diff options
Diffstat (limited to 'id/server/doc')
-rw-r--r-- | id/server/doc/handbook/additional/additional.html | 316 | ||||
-rw-r--r-- | id/server/doc/handbook/protocol/Assertion.xml | 4 | ||||
-rw-r--r-- | id/server/doc/handbook/protocol/idp_metadata.xml | 4 | ||||
-rw-r--r-- | id/server/doc/handbook/protocol/protocol.html | 108 | ||||
-rw-r--r-- | id/server/doc/htmlTemplates/BKU-selection.html | 874 | ||||
-rw-r--r-- | id/server/doc/htmlTemplates/sendAssertion.html | 581 |
6 files changed, 330 insertions, 1557 deletions
diff --git a/id/server/doc/handbook/additional/additional.html b/id/server/doc/handbook/additional/additional.html index fb9735990..00b36c4cd 100644 --- a/id/server/doc/handbook/additional/additional.html +++ b/id/server/doc/handbook/additional/additional.html @@ -311,104 +311,104 @@ <p> </p> <table border="1" cellpadding="0" cellspacing="0" class="configtable"> <tr> - <td width="131" valign="top"><p align="left"><strong>EventCode</strong></p></td> - <td width="208" valign="top"><p align="left"><strong>Wert</strong></p></td> - <td width="946" valign="top"><p align="left"><strong>Beschreibung</strong></p></td> + <td width="165" valign="top"><p align="left"><strong>EventCode</strong></p></td> + <td width="312" valign="top"><p align="left"><strong>Wert</strong></p></td> + <td width="1127" valign="top"><p align="left"><strong>Beschreibung</strong></p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3000</p></td> - <td width="208" valign="top"><p align="left">Protokolltype</p></td> - <td width="946" valign="top"><p>Type des verwendeten Authentifizierungsprotokolls (OpenID Connect, PVP2, STORK, SAML1)</p></td> + <td width="165" valign="top"><p align="center">3000</p></td> + <td width="312" valign="top"><p align="left">Protokolltype</p></td> + <td width="1127" valign="top"><p>Type des verwendeten Authentifizierungsprotokolls (OpenID Connect, PVP2, STORK, SAML1)</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3100</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Metadaten Request</p></td> + <td width="165" valign="top"><p align="center">3100</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Metadaten Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3101</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Authentifizierungsrequest</p></td> + <td width="165" valign="top"><p align="center">3101</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Authentifizierungsrequest</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3102</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Authentifizierungsresponse</p></td> + <td width="165" valign="top"><p align="center">3102</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Authentifizierungsresponse</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3103</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Single LogOut Request</p></td> + <td width="165" valign="top"><p align="center">3103</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Single LogOut Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3104</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>PVP 2.x Attribute Query (im Fall IDP Interfederation mit zwischen MOA-IDs)</p></td> + <td width="165" valign="top"><p align="center">3104</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>PVP 2.x Attribute Query (im Fall IDP Interfederation mit zwischen MOA-IDs)</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3200</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>OpenID Connect Auth Requsst</p></td> + <td width="165" valign="top"><p align="center">3200</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>OpenID Connect Auth Requsst</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3201</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>OpenID Connect Tokken Request</p></td> + <td width="165" valign="top"><p align="center">3201</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>OpenID Connect Tokken Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">3300</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>SAML1 StartAuthentication Request</p></td> + <td width="165" valign="top"><p align="center">3300</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>SAML1 StartAuthentication Request</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4000</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde gestartet</p></td> + <td width="165" valign="top"><p align="center">4000</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde gestartet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4001</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde beendet</p></td> + <td width="165" valign="top"><p align="center">4001</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Identifizierungs- und Authentifizierungsprozess wurde beendet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4002</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit Online Vollmachten</p></td> + <td width="165" valign="top"><p align="center">4002</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit Online Vollmachten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4003</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit STORK</p></td> + <td width="165" valign="top"><p align="center">4003</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit STORK</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4004</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess mit Single Sign-On</p></td> + <td width="165" valign="top"><p align="center">4004</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess mit Single Sign-On</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4005</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Ungültige Single Sign-On Session</p></td> + <td width="165" valign="top"><p align="center">4005</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Ungültige Single Sign-On Session</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4006</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Benutzeranfrage für Single Sign-On Verwendung gestellt</p></td> + <td width="165" valign="top"><p align="center">4006</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Benutzeranfrage für Single Sign-On Verwendung gestellt</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4007</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Benutzerantwort für Single Sign-On Verwendung empfangen</p></td> + <td width="165" valign="top"><p align="center">4007</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Benutzerantwort für Single Sign-On Verwendung empfangen</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4008</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Anmeldeprozess über IDP Föderation</p></td> + <td width="165" valign="top"><p align="center">4008</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Anmeldeprozess über IDP Föderation</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4009</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Gültige Response von föderiertem IDP erhalten</p></td> + <td width="165" valign="top"><p align="center">4009</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Gültige Response von föderiertem IDP erhalten</p></td> </tr> <tr> <td height="30" valign="top">4010</td> @@ -416,109 +416,179 @@ <td valign="top">Verwendeter IDP für föderierte Anmeldung</td> </tr> <tr> - <td width="131" valign="top"><p align="center">4011</p></td> - <td width="208" valign="top"><p align="left">Service Identifikator</p></td> - <td width="946" valign="top"><p>Eindeutiger Identifikator der/des Online-Applikation/Service an der/dem die Anmeldung erfolgt</p></td> + <td width="165" valign="top"><p align="center">4011</p></td> + <td width="312" valign="top"><p align="left">Service Identifikator</p></td> + <td width="1127" valign="top"><p>Eindeutiger Identifikator der/des Online-Applikation/Service an der/dem die Anmeldung erfolgt</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4110</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>BKU Auswahl gestartet</p></td> + <td width="165" valign="top"><p align="center">4110</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>BKU Auswahl gestartet</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4111</p></td> - <td width="208" valign="top"><p align="left">Bkutype (z.b. online, handy, local)</p></td> - <td width="946" valign="top"><p>Ausgewählter BKU Type</p></td> + <td width="165" valign="top"><p align="center">4111</p></td> + <td width="312" valign="top"><p align="left">Bkutype (z.b. online, handy, local)</p></td> + <td width="1127" valign="top"><p>Ausgewählter BKU Type</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4112</p></td> - <td width="208" valign="top"><p align="left">URL</p></td> - <td width="946" valign="top"><p>Verwendete BKU URL</p></td> + <td width="165" valign="top"><p align="center">4112</p></td> + <td width="312" valign="top"><p align="left">URL</p></td> + <td width="1127" valign="top"><p>Verwendete BKU URL</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4113</p></td> - <td width="208" valign="top"><p align="left">IP Adresse</p></td> - <td width="946" valign="top"><p>IP Adresse mit der die BKU Daten an MOA-ID liefert</p></td> + <td width="165" valign="top"><p align="center">4113</p></td> + <td width="312" valign="top"><p align="left">IP Adresse</p></td> + <td width="1127" valign="top"><p>IP Adresse mit der die BKU Daten an MOA-ID liefert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4220</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Personenbindung ausgelesen und gültig validiert</p></td> + <td width="165" valign="top"><p align="center">4220</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Personenbindung ausgelesen und gültig validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4221</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Signaturzertifikat ausgelesen und validiert</p></td> + <td width="165" valign="top"><p align="center">4221</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Signaturzertifikat ausgelesen und validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4222</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>AuthBlock signiert und gültig validiert</p></td> + <td width="165" valign="top"><p align="center">4222</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>AuthBlock signiert und gültig validiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4223</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Wechsel in den Modus für ausländische Signaturkarten</p></td> + <td width="165" valign="top"><p align="center">4223</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Wechsel in den Modus für ausländische Signaturkarten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4224</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>SZR-Gateway wird kontaktiert</p></td> + <td width="165" valign="top"><p align="center">4224</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>SZR-Gateway wird kontaktiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4225</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Personenbindung von SZR-Gateway erhalten</p></td> + <td width="165" valign="top"><p align="center">4225</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Personenbindung von SZR-Gateway erhalten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4300</p></td> - <td width="208" valign="top"><p align="left">ReferenceID des Vollmachtensystems</p></td> - <td width="946" valign="top"><p>Online-Vollmachten Service wird kontaktiert</p></td> + <td width="165" valign="top"><p align="center">4300</p></td> + <td width="312" valign="top"><p align="left">ReferenceID des Vollmachtensystems</p></td> + <td width="1127" valign="top"><p>Online-Vollmachten Service wird kontaktiert</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4301</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Redirekt zum Online-Vollmachten Service</p></td> + <td width="165" valign="top"><p align="center">4301</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Redirekt zum Online-Vollmachten Service</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">4302</p></td> - <td width="208" valign="top"><p align="left"> </p></td> - <td width="946" valign="top"><p>Vollmacht vom Online-Vollmachten Service erhalten</p></td> + <td width="165" valign="top"><p align="center">4302</p></td> + <td width="312" valign="top"><p align="left"> </p></td> + <td width="1127" valign="top"><p>Vollmacht vom Online-Vollmachten Service erhalten</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5000</p></td> - <td width="208" valign="top"><p align="left">bPK</p></td> - <td width="946" valign="top"><p>bPK bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> + <td valign="top">4400</td> + <td valign="top"> </td> + <td valign="top">IDP initiated Single LogOut Request erhalten</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5001</p></td> - <td width="208" valign="top"><p align="left">OID</p></td> - <td width="946" valign="top"><p>OID bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> + <td valign="top">4401</td> + <td valign="top"> </td> + <td valign="top">Single LogOut Process gestartet</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5002</p></td> - <td width="208" valign="top"><p align="left">JSON String</p></td> - <td width="946" valign="top"><p>Pseudoanonymisierte Personendaten der sich anmeldeten natürlichen Person.</p></td> + <td valign="top">4402</td> + <td valign="top"> </td> + <td valign="top">Single LogOut Process erfolgreich beendet</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5100</p></td> - <td width="208" valign="top"><p align="left">Vollmachtstype</p></td> - <td width="946" valign="top"><p>Type der ausgewählten Vollmacht</p></td> + <td valign="top">4403</td> + <td valign="top"> </td> + <td valign="top">Unvollständiger Single LogOut Prozess</td> </tr> <tr> - <td width="131" valign="top"><p align="center">5101</p></td> - <td width="208" valign="top"><p align="left">jur / nat</p></td> - <td width="946" valign="top"><p>Vollmacht - Type der vertretenen Person (Juristische / natürliche Person)</p></td> + <td width="165" valign="top"><p align="center">5000</p></td> + <td width="312" valign="top"><p align="left">bPK</p></td> + <td width="1127" valign="top"><p>bPK bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5102</p></td> - <td width="208" valign="top"><p align="left">JSON String</p></td> - <td width="946" valign="top"><p>Pseudoanonymisierte Personendaten der vertretenen natürlichen Person.</p></td> + <td width="165" valign="top"><p align="center">5001</p></td> + <td width="312" valign="top"><p align="left">OID</p></td> + <td width="1127" valign="top"><p>OID bei Vollmacht mit berufsmäßigem Parteienvertreter oder Organwalter</p></td> </tr> <tr> - <td width="131" valign="top"><p align="center">5103</p></td> - <td width="208" valign="top"><p align="left">baseID</p></td> - <td width="946" valign="top"><p>Stammzahl der vertretenen juristischen Person </p></td> + <td width="165" valign="top"><p align="center">5002</p></td> + <td width="312" valign="top"><p align="left">JSON String</p></td> + <td width="1127" valign="top"><p>Pseudoanonymisierte Personendaten der sich anmeldeten natürlichen Person.</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5100</p></td> + <td width="312" valign="top"><p align="left">Vollmachtstype</p></td> + <td width="1127" valign="top"><p>Type der ausgewählten Vollmacht</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5101</p></td> + <td width="312" valign="top"><p align="left">jur / nat</p></td> + <td width="1127" valign="top"><p>Vollmacht - Type der vertretenen Person (Juristische / natürliche Person)</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5102</p></td> + <td width="312" valign="top"><p align="left">JSON String</p></td> + <td width="1127" valign="top"><p>Pseudoanonymisierte Personendaten der vertretenen natürlichen Person.</p></td> + </tr> + <tr> + <td width="165" valign="top"><p align="center">5103</p></td> + <td width="312" valign="top"><p align="left">baseID</p></td> + <td width="1127" valign="top"><p>Stammzahl der vertretenen juristischen Person </p></td> + </tr> + <tr> + <td valign="top"> </td> + <td valign="top"> </td> + <td valign="top"> </td> + </tr> + <tr> + <td valign="top">6000</td> + <td valign="top">ReferenceID zum Auth. Prozess</td> + <td valign="top">externes Vollmachten Service kontaktiert</td> + </tr> + <tr> + <td valign="top">6001</td> + <td valign="top">ReferenceID des Vollmachhtenservice</td> + <td valign="top">gültige Vollmacht vom externen Vollmachten Service verarbeitet</td> + </tr> + <tr> + <td valign="top">6002</td> + <td valign="top"> </td> + <td valign="top">Fehler vom externen Vollmachten Service verarbeitet</td> + </tr> + <tr> + <td valign="top">6003</td> + <td valign="top">IP Adresse</td> + <td valign="top">IP Adresse mit der das externe Vollmachten Service die Vollmacht ausgeliefert hat</td> + </tr> + <tr> + <td valign="top">6100</td> + <td valign="top">EntityID</td> + <td valign="top">eIDAS Node ausgewählt</td> + </tr> + <tr> + <td valign="top">6101</td> + <td valign="top">RequestID</td> + <td valign="top">eIDAS Node kontaktiert</td> + </tr> + <tr> + <td valign="top">6102</td> + <td valign="top">ResponseID</td> + <td valign="top">Gültige Response von eIDAS Node erhalten</td> + </tr> + <tr> + <td valign="top">6103</td> + <td valign="top"> </td> + <td valign="top">Ungültige Response oder Fehlercode von eIDAS Node erhalten</td> + </tr> + <tr> + <td valign="top">6104</td> + <td valign="top"> </td> + <td valign="top">Personenbindung für Authentifizierung über eIDAS Node erstellt</td> </tr> </table> <p> </p> diff --git a/id/server/doc/handbook/protocol/Assertion.xml b/id/server/doc/handbook/protocol/Assertion.xml index b6db5f088..2654f2e80 100644 --- a/id/server/doc/handbook/protocol/Assertion.xml +++ b/id/server/doc/handbook/protocol/Assertion.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="UTF-8"?> <saml2p:Response xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" Destination="https://demo.egiz.gv.at/demoportal_demologin/securearea.action" InResponseTo="_aeebfae3ce681fe3ddcaf213a42f01d3" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema"> - <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0</saml2:Issuer> + <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> @@ -34,7 +34,7 @@ nibdIyU5+AmfFzDaMwNocJEANoXrjLTpduCHvT0Qt/wH+7rVdgjX1djMrBhyMWs7GQyIBRfuf58m <saml2p:StatusCode Value="urn:oasis:names:tc:SAML:2.0:status:Success"/> </saml2p:Status> <saml2:Assertion xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" ID="_602c3236bffaf71ac3ac88674e76ff9f" IssueInstant="2014-03-05T06:39:51.017Z" Version="2.0"> - <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0</saml2:Issuer> + <saml2:Issuer Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata</saml2:Issuer> <saml2:Subject> <saml2:NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent" NameQualifier="urn:publicid:gv.at:cdid+BF">QVGm48cqcM4UcyhDTNGYmVdrIoY=</saml2:NameID> <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:bearer"> diff --git a/id/server/doc/handbook/protocol/idp_metadata.xml b/id/server/doc/handbook/protocol/idp_metadata.xml index e8915332e..ffc15d461 100644 --- a/id/server/doc/handbook/protocol/idp_metadata.xml +++ b/id/server/doc/handbook/protocol/idp_metadata.xml @@ -1,4 +1,4 @@ -<md:EntitiesDescriptor ID="_c0303e3081ac29bb8329cade76279069" Name="MOA-ID 2.0 Demo IDP (Version: 2.1.0)" validUntil="2014-07-04T11:23:29.736Z"> +<md:EntitiesDescriptor ID="_c0303e3081ac29bb8329cade76279069" Name="MOA-ID 3.1 Demo IDP (Version: 3.1.0)" validUntil="2016-04-05T11:23:29.736Z"> <ds:Signature> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> @@ -37,7 +37,7 @@ cfmNJhb06H+6mmHz929Bk4HuHoQj8X8=</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> - <md:EntityDescriptor entityID="https://demo.egiz.gv.at/demoportal_moaid-2.0" validUntil="2014-07-27T11:23:29.736Z"> + <md:EntityDescriptor entityID="https://demo.egiz.gv.at/demoportal_moaid-2.0/pvp/metadata" validUntil="2014-07-27T11:23:29.736Z"> <md:IDPSSODescriptor WantAuthnRequestsSigned="true" protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol"> <md:KeyDescriptor use="signing"> <ds:KeyInfo> diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html index 6214c393c..58474b635 100644 --- a/id/server/doc/handbook/protocol/protocol.html +++ b/id/server/doc/handbook/protocol/protocol.html @@ -271,6 +271,13 @@ Redirect Binding</td> <p><strong>Hinweis:</strong> Im Falle einer privatwirtschaftlichen Applikation ist die Stammzahl durch die wbPK ersetzt.</p></td> </tr> <tr> + <td height="23">urn:oid:1.2.40.0.10.2.1.1.261.106</td> + <td>MANDATE-TYPE-OID</td> + <td align="center">mandate</td> + <td> </td> + <td>Bezeichnung als OID des verwendeten Vollmachten-Profils</td> + </tr> + <tr> <td height="23">urn:oid:1.2.40.0.10.2.1.1.261.68</td> <td>MANDATE-TYPE</td> <td align="center">mandate</td> @@ -559,6 +566,10 @@ Redirect Binding</td> <td>1007</td> <td>Vollmachtsmodus für ausländische Personen wird nicht unterstützt.</td> </tr> + <tr> + <td>1008</td> + <td>Es konnten nicht alle minimal erforderlichen Identifikations- oder Authentifikationsmerkmale ermittelt werden.</td> + </tr> </table> <h5><a name="statuscodes_11xxx" id="allgemeines_zugangspunkte12"></a>1.3.1.2 Validierung (11xxx)</h5> <table class="configtable"> @@ -606,6 +617,10 @@ Redirect Binding</td> <td>1109</td> <td>Fehler beim Validieren der SZR-Gateway Response</td> </tr> + <tr> + <td>1110</td> + <td>Ungültige Single Sign-On Session</td> + </tr> </table> <h5><a name="statuscodes_12xxx" id="allgemeines_zugangspunkte13"></a>1.3.1.3 STORK (12xxx)</h5> <table class="configtable"> @@ -638,6 +653,45 @@ Redirect Binding</td> <td>Der geforderte QAA Level ist höher als der QAA Level der gewählten Authentifizierungsmethode</td> </tr> </table> +<h5><a name="statuscodes_13xx" id="allgemeines_zugangspunkte26"></a>1.3.1.4 eIDAS (13xxx)</h5> +<table class="configtable"> + <tr> + <th width="13%">Statuscode</th> + <th width="87%">Beschreibung</th> + </tr> + <tr> + <td>1300</td> + <td>Fehler beim Erstellen des eIDAS Authentifizierungsrequests</td> + </tr> + <tr> + <td>1301</td> + <td>Fehler beim Validieren der eIDAS Authentifizierungsresponse</td> + </tr> + <tr> + <td>1302</td> + <td>Response vom eIDAS Node enthält einen Fehler</td> + </tr> + <tr> + <td>1303</td> + <td>eIDAS Response beinhaltet nicht alle minimal erforderlichen Attribute</td> + </tr> + <tr> + <td>1304</td> + <td>Der ausgewählte eIDAS Node existiert nicht oder ist nicht konfiguriert</td> + </tr> + <tr> + <td>1305</td> + <td>eIDAS Request konnte nicht gültig verarbeitet werden</td> + </tr> + <tr> + <td>1306</td> + <td>Generierung dereIDAS Metadaten fehlgeschlagen</td> + </tr> + <tr> + <td>1399</td> + <td>Interner Fehler in der eIDAS SAML-Engine</td> + </tr> +</table> <h4><a name="statuscodes_4xxxx" id="allgemeines_zugangspunkte8"></a>1.3.2 Statuscodes 4xxxx</h4> <p>Alles Statuscodes beginnend mit der Zahl vier beschreiben Fehler die während der Kommunikation mit externen Services aufgetreten sind.</p> <h5><a name="statuscodes_40xxx" id="allgemeines_zugangspunkte19"></a>1.3.2.1 BKU (40xxxx)</h5> @@ -687,24 +741,51 @@ Redirect Binding</td> <h5><a name="statuscodes_43xxx" id="allgemeines_zugangspunkte22"></a>1.3.2.4 MOA SP/SS(43xxx)</h5> <table class="configtable"> <tr> - <th>Statuscode</th> - <th>Beschreibung</th> + <th width="23%">Statuscode</th> + <th width="77%">Beschreibung</th> </tr> <tr> <td>4300</td> <td>Fehler beim Aufruf von MOA SP/SS</td> </tr> </table> -<h5><a name="statuscodes_44xxx" id="allgemeines_zugangspunkte23"></a>1.3.2.5 Interfederation (44xxx)</h5> +<h5><a name="statuscodes_44xxx" id="allgemeines_zugangspunkte23"></a>1.3.2.5 Interfederation (44xx)</h5> <table class="configtable"> <tr> - <th>Statuscode</th> - <th>Beschreibung</th> + <th width="23%">Statuscode</th> + <th width="77%">Beschreibung</th> </tr> <tr> <td>4400</td> <td>Fehler beim Generieren der Anmeldedaten</td> </tr> + <tr> + <td>4401</td> + <td>Die Verwendung des angeforderten federated IDP ist nicht erlaubt</td> + </tr> +</table> +<h5>1.3.2.6 Attributprovider (45xx)</h5> +<table class="configtable"> + <tr> + <th width="12%">Statuscode</th> + <th width="88%">Beschreibung</th> + </tr> + <tr> + <td>4500</td> + <td>Der Zugriff auf einen Attributprovider ist nicht erlaubt</td> + </tr> + <tr> + <td>4501</td> + <td>Die Requestgenerierung für den Zugriff auf den Attributprovider schlug fehl</td> + </tr> + <tr> + <td>4502</td> + <td>Die Response vom Attributeprovider ist ungültig oder nicht errlaubt</td> + </tr> + <tr> + <td>4503</td> + <td>Die Response vom Attributeprovider beinhaltet einen Fehlercode</td> + </tr> </table> <h4><a name="statuscodes_6xxxx" id="allgemeines_zugangspunkte9"></a>1.3.3 Statuscodes 6xxxx</h4> <p>Alles Statuscodes beginnend mit der Zahl sechs beschreiben protokollspezifische Fehler die nicht durch das jeweilige Authentifizierungsprotokoll abgebildet werden.</p> @@ -816,6 +897,14 @@ Redirect Binding</td> <td>9007</td> <td>Der SZR-Gateway Client konnte nicht initialisiert werden.</td> </tr> + <tr> + <td>9008</td> + <td>Fehler beim Verarbeiten eines Konfigurationsparameters.</td> + </tr> + <tr> + <td>9099</td> + <td>Allgemeiner Konfigurationsfehler</td> + </tr> </table> <h5><a name="statuscodes_91xxx" id="allgemeines_zugangspunkte15"></a>1.3.4.2 Interne Fehler (91xxx)</h5> <table class="configtable"> @@ -840,6 +929,14 @@ Redirect Binding</td> <td>Fehler bei der Verarbeitung eines Templates</td> </tr> <tr> + <td>9104</td> + <td>Fehler bei der Auswahl oder Initialisierung des gewünschten Anmeldeprozesses</td> + </tr> + <tr> + <td>9105</td> + <td>Fehler bei der Fortführung des Anmeldeprozesses</td> + </tr> + <tr> <td>9199</td> <td>Allgemeiner interner Fehler</td> </tr> @@ -982,6 +1079,7 @@ https://<host>:<port>/moa-id-auth/LogOut <pre> https://<host>:<port>/moa-id-auth/pvp2/metadata </pre> +<p><strong>Hinweis:</strong> Ist die deployed MOA-ID Instanz für mehrere virtuelle IDPs konfiguriert, so können die Metadaten für die jeweiligen virutellen Entities über den PublicURLPrefix der jeweiligen virtuellen Instanz abgerufen werden. Z.B. https://aaa.com/moa-id-auth/pvp2/metadata für virtuellen IDP aaa.com oder https://bbb.com/moa-id-auth/pvp2/metadata für virtuellen IDP bbb.com</p> <p>Wollen Sie für Ihre Online-Applikation PVP 2.1 als Authentifizierungsprotokoll nutzen müssen für jede Online-Applikation Metadaten erstellt und durch den Service Provider signiert werden. Zusätzlich muss die URL auf die Metadaten und das entsprechende Signaturzertifikat zur Prüfung der Signatur in der online-applikationsspezifischen <a href="../config/config.html#konfigurationsparameter_oa_protocol_pvp21">PVP 2.1 Konfiguration</a> von MOA-ID-Auth hinterlegt sein. Ein Beispiel für online-applikationsspezifische Metadaten finden Sie <a href="serviceprovider_metadata.xml">hier</a>.</p> <p>Die nachfolgenden Anforderungen an die online-applikationsspezifischen Metadaten .</p> <ul> diff --git a/id/server/doc/htmlTemplates/BKU-selection.html b/id/server/doc/htmlTemplates/BKU-selection.html index 2b0115d4a..02b86472b 100644 --- a/id/server/doc/htmlTemplates/BKU-selection.html +++ b/id/server/doc/htmlTemplates/BKU-selection.html @@ -4,847 +4,29 @@ <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 170px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - } - - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-bottom: 4%; - /*padding-top: 4%;*/ - position: relative; - clear: both; - text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } - -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: #BUTTON_COLOR#; */ - /*border: 0px;*/ - display: inline-block; - - } - - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - - </style> -<!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> -<script type="text/javascript"> - function isIE() { - return (/MSIE (\d+\.\d+);/.test(navigator.userAgent)); - } - function isFullscreen() { - try { - return ((top.innerWidth == screen.width) && (top.innerHeight == screen.height)); - } catch (e) { - return false; - } - } - function isActivexEnabled() { - var supported = null; - try { - supported = !!new ActiveXObject("htmlfile"); - } catch (e) { - supported = false; - } - return supported; - } - function isMetro() { - if (!isIE()) - return false; - return !isActivexEnabled() && isFullscreen(); - } - window.onload=function() { - document.getElementById("localBKU").style.display="block"; - return; - } - function bkuLocalClicked() { - setMandateSelection(); - } - - function bkuOnlineClicked() { - if (isMetro()) - document.getElementById("metroDetected").style.display="block"; - document.getElementById("localBKU").style.display="block"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function bkuHandyClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#HANDY#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function storkClicked() { - document.getElementById("localBKU").style.display="none"; -/* if (checkMandateSSO()) - return; */ - - setMandateSelection(); -/* setSSOSelection(); */ - - var ccc = "AT"; - var countrySelection = document.getElementById("cccSelection"); - if (countrySelection != null) { - ccc = document.getElementById("cccSelection").value; - } - var iFrameURL = "#AUTH_URL#" + "?"; - iFrameURL += "bkuURI=" + "#ONLINE#"; - iFrameURL += "&useMandate=" + document.getElementById("useMandate").value; - iFrameURL += "&CCC=" + ccc; -/* iFrameURL += "&SSO=" + document.getElementById("useSSO").value; */ - iFrameURL += "&MODUL=" + "#MODUL#"; - iFrameURL += "&ACTION=" + "#ACTION#"; - iFrameURL += "&MOASessionID=" + "#SESSIONID#"; - generateIFrame(iFrameURL); - } - function generateIFrame(iFrameURL) { - var el = document.getElementById("bkulogin"); - var width = el.clientWidth; - var heigth = el.clientHeight - 20; - var parent = el.parentNode; - - iFrameURL += "&heigth=" + heigth; - iFrameURL += "&width=" + width; - - var iframe = document.createElement("iframe"); - iframe.setAttribute("src", iFrameURL); - iframe.setAttribute("width", el.clientWidth - 1); - iframe.setAttribute("height", el.clientHeight - 1); - iframe.setAttribute("frameborder", "0"); - iframe.setAttribute("scrolling", "no"); - iframe.setAttribute("title", "Login"); - parent.replaceChild(iframe, el); - } - function setMandateSelection() { - document.getElementById("moaidform").action = "#AUTH_URL#"; - document.getElementById("useMandate").value = "false"; - var checkbox = document.getElementById("mandateCheckBox"); - if (checkbox != null) { - if (document.getElementById("mandateCheckBox").checked) { - document.getElementById("useMandate").value = "true"; - } - } - } - function onChangeChecks() { - if (self.innerWidth < 650) { - document.getElementById("moaidform").setAttribute("target","_parent"); - } else { - document.getElementById("moaidform").removeAttribute("target"); - } - - } - - function checkIfBrowserSupportsJava(){ - console.log("Browser is Chrome: "+checkIfBrowserIsChrome()); - console.log("Browser is Safari: "+checkIfBrowserIsSafari()); - console.log("Browser is Edge: "+checkIfBrowserIsEdge()); - - var cnt = 0; - - if(checkIfBrowserIsChrome())cnt++; - if(checkIfBrowserIsEdge())cnt++; - if(checkIfBrowserIsSafari())cnt++; - - if(cnt==0 || cnt>1)//cnt>1 means perhaps wrong detection - return true; - - var image = document.getElementById("bkuimage"); - var srcatt = image.getAttribute("src"); - var last = srcatt.substring(srcatt.lastIndexOf('/')+1); - srcatt = srcatt.replace(last,'online-bku-deactivated.png'); - image.setAttribute("src",srcatt); - - - var button = document.getElementsByName("bkuButtonOnline")[0]; - button.setAttribute("class","browserInfoButton"); - button.setAttribute("title","Java wird nicht unterstützt, klicken für mehr Informationen."); - button.setAttribute("onClick","alert('Java wird von Ihrem Browser nicht unterstützt, ist jedoch für den Betrieb der Online Bürgerkartenumgebung notwendig.\\nWollen Sie dennoch die Online Bürgerkartenumgebung verwenden, wird zur Zeit Java noch von Firefox und MS Internet Explorer unterstützt. \\nAlternativ koennen Sie auch eine lokale Bürgerkartenumgebung verwenden, verfügbar unter www.buergerkarte.at.');"); - - return false; + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> - } - function checkIfBrowserIsChrome(){ - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = false; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && webstore_defined; - } - function checkIfBrowserIsEdge(){//edge also defines the chrome object, but not the webapp - var chrome_defined = !!window.chrome;//chrome object defined - var webstore_defined = true; - if(window.chrome){ - webstore_defined = !!window.chrome.webstore; - } - return chrome_defined && !webstore_defined; - } - function checkIfBrowserIsSafari(){ - var cond1 = Object.prototype.toString.call(window.HTMLElement).indexOf('Constructor') > 0; - return cond1; - } -/* function setSSOSelection() { - document.getElementById("useSSO").value = "false"; - var checkbox = document.getElementById("SSOCheckBox"); - if (checkbox != null) { - if (document.getElementById("SSOCheckBox").checked) { - document.getElementById("useSSO").value = "true"; - } - } - } */ - -/* function checkMandateSSO() { - var sso = document.getElementById("SSOCheckBox"); - var mandate = document.getElementById("mandateCheckBox"); - - - if (sso.checked && mandate.checked) { - alert("Anmeldung in Vertretung in kombination mit Single Sign-On wird aktuell noch nicht unterstützt!") - mandate.checked = false; - sso.checked = false; - return true; - } else { - return false; - } - } */ - </script> + <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions--> + <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script> + + <title>Anmeldung mittels Bürgerkarte oder Handy-Signatur</title> </head> <body onload="onChangeChecks();checkIfBrowserSupportsJava();" onresize="onChangeChecks();"> <div id="page"> <div id="page1" class="case selected-case" role="main"> - <h2 class="OA_header" role="heading">Anmeldung an: #OAName#</h2> + <h2 class="OA_header" role="heading">Anmeldung an: $OAName</h2> <div id="main"> <div id="leftcontent" class="hell" role="application"> <div id="bku_header" class="dunkel"> - <h2 id="tabheader" class="dunkel" role="heading">#HEADER_TEXT#</h2> + <h2 id="tabheader" class="dunkel" role="heading">$HEADER_TEXT</h2> </div> <div id="bkulogin" class="hell" role="form"> - <div id="mandateLogin" style="#MANDATEVISIBLE#"> + <div id="mandateLogin" style=""> <div> <input tabindex="1" type="checkbox" name="Mandate" id="mandateCheckBox" class="verticalcenter" role="checkbox" - onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'#MANDATECHECKED#> + onClick='document.getElementById("mandateCheckBox").setAttribute("aria-checked", document.getElementById("mandateCheckBox").checked);'$MANDATECHECKED> <label for="mandateCheckBox" class="verticalcenter">in Vertretung anmelden</label> <!--a href="info_mandates.html" @@ -855,43 +37,41 @@ </div> <div id="bkuselectionarea"> <div id="bkukarte"> - <img id="bkuimage" class="bkuimage" src="#CONTEXTPATH#/img/online-bku.png" + <img id="bkuimage" class="bkuimage" src="$contextPath/img/online-bku.png" alt="OnlineBKU" /> <input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /> </div> <div id="bkuhandy"> - <img class="bkuimage" src="#CONTEXTPATH#/img/mobile-bku.png" + <img class="bkuimage" src="$contextPath/img/mobile-bku.png" alt="HandyBKU" /> <input name="bkuButtonHandy" type="button" onClick="bkuHandyClicked();" tabindex="3" role="button" value="HANDY" /> </div> </div> <div id="localBKU"> - <form method="get" id="moaidform" action="#AUTH_URL#" + <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent"> - <input type="hidden" name="bkuURI" value="#LOCAL#"> <input - type="hidden" name="useMandate" id="useMandate"> <input - type="hidden" name="SSO" id="useSSO"> <input - type="hidden" name="ccc" id="ccc"> <input type="hidden" - name="MODUL" value="#MODUL#"> <input type="hidden" - name="ACTION" value="#ACTION#"> <input type="hidden" - name="MOASessionID" value="#SESSIONID#"> - <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" - role="button" onclick="setMandateSelection();"> + <input type="hidden" name="bkuURI" value="$bkuLocal" /> + <input type="hidden" name="useMandate" id="useMandate" /> + <input type="hidden" name="SSO" id="useSSO" /> + <input type="hidden" name="ccc" id="ccc" /> + <input type="hidden" name="pendingid" value="$pendingReqID" /> + <input type="submit" value=" Lokale Bürgerkartenumgebung " tabindex="4" + role="button" onclick="setMandateSelection();"> </form> </div> <!-- Single Sign-On Session transfer functionality --> <!--div id="ssoSessionTransferBlock"> - <a href="#AUTH_URL#?MOASessionID=#SESSIONID#&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> + <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a> </div--> - <div id="stork" align="center" style="#STORKVISIBLE#"> + <div id="stork" align="center" style="$STORKVISIBLE"> <h2 id="tabheader" class="dunkel">Home Country Selection</h2> <p> <select name="cccSelection" id="cccSelection" size="1" style="width: 120px; margin-right: 5px;" > - #PEPSLIST# + $countryList </select> <button name="bkuButton" type="button" onClick="storkClicked();">Proceed</button> <a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a> @@ -907,16 +87,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> <img - style="border: 0; width: 88px; height: 31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" alt="HTML5 ist valide!" /> - </a> <a href="http://jigsaw.w3.org/css-validator/"> <img - style="border: 0; width: 88px; height: 31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> diff --git a/id/server/doc/htmlTemplates/sendAssertion.html b/id/server/doc/htmlTemplates/sendAssertion.html index 07d018a94..7ae4b3f92 100644 --- a/id/server/doc/htmlTemplates/sendAssertion.html +++ b/id/server/doc/htmlTemplates/sendAssertion.html @@ -3,556 +3,7 @@ <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <!-- MOA-ID 2.x BKUSelection Layout CSS --> - <style type="text/css"> - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.7em; - border-radius: 5px; - } - - #bkuselectionarea button { - font-size: 0.85em; - border-radius: 7px; - margin-bottom: 25px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 440px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } - - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - width: 250px; - text-align: center; - } - - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - - #leftcontent { - width: 300px; - margin-top: 30px; - padding-bottom: 15px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #selectArea h3 { - margin-bottom: 25px; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 100px; - height: 30px; - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px;*/ - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - - #rightbutton { - width: 30%; - float:right; - margin-right: 45px; - text-align: right; - } - - button { - height: 25px; - width: 90px; - margin-bottom: 10px; - } - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } - - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - min-height: 1.2em; - border-radius: 5px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.8em; - min-width: 65px; - min-height: 1.3em; - /* border-radius: 5px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.8em; - margin-top: -0.4em; - } - } - - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - - #localBKU input { - font-size: 0.85em; - min-width: 80px; - min-height: 0.95em; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 0.85em; - min-width: 70px; - min-height: 0.95em; - /* border-radius: 6px; */ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2, #selectArea h3 { - font-size: 0.9em; - margin-top: -0.45em; - } - } - - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.0em; - min-height: 1.05em; - /* border-radius: 7px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.0em; - margin-top: -0.50em; - } - } - - @media screen and (max-width: 399px) and (min-width: 300px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.1em; - min-height: 1.2em; - /* border-radius: 8px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.1em; - margin-top: -0.55em; - } - } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - - #localBKU input { - font-size: 0.9em; - min-width: 100px; - border-radius: 6px; - } - - #bkuselectionarea button, .setAssertionButton_full { - font-size: 1.3em; - min-height: 1.3em; -/* border-radius: 10px; */ - margin-bottom: 5%; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2, #selectArea h3 { - font-size: 1.3em; - margin-top: -0.65em; - } - } - - - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: #MAIN_BACKGOUNDCOLOR#; - } - - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - min-width: 190px; -/* min-height: 190px; */ - vertical-align: middle; - - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - padding-top: 1%; - position: relative; - top: 50%; - } - - #bkulogin { - min-width: 190px; - min-height: 150px; - } - - .setAssertionButton_full { - margin-top: 15px; - width: 70%; - height: 11%; - min-width: 60px; - min-height: 25px; - } - - #selectArea h3 { - margin-top: 2%; - } - - button { - height: 11%; - width: 70%; - } - } - - * { - margin: 0; - padding: 0; -/* border: 0; */ - font-family: #FONTTYPE#; - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 35%; - float:left; - margin-left: 15px; - } - - #rightbutton { - width: 35%; - float:right; - margin-right: 25px; - text-align: right; - } - - #stork { - margin-bottom: 10px; - margin-top: 5px; - } - - #mandateLogin { - padding-bottom: 2%; - padding-top: 2%; - height: 10%; - position: relative; - text-align: center; - } - - .verticalcenter { - vertical-align: middle; - } - - #mandateLogin > div { - clear: both; - margin-top: -1%; - position: relative; - top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { - padding-left: 5%; - padding-right: 2%; - padding-bottom: 2%; - position: relative; - clear: both; - } - - #bkukarte { - float:left; - text-align:center; - width:40%; - min-height: 70px; - padding-left: 5%; - padding-top: 2%; - } - - #bkuhandy { - float:right; - text-align:center; - width:40%; - min-height: 90px; - padding-right: 5%; - padding-top: 2%; - } - - .bkuimage { - width: 90%; - height: auto; - } - - #mandate{ - text-align:center; - padding : 5px 5px 5px 5px; - } - - button, .sendButton { -/* background: #BUTTON_BACKGROUNDCOLOR#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: 3px 3px 3px #222222; */ - } - - button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { -/* background: #BUTTON_BACKGROUNDCOLOR_FOCUS#; - color: #BUTTON_COLOR#; */ - cursor: pointer; - -/* border:1px solid #000; - box-shadow: -1px -1px 3px #222222; */ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - - .selectTextHeader{ - - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : #MAIN_BACKGOUNDCOLOR#; - color: #MAIN_COLOR#; - } - - .dunkel { - background-color: #HEADER_BACKGROUNDCOLOR#; - color: #HEADER_COLOR#; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; - - } - - </style> - + <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" /> <title>Anmeldung an Online-Applikation</title> </head> @@ -574,25 +25,21 @@ </div> <div id="selectArea" class="hell" role="application"> - <h3>Anmeldung an: #OAName#</h3> + <h3>Anmeldung an: $OAName</h3> <!-- <div class="hell"> --> <div id="leftbutton"> - <form method="post" id="moaidform_yes" action="#URL#"> + <form method="post" id="moaidform_yes" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="true"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Ja" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Ja" class="setAssertionButton_full" role="button"> </form> </div> <div id="rightbutton"> - <form method="post" id="moaidform_no" action="#URL#"> + <form method="post" id="moaidform_no" action="$contextPath$submitEndpoint"> <input type="hidden" name="value" value="false"> - <input type="hidden" name="mod" value="#MODUL#"> - <input type="hidden" name="action" value="#ACTION#"> - <input type="hidden" name="identifier" value="#ID#"> - <input type="submit" value="Nein" class="setAssertionButton_full sendButton" role="button"> + <input type="hidden" name="pendingid" value="$pendingReqID"> + <input type="submit" value="Nein" class="setAssertionButton_full" role="button"> </form> </div> @@ -600,18 +47,6 @@ </div> </div> </div> - <!--div id="validation"> - <a href="http://validator.w3.org/check?uri="> - <img style="border:0;width:88px;height:31px" - src="#CONTEXTPATH#/img/valid-html5-blue.png" - alt="HTML5 ist valide!" /> - </a> - <a href="http://jigsaw.w3.org/css-validator/"> - <img style="border:0;width:88px;height:31px" - src="http://jigsaw.w3.org/css-validator/images/vcss-blue" - alt="CSS ist valide!" /> - </a> - </div--> </div> </body> </html> |