diff options
Diffstat (limited to 'spss.slinterface/conf')
-rw-r--r-- | spss.slinterface/conf/log4j/log4j.properties | 25 | ||||
-rw-r--r-- | spss.slinterface/conf/moa-sl/moa-sl.properties | 59 | ||||
-rw-r--r-- | spss.slinterface/conf/moa-spss/spss.config.fragment | 7 | ||||
-rw-r--r-- | spss.slinterface/conf/moa-spss/trustprofiles/moa-sl-test/isolde.buergerin.der | bin | 0 -> 987 bytes | |||
-rw-r--r-- | spss.slinterface/conf/tomcat/server.xml | 147 | ||||
-rw-r--r-- | spss.slinterface/conf/tomcat/unix/moa-env.sh | 16 | ||||
-rw-r--r-- | spss.slinterface/conf/tomcat/win32/starttomcat.bat | 45 | ||||
-rw-r--r-- | spss.slinterface/conf/tomcat/win32/stoptomcat.bat | 24 |
8 files changed, 323 insertions, 0 deletions
diff --git a/spss.slinterface/conf/log4j/log4j.properties b/spss.slinterface/conf/log4j/log4j.properties new file mode 100644 index 000000000..5b485b0bb --- /dev/null +++ b/spss.slinterface/conf/log4j/log4j.properties @@ -0,0 +1,25 @@ +# +# Sample log4j configuration for the MOA-SL web service +# + +# commons-logging setup +org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory + +# Configure root logger and loggers for moa-spss +log4j.rootLogger=info, stdout +log4j.logger.slinterface=info, moasl + +# Configure the 'stdout' appender to write logging output to the console +log4j.appender.stdout=org.apache.log4j.ConsoleAppender +log4j.appender.stdout.layout=org.apache.log4j.PatternLayout +log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n + +# Configure the 'moasl' appender to write moa-sl related logging output +# to the file 'logs/moa-sl.log'. The file is rolled over every 1000KB, +# and a maximum history of 10 log files is being kept. +log4j.appender.moasl=org.apache.log4j.RollingFileAppender +log4j.appender.moasl.File=logs/moa-sl.log +log4j.appender.moasl.MaxFileSize=1000KB +log4j.appender.moasl.MaxBackupIndex=10 +log4j.appender.moasl.layout=org.apache.log4j.PatternLayout +log4j.appender.moasl.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %20c | %10t | %m%n diff --git a/spss.slinterface/conf/moa-sl/moa-sl.properties b/spss.slinterface/conf/moa-sl/moa-sl.properties new file mode 100644 index 000000000..bed1f2893 --- /dev/null +++ b/spss.slinterface/conf/moa-sl/moa-sl.properties @@ -0,0 +1,59 @@ +# [XML-Schemata für Request- und Response-Validierung] + +# Schema für Security-Layer V 1.2 +location.schema.sl = /WEB-INF/classes/resources/schemas/Core.20031231.xsd + +# Schema für MOA SP/SS V 1.3 +location.schema.moa = /WEB-INF/classes/resources/schemas/MOA-SPSS-1.3.xsd + +# Schema für das Anzeigeformat aus SL 1.2 +location.schema.slxhtml = /WEB-INF/classes/resources/schemas/slxhtml-1.0/slxhtml.xsd + +# [Arbeitsverzeichnis] + +# Arbeitsverzeichnis zum Ablegen der von der geprüften XML-Signatur signierten Daten +location.tempdir = /workdir/temp/ + +# [Parameter der verwendeten MOA SP Installation] + +# URL des Zugangspunkts +service.sp.endpoint = http://localhost:8080/moa-spss/services/SignatureVerification + +# Zu verwendendes Vertrauensprofil +service.sp.trustProfileId = MOA-SL-Test + +# [Umfang der Prüfberichtseite] + +# Sollen die ggf. vorhandenen Signatureigenschaften (z.B. Signaturdatum) in der Liste +# der signierten Daten als XML-Datei angezeigt werden? +result.showetsi = false + +# Sollen ein ggf. vorhandenes Security-Layer Manifest in der Liste der signierten Daten als +# XML-Dateien angezeigt werden? +result.showslmanifest = false + +# [Parameter für das Umschreiben der URLs in der Prüfberichtseite] + +# Ein-/Ausschalten des Umschreibens +rewrite = true + +# URL des Proxys zu MOA SL, d. h. jenes Rechners, der vom Internet aus erreichbar ist +rewrite.proxyURL = http://<proxyhost>:8080/moa-sl/rewrite + +# Platzhalter für den Hostnamen des Proxys zu MOA SL +rewrite.proxyURL.proxyhostDummy = <proxyhost> + +# Tabelle für Reverse DNS Lookup zum Herausfinden des Hostnamens des Proxys zu MOA SL +rewrite.dn.127.0.0.1 = localhost +rewrite.dn.129.27.142.210 = localhost +rewrite.dn.default = localhost + +# Name des Parameters in der Proxy-URL, dessen Wert die übersetzte URL für den Aufruf +# von MOA SL enthält (empfängt der Proxy einen HTTP-Request mit diesem Parameter, so +# setz er diesen HTTP-Request auf die in diesem Parameter angegebene URL um) +rewrite.MOASLUrlParamName = targetURL + +# URL, wie der Webapplikations-Server mit MOA SL vom Proxy aus erreicht werden kann +# (ohne abschließenden /). Diese URL bildet den ersten Teil des Werts für den obigen +# Parameter. +rewrite.MOASLWebAppServUrl = http://localhost:8080 diff --git a/spss.slinterface/conf/moa-spss/spss.config.fragment b/spss.slinterface/conf/moa-spss/spss.config.fragment new file mode 100644 index 000000000..2cc7ffccc --- /dev/null +++ b/spss.slinterface/conf/moa-spss/spss.config.fragment @@ -0,0 +1,7 @@ +Fügen Sie bitte das nachfolgende Fragment in Ihre Konfigurationsdatei für MOA SP/SS als Kind +von MOAConfiguration/SignatureVerification/CertificateValidation/PathValidation ein. + +<cfg:TrustProfile xmlns:cfg="http://reference.e-government.gv.at/namespace/moaconfig/20021122#"> + <cfg:Id>MOA-SL-Test</cfg:Id> + <cfg:TrustAnchorsLocation>trustProfiles/moa-sl-test</cfg:TrustAnchorsLocation> +</cfg:TrustProfile> diff --git a/spss.slinterface/conf/moa-spss/trustprofiles/moa-sl-test/isolde.buergerin.der b/spss.slinterface/conf/moa-spss/trustprofiles/moa-sl-test/isolde.buergerin.der Binary files differnew file mode 100644 index 000000000..1cdc15c6e --- /dev/null +++ b/spss.slinterface/conf/moa-spss/trustprofiles/moa-sl-test/isolde.buergerin.der diff --git a/spss.slinterface/conf/tomcat/server.xml b/spss.slinterface/conf/tomcat/server.xml new file mode 100644 index 000000000..0b3d040cf --- /dev/null +++ b/spss.slinterface/conf/tomcat/server.xml @@ -0,0 +1,147 @@ +<!-- A "Server" is a singleton element that represents the entire JVM, + which may contain one or more "Service" instances. The Server + listens for a shutdown command on the indicated port. + + Note: A "Server" is not itself a "Container", so you may not + define subcomponents such as "Valves" or "Loggers" at this level. + --> + +<Server port="8005" shutdown="SHUTDOWN" debug="0"> + + <!-- A "Service" is a collection of one or more "Connectors" that share + a single "Container" (and therefore the web applications visible + within that Container). Normally, that Container is an "Engine", + but this is not required. + + Note: A "Service" is not itself a "Container", so you may not + define subcomponents such as "Valves" or "Loggers" at this level. + --> + + <!-- Define the Tomcat Stand-Alone Service --> + <Service name="Tomcat-Standalone"> + + <!-- A "Connector" represents an endpoint by which requests are received + and responses are returned. Each Connector passes requests on to the + associated "Container" (normally an Engine) for processing. + + By default, a non-SSL HTTP/1.1 Connector is established on port 8080. + You can also enable an SSL HTTP/1.1 Connector on port 8443 by + following the instructions below and uncommenting the second Connector + entry. SSL support requires the following steps (see the SSL Config + HOWTO in the Tomcat 4.0 documentation bundle for more detailed + instructions): + * Download and install JSSE 1.0.2 or later, and put the JAR files + into "$JAVA_HOME/jre/lib/ext". + * Execute: + %JAVA_HOME%\bin\keytool -genkey -alias tomcat -keyalg RSA (Windows) + $JAVA_HOME/bin/keytool -genkey -alias tomcat -keyalg RSA (Unix) + with a password value of "changeit" for both the certificate and + the keystore itself. + + By default, DNS lookups are enabled when a web application calls + request.getRemoteHost(). This can have an adverse impact on + performance, so you can disable it by setting the + "enableLookups" attribute to "false". When DNS lookups are disabled, + request.getRemoteHost() will return the String version of the + IP address of the remote client. + --> + + <!-- Define a non-SSL Coyote HTTP/1.1 Connector on port 8080 --> + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8080" minProcessors="5" maxProcessors="75" + enableLookups="true" redirectPort="8444" + acceptCount="100" debug="0" connectionTimeout="20000" + useURIValidationHack="false" disableUploadTimeout="true" /> + <!-- Note : To disable connection timeouts, set connectionTimeout value + to 0 --> + + <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 --> + <!-- + <Connector className="org.apache.coyote.tomcat4.CoyoteConnector" + port="8443" minProcessors="5" maxProcessors="75" + enableLookups="true" + acceptCount="100" debug="0" scheme="https" secure="true" + useURIValidationHack="false" disableUploadTimeout="true"> + <Factory className="org.apache.coyote.tomcat4.CoyoteServerSocketFactory" + clientAuth="false" protocol="TLS" /> + </Connector> + --> + + + <!-- An Engine represents the entry point (within Catalina) that processes + every request. The Engine implementation for Tomcat stand alone + analyzes the HTTP headers included with the request, and passes them + on to the appropriate Host (virtual host). --> + + <!-- Define the top level container in our container hierarchy --> + <Engine name="Standalone" defaultHost="localhost" debug="0"> + + <!-- The request dumper valve dumps useful debugging information about + the request headers and cookies that were received, and the response + headers and cookies that were sent, for all requests received by + this instance of Tomcat. If you care only about requests to a + particular virtual host, or a particular application, nest this + element inside the corresponding <Host> or <Context> entry instead. + + For a similar mechanism that is portable to all Servlet 2.3 + containers, check out the "RequestDumperFilter" Filter in the + example application (the source for this filter may be found in + "$CATALINA_HOME/webapps/examples/WEB-INF/classes/filters"). + + Request dumping is disabled by default. Uncomment the following + element to enable it. --> + <!-- + <Valve className="org.apache.catalina.valves.RequestDumperValve"/> + --> + + <!-- Global logger unless overridden at lower levels --> + <Logger className="org.apache.catalina.logger.FileLogger" + prefix="catalina_log." suffix=".txt" + timestamp="true"/> + + <!-- Because this Realm is here, an instance will be shared globally --> + + <Realm className="org.apache.catalina.realm.MemoryRealm" /> + + <!-- Define the default virtual host --> + <Host name="localhost" debug="0" appBase="webapps" + unpackWARs="true" autoDeploy="true"> + + <!-- Access log processes all requests for this virtual host. By + default, log files are created in the "logs" directory relative to + $CATALINA_HOME. If you wish, you can specify a different + directory with the "directory" attribute. Specify either a relative + (to $CATALINA_HOME) or absolute path to the desired directory. + --> + <Valve className="org.apache.catalina.valves.AccessLogValve" + directory="logs" prefix="localhost_access_log." suffix=".txt" + pattern="common"/> + + <!-- Logger shared by all Contexts related to this virtual host. By + default (when using FileLogger), log files are created in the "logs" + directory relative to $CATALINA_HOME. If you wish, you can specify + a different directory with the "directory" attribute. Specify either a + relative (to $CATALINA_HOME) or absolute path to the desired + directory.--> + <Logger className="org.apache.catalina.logger.FileLogger" + directory="logs" prefix="localhost_log." suffix=".txt" + timestamp="true"/> + + <!-- Define properties for each web application. This is only needed + if you want to set non-default properties, or have web application + document roots in places other than the virtual host's appBase + directory. --> + + <!-- Tomcat Root Context --> + <!-- + <Context path="" docBase="ROOT" debug="0"/> + --> + + </Host> + + </Engine> + + </Service> + +</Server> + diff --git a/spss.slinterface/conf/tomcat/unix/moa-env.sh b/spss.slinterface/conf/tomcat/unix/moa-env.sh new file mode 100644 index 000000000..0e5ca3167 --- /dev/null +++ b/spss.slinterface/conf/tomcat/unix/moa-env.sh @@ -0,0 +1,16 @@ +# MOA SL configuration properties file +MOA_SL_CFG_HOME=$CATALINA_BASE/conf/moa-sl +PARAM_SLCONFIG=-Dat.gv.egovernment.moa.spss.slinterface.PropertiesLocation=$MOA_SL_CFG_HOME/moa-sl.properties + +# MOA SL log4j configuration file +MOA_SL_LOG4J_HOME=$CATALINA_BASE/conf/log4j +PARAM_LOGGING=-Dlog4j.configuration=file:$MOA_SL_LOG4J_HOME/log4j.properties + +# SSL options, if Tomcat should be used for checking client authenticity +# PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks +# PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit +# PARAM_TRUST_STORE_TYPE=-Djavax.net.ssl.trustStoreType=jks + +export CATALINA_OPTS="$PARAM_SLCONFIG $PARAM_LOGGING $ $PARAM_TRUST_STORE $PARAM_TRUST_STORE_PASS $PARAM_TRUST_STORE_TYPE" + +echo CATALINA_OPTS=$CATALINA_OPTS diff --git a/spss.slinterface/conf/tomcat/win32/starttomcat.bat b/spss.slinterface/conf/tomcat/win32/starttomcat.bat new file mode 100644 index 000000000..d792f7777 --- /dev/null +++ b/spss.slinterface/conf/tomcat/win32/starttomcat.bat @@ -0,0 +1,45 @@ +rem ---------------- +rem Java home +rem ---------------- + +rem JDK home directory (no trailing path separator) +set JAVA_HOME=<Java JDK home directory> + +rem Java endorsed directory +rem If not set, the catalina scripts default applies (%CATALINA_HOME%/common/endorsed) +rem set JAVA_ENDORSED_DIRS=<Java endorsed directory> + +rem ---------------- +rem Tomcat config +rem ---------------- + +rem Tomcat 4.1.x home directory (no trailing path separator) +set CATALINA_HOME=<Tomcat home directory> + +rem Tomcat 4.1.x base directory (no trailing path separator) +rem If you do not work with bases, please set base directory to CATALINA_HOME +set CATALINA_BASE=%CATALINA_HOME% + +rem ---------------- +rem MOA SL config +rem ---------------- + +rem MOA SL configuration properties file +set MOA_SL_CFG_HOME=%CATALINA_BASE%\conf\moa-sl +set PARAM_SLCONFIG=-Dat.gv.egovernment.moa.spss.slinterface.PropertiesLocation=%MOA_SL_CFG_HOME%\moa-sl.properties + +rem MOA SL log4j configuration file +set MOA_SL_LOG4J_HOME=%CATALINA_BASE%\conf\log4j +set PARAM_LOGGING=-Dlog4j.configuration=file:%MOA_SL_LOG4J_HOME%\log4j.properties + +rem SSL options, if Tomcat should be used for checking client authenticity +rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks +rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit +rem set PARAM_TRUST_STORE_TYPE=-Djavax.net.ssl.trustStoreType=jks + +rem set PARAMS_SSL=%PARAM_TRUST_STORE% %PARAM_TRUST_STORE_PASS% %PARAM_TRUST_STORE_TYPE% +set PARAMS_MOA=%PARAM_SLCONFIG% %PARAM_LOGGING% +set CATALINA_OPTS=%PARAMS_MOA% %PARAMS_SSL% + +cd %CATALINA_HOME% +bin\catalina.bat run diff --git a/spss.slinterface/conf/tomcat/win32/stoptomcat.bat b/spss.slinterface/conf/tomcat/win32/stoptomcat.bat new file mode 100644 index 000000000..0c33e43ee --- /dev/null +++ b/spss.slinterface/conf/tomcat/win32/stoptomcat.bat @@ -0,0 +1,24 @@ +rem ---------------- +rem Java home +rem ---------------- + +rem JDK home directory (no trailing path separator) +set JAVA_HOME=<Java JDK home directory> + +rem Java endorsed directory +rem If not set, the catalina scripts default applies (%CATALINA_HOME%/common/endorsed) +rem set JAVA_ENDORSED_DIRS=<Java endorsed directory> + +rem ---------------- +rem Tomcat config +rem ---------------- + +rem Tomcat 4.1.x home directory (no trailing path separator) +set CATALINA_HOME=<Tomcat home directory> + +rem Tomcat 4.1.x base directory (no trailing path separator) +rem If you do not work with bases, please set base directory to CATALINA_HOME +set CATALINA_BASE=%CATALINA_HOME% + +cd %CATALINA_HOME% +bin\catalina.bat stop
\ No newline at end of file |