinalDataMetaInfo></sl10:TransformsInfo>
\ No newline at end of file diff --git a/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml new file mode 100644 index 000000000..e220b8f82 --- /dev/null +++ b/id/server/doc/conf/moa-id/transforms/TransformsInfoAuthBlockTable_EN.xml @@ -0,0 +1,161 @@ +<sl10:TransformsInfo> + <dsig:Transforms xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"> + <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"> + <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" exclude-result-prefixes="pr saml"> + <xsl:output method="xml" xml:space="default"/> + <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml"> + <html> + <head> + <title>Signing the authentication data</title> + <style type="text/css" media="screen"> + .normalstyle { font-size: medium; } + .italicstyle { font-size: medium; font-style: italic; } + .titlestyle{ text-decoration:underline; font-weight:bold; font-size: medium; } + .h4style{ font-size: large; } + </style> + </head> + <body> + <h4 class="h4style">Authentication Data:</h4> + <p class="titlestyle">Personal Data</p> + <table class="parameters"> + <xsl:if test="normalize-space(//@Issuer)"> + <tr> + <td class="italicstyle">Name:</td> + <td class="normalstyle"> + <xsl:value-of select="//@Issuer"/> + </td> + </tr> + </xsl:if> + <xsl:if test="string(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue)"> + <tr> + <td class="italicstyle">Date of Birth:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,9,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,6,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//saml:Attribute[@AttributeName='Geburtsdatum']/saml:AttributeValue,1,4)"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + <tr> + <td class="italicstyle">Role:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OIDTextualDescription']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"> + <tr> + <td class="italicstyle">Mandate:</td> + <td class="normalstyle"> + <xsl:text>I log in as representative. In the next step a list of available mandates is shown. Here I select one mandate.</xsl:text> + </td> + </tr> + </xsl:if> + </table> + <p class="titlestyle">Application Data</p> + <table class="parameters"> + <tr> + <td class="italicstyle">Name:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='oaFriendlyName']/saml:AttributeValue"/> + </td> + </tr> + <tr> + <td class="italicstyle">Country:</td> + <td class="normalstyle">Austria</td> + </tr> + </table> + <p class="titlestyle">Technical Parameters</p> + <table class="parameters"> + <tr> + <td class="italicstyle">URL:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/> + </td> + </tr> + <xsl:if test="//saml:Attribute[@AttributeName='Geschaeftsbereich']"> + <tr> + <td class="italicstyle">Sector:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='Geschaeftsbereich']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='mandateReferenceValue']"> + <tr> + <td class="italicstyle"> + Mandate Reference:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='mandateReferenceValue']"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"> + <tr> + <td class="italicstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='IdentityLinkDomainIdentifierType']"/>:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Type"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='bPK'] or //saml:Attribute[@AttributeName='wbPK']"> + <tr> + <td class="italicstyle">Identifier:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='bPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + <xsl:value-of select="//saml:Attribute[@AttributeName='wbPK']/saml:AttributeValue/pr:Identification/pr:Value"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='OIDTextualDescription']"> + <tr> + <td class="italicstyle">OID:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='OID']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <xsl:if test="//saml:Attribute[@AttributeName='HPI']"> + <tr> + <td class="italicstyle">HPI:</td> + <td class="normalstyle"> + <xsl:value-of select="//saml:Attribute[@AttributeName='HPI']/saml:AttributeValue"/> + </td> + </tr> + </xsl:if> + <tr> + <td class="italicstyle">Date:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//@IssueInstant,9,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,6,2)"/> + <xsl:text>.</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,1,4)"/> + </td> + </tr> + <tr> + <td class="italicstyle">Time:</td> + <td class="normalstyle"> + <xsl:value-of select="substring(//@IssueInstant,12,2)"/> + <xsl:text>:</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,15,2)"/> + <xsl:text>:</xsl:text> + <xsl:value-of select="substring(//@IssueInstant,18,2)"/> + </td> + </tr> + </table> + </body> + </html> + </xsl:template> + </xsl:stylesheet> + </dsig:Transform> + <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/> + </dsig:Transforms> + <sl10:FinalDataMetaInfo> + <sl10:MimeType>application/xhtml+xml</sl10:MimeType> + </sl10:FinalDataMetaInfo> +</sl10:TransformsInfo> |