From 5d7f7f3b6fc2fb8f8f72f359b0adb738e851d631 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Mon, 16 Jul 2018 13:12:39 +0200 Subject: update handbook, readme, history, example configuration, ... --- .../htmlTemplates/loginFormFull.html | 66 +- .../conf/moa-id/htmlTemplates/css_template.css | 1005 +++++++------------- .../conf/moa-id/htmlTemplates/loginFormFull.html | 8 +- id/server/data/deploy/conf/moa-id/keys/sl20.jks | Bin 0 -> 7348 bytes id/server/data/deploy/conf/moa-id/log4j.properties | 1 + .../data/deploy/conf/moa-id/logback_config.xml | 74 +- .../data/deploy/conf/moa-id/moa-id.properties | 85 +- .../national_central_eIDAS_node_-_testsystem.crt | 24 + id/server/data/deploy/tomcat/unix/tomcat-start.sh | 5 +- id/server/data/deploy/tomcat/win32/startTomcat.bat | 5 +- 10 files changed, 530 insertions(+), 743 deletions(-) create mode 100644 id/server/data/deploy/conf/moa-id/keys/sl20.jks create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt (limited to 'id/server/data') diff --git a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html index fe9bc2166..62f954ada 100644 --- a/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id-configuration/htmlTemplates/loginFormFull.html @@ -4,7 +4,7 @@ - + @@ -26,8 +26,8 @@
-
+ +
+ HandyBKU + +
+ + +
+ EULogin +
+ + + + +
+
- - - -
-
- HandyBKU - -
- - + + + a href="info_stork.html" target="_blank" class="infobutton">i - + -->

Anscheinend verwenden Sie Internet Explorer im diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css index f95106c5a..fab541751 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css @@ -1,705 +1,394 @@ @charset "utf-8"; - @media screen and (min-width: 650px) { - - body { - margin:0; - padding:0; - color : #000; - background-color : #fff; - text-align: center; - background-color: #6B7B8B; - } - - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU p { - font-size: 0.7em; - } - - #localBKU input{ - font-size: 0.85em; - /*border-radius: 5px;*/ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ - font-size: 0.85em; - /*border-radius: 7px;*/ - margin-bottom: 25px; - min-width: 80px; - } - - #mandateLogin { - font-size: 0.85em; - } - - #bku_header h2 { - font-size: 0.8em; - } - - - #page { - display: block; - border: 2px solid rgb(0,0,0); - width: 650px; - height: 460px; - margin: 0 auto; - margin-top: 5%; - position: relative; - border-radius: 25px; - background: rgb(255,255,255); - } - - #page1 { - text-align: center; - } + body { + margin:0; + padding:0; + color : #000; + background-color : #fff; + text-align: left; + background-color: #E6E6E6; + } + + .browserInfoButton{ + color: rgb(128, 128, 128); + } + + #page { + display: block; + margin: 0 auto; + margin-top: 5%; + position: relative; + background: rgb(255,255,255); + } - #main { - /* clear:both; */ - position:relative; - margin: 0 auto; - /*width: 250px;*/ - text-align: center; - } + #page1 { + padding-top: 1%; + text-align: center; + } - .OA_header { - /* background-color: white;*/ - font-size: 20pt; - margin-bottom: 25px; - margin-top: 25px; - } - #alert_area { - width: 500px; - padding-left: 80px; - } - #leftcontent { - /*float:left; */ - width:250px; - margin-bottom: 25px; - text-align: left; - border: 1px solid rgb(0,0,0); - } - - #selectArea { - font-size: 15px; - padding-bottom: 65px; - } - - #leftcontent { - width: 400px; - /*margin-top: 30px;*/ - margin: auto; - } - - #bku_header { - height: 5%; - padding-bottom: 3px; - padding-top: 3px; - } - - #bkulogin { - overflow:hidden; - min-width: 190px; - min-height: 180px; - /*height: 260px;*/ - } - - h2#tabheader{ - font-size: 1.1em; - padding-left: 2%; - padding-right: 2%; - position: relative; - } - - #stork h2 { - font-size: 1.0em; - margin-bottom: 2%; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 100px; - height: 30px - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 40px; - } - #centerbutton { - width: 30% - float: middle; - } - - - #rightbutton { - width: 30%; - float:right; - margin-right: 40px; - text-align: right; - } - - button { - height: 25px; - width: 75px; - margin-bottom: 10px; - } - - - - #validation { - position: absolute; - bottom: 0px; - margin-left: 270px; - padding-bottom: 10px; - } - - } + #main { + float:left; + width: 100%; + text-align: center; + } + #bkulogin { + min-width: 200px; + min-height: 155px; + margin-bottom: 5%; + } - @media screen and (max-width: 205px) { - #localBKU p { - font-size: 0.6em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.6em; - min-width: 60px; - /* max-width: 65px; */ - min-height: 1.0em; - /* border-radius: 5px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ - font-size: 0.7em; - min-width: 55px; - /*min-height: 1.1em; - border-radius: 5px;*/ - margin-bottom: 2% - } - - #mandateLogin { - font-size: 0.65em; - } - - #bku_header h2 { - font-size: 0.8em; - margin-top: -0.4em; - padding-top: 0.4em; - } - - #bkulogin { - min-height: 150px; - } + .unvisible { + visibility: hidden; } - @media screen and (max-width: 249px) and (min-width: 206px) { - #localBKU p { - font-size: 0.7em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.7em; - min-width: 70px; - /* max-width: 75px; */ - min-height: 0.95em; - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.75em; - min-width: 60px; - /* min-height: 0.95em; - border-radius: 6px; */ - margin-bottom: 5% - } - - #mandateLogin { - font-size: 0.75em; - } - - #bku_header h2 { - font-size: 0.9em; - margin-top: -0.45em; - padding-top: 0.45em; - } - - #bkulogin { - min-height: 180px; - } - } + .OA_header { + /* background-color: white;*/ + font-size: 2.1em; + margin-bottom: 1%; + margin-top: 1%; + } - @media screen and (max-width: 299px) and (min-width: 250px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.85em; - /* min-height: 1.05em; - border-radius: 7px; */ - margin-bottom: 10%; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.0em; - margin-top: -0.50em; - padding-top: 0.50em; - } + #ssoSessionTransferBlock { + font-size: 0.8em; + margin-left: 1%; + margin-bottom: 1%; } - @media screen and (max-width: 399px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 75px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 0.9em; - /* min-height: 1.2em; - border-radius: 8px; */ - margin-bottom: 10%; - max-width: 80px; - } - - #mandateLogin { - font-size: 1em; - } - - #bku_header h2 { - font-size: 1.1em; - margin-top: -0.55em; - padding-top: 0.55em; - } + #processInfoArea { + margin-bottom: 4%; + margin-top: 4%; + } + + #processSelectionArea { + width: 550px; + margin-left: 25px; + margin-top: 35px; + } + + .processSelectionButtonArea { + float: none; + margin-bottom: 5%; + height: 35px; + } + + .processSelectionButton { + background: #ababab; + cursor: pointer; + height: 40px; + width: 200px; + float: right; + } + + .buttonDescription { + float: left; + margin-left: 10px; + padding-bottom: 0.4em; + text-align: left; + width: 60%; + } + + #processContent { + margin-top: 10%; } - - @media screen and (max-width: 649px) and (min-width: 400px) { - #localBKU p { - font-size: 0.9em; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #localBKU input { - font-size: 0.8em; - min-width: 70px; - /* max-width: 80px; */ - /* border-radius: 6px; */ - } - - #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit] { - font-size: 1.0em; - /* min-height: 1.3em; - border-radius: 10px; */ - margin-bottom: 10%; - max-width: 85px; - } - - #mandateLogin { - font-size: 1.2em; - } - - #bku_header h2 { - font-size: 1.3em; - margin-top: -0.65em; - padding-top: 0.65em; - } + + #eIDASSelection { + width: 120px; + margin-right: 5px; } + #bkukarte { + float:left; + width:33%; + text-align:center; + margin-top: 2%; + } - - @media screen and (max-width: 649px) { - - body { - margin:0; - padding:0; - color : #000; - text-align: center; - font-size: 100%; - background-color: $MAIN_BACKGOUNDCOLOR; - } - .browserInfoButton{ - color: rgb(128, 128, 128); - } - #page { - visibility: hidden; - margin-top: 0%; - } - - #page1 { - visibility: hidden; - } - - #main { - visibility: hidden; - } - - #validation { - visibility: hidden; - display: none; - } - - .OA_header { - margin-bottom: 0px; - margin-top: 0px; - font-size: 0pt; - visibility: hidden; - } - - #alert_area { - visibility: visible; - width: 250px; - } - #alert_area > p:first-child { - display: none; - visibility: hidden; - } - - #leftcontent { - visibility: visible; - margin-bottom: 0px; - text-align: left; - border:none; - vertical-align: middle; - min-height: 173px; - min-width: 204px; - } - - #bku_header { - height: 10%; - min-height: 1.2em; - margin-top: 1%; - } - - h2#tabheader{ - padding-left: 2%; - padding-right: 2%; - position: relative; - top: 50%; - } - - #stork h2 { - font-size: 0.9em; - margin-bottom: 2%; - } - - #bkulogin { - min-width: 190px; - min-height: 155px; - } - - .setAssertionButton_full { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - input[type=button],input[type=submit] { -/* height: 11%; */ - width: 70%; - } - } - - * { - margin: 0; - padding: 0; - #if($FONTTYPE) - font-family: $FONTTYPE; - #end - } - - #selectArea { - padding-top: 10px; - padding-bottom: 55px; - padding-left: 10px; - } - - .setAssertionButton { - background: #efefef; - cursor: pointer; - margin-top: 15px; - width: 70px; - height: 25px; - } - - #leftbutton { - width: 30%; - float:left; - margin-left: 15px; - } + #bkuhandy { + float:left; + width:33%; + text-align:center; + margin-top: 2%; + } + + #bkueulogin { + display:block; + float:left; + text-align:center; + width:33%; + margin-top: 2%; + } + + .bkuimage { + width: 60%; + } + input { + cursor: pointer; + } + + #localBKU input { + display: inline-block; + + } - #rightbutton { - width: 30%; - float:right; - margin-right: 25px; - text-align: right; - } + #localBKU input:hover, #localBKU input:focus, #localBKU input:active { + /*text-decoration: underline;*/ + } + + #installJava, #BrowserNOK { + clear:both; + font-size:0.8em; + padding:4px; + } + - #ssoSessionTransferBlock { + #ssoSessionTransferBlock { clear: both; - } - - #stork { - /*margin-bottom: 10px;*/ - /* margin-top: 5px; */ - clear: both; - } + } + + #stork { + clear: both; + } - #mandateLogin { - padding-bottom: 4%; - padding-top: 4%; - height: 10%; + #mandateLogin { + padding-bottom: 2%; + padding-top: 2%; position: relative; text-align: left; } - .verticalcenter { + .verticalcenter { vertical-align: middle; } .mandate{ float: left; - margin-left: 4%; + margin-left: 2%; + font-size: 1.3em; } - #mandateLogin div { + #mandateLogin div { clear: both; margin-top: -1%; position: relative; top: 50%; - } - - #bkuselectionarea { - position: relative; - display: block; - } - - #localBKU { + } + + #localBKU { padding-bottom: 4%; /*padding-top: 4%;*/ position: relative; clear: both; text-align: center; - } - - #bkukarte { - float:left; - text-align:center; - width:33%; - min-height: 90px; - - padding-top: 2%; - } - - #bkuhandy { - float:left; - text-align:center; - width:33%; - min-height: 90px; + } + + #selectArea { + float:left; + width:90%; + padding-left: 4% + } - padding-top: 2%; - } - #bkueulogin { - float:left; - text-align:center; - width:33%; - min-height: 90px; - padding-top: 2%; - - } - - .bkuimage { - width: 55%; - height: auto; - margin-bottom: 10%; - } - - #mandate{ - text-align:left; - padding : 5px 5px 5px 5px; - } - -/* input[type=button], .sendButton { - background: $BUTTON_BACKGROUNDCOLOR; - color: $BUTTON_COLOR; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: 3px 3px 3px #222222; */ -/* } + .setAssertionButton { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 70px; + height: 25px; + } + #leftcontent { + width: 70%; + margin-bottom: 4%; + text-align: left; + border: 1px solid rgb(0,0,0); + margin:auto; + } + .hell { + background-color : $MAIN_BACKGOUNDCOLOR; + color: $MAIN_COLOR; + } -/* button:hover, button:focus, button:active, - .sendButton:hover , .sendButton:focus, .sendButton:active, - #mandateCheckBox:hover, #mandateCheckBox:focus, #mandateCheckBox:active { - background: $BUTTON_BACKGROUNDCOLOR_FOCUS; - color: $BUTTON_COLOR; -/* border:1px solid #000; */ -/* cursor: pointer; -/* box-shadow: -1px -1px 3px #222222; */ -/* } - -*/ - input { - /*border:1px solid #000;*/ - cursor: pointer; - } - - #localBKU input { -/* color: $BUTTON_COLOR; */ - /*border: 0px;*/ - display: inline-block; + .dunkel { + background-color: $HEADER_BACKGROUNDCOLOR; + color: $HEADER_COLOR; + } + h2#tabheader{ + font-size: 2.0em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + +@media screen and (min-width: 650px) { + + #page { + width: 650px; + height: 460px; + } + #localBKU p { + font-size: 0.7em; + } + + #localBKU input{ + font-size: 0.85em; + /*border-radius: 5px;*/ + } + + #bkuselectionarea input[type=button],#bkuselectionarea input[type=submit]{ + font-size: 0.85em; + } + + #mandateLogin { + font-size: 0.85em; + } + + #bku_header h2 { + font-size: 0.8em; + } + + #alert_area { + width: 500px; + padding-left: 80px; + } + + #selectArea { + font-size: 15px; + padding-bottom: 65px; } - #localBKU input:hover, #localBKU input:focus, #localBKU input:active { - /*text-decoration: underline;*/ - } - - #installJava, #BrowserNOK { - clear:both; - font-size:0.8em; - padding:4px; - } - - .selectText{ - - } - + #bku_header { + height: 5%; + padding-bottom: 2%; + padding-top: 2%; + } + + h2#tabheader{ + font-size: 1.1em; + padding-left: 2%; + padding-right: 2%; + position: relative; + } + + #stork h2 { + font-size: 1.0em; + margin-bottom: 2%; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; + margin-top: 15px; + width: 100px; + height: 30px + } + + button { + height: 25px; + width: 75px; + margin-bottom: 4%; + } + + #validation { + position: absolute; + bottom: 0px; + margin-left: 270px; + padding-bottom: 10px; + } +} - .selectTextHeader{ - - } - - .sendButton { - width: 30%; - margin-bottom: 1%; - } - - #leftcontent a { - text-decoration:none; - color: #000; - /* display:block;*/ - padding:4px; - } - - #leftcontent a:hover, #leftcontent a:focus, #leftcontent a:active { - text-decoration:underline; - color: #000; - } - - .infobutton { - background-color: #005a00; - color: white; - font-family: serif; - text-decoration: none; - padding-top: 2px; - padding-right: 4px; - padding-bottom: 2px; - padding-left: 4px; - font-weight: bold; - } - - .hell { - background-color : $MAIN_BACKGOUNDCOLOR; - color: $MAIN_COLOR; - } - - .dunkel { - background-color: $HEADER_BACKGROUNDCOLOR; - color: $HEADER_COLOR; - } - - .main_header { - color: black; - font-size: 32pt; - position: absolute; - right: 10%; - top: 40px; + + +@media screen and (max-width: 649px) { - } + body { + background-color:#fff; + } + + #page { + visibility: hidden; + margin-top: 0%; + } + + #page1 { + visibility: hidden; + } + + #main { + visibility: hidden; + } + + #validation { + visibility: hidden; + display: none; + } + + .OA_header { + margin-bottom: 0%; + margin-top: 0%; + font-size: 0pt; + visibility: hidden; + } + + #alert_area { + visibility: visible; + width: 250px; + } + + #alert_area > p:first-child { + display: none; + visibility: hidden; + } + + .mandate{ + font-size: 1.0em; + } + + #leftcontent { + float: left; + width:auto; + border:none; + visibility:visible; + margin-bottom: 2%; + } + .bkuimage { - #ssoSessionTransferBlock { - font-size: 0.8em; - margin-left: 5px; - margin-bottom: 5px; - } - #processInfoArea { - margin-bottom: 15px; + + } + + #bkukarte { + box-sizing: border-box; + } + + #bkuhandy { + box-sizing: border-box; + } + + #bkueulogin { + box-sizing: border-box; + } + + #bku_header { + height: 10%; + min-height: 1.2em; + margin-top: 1%; + } + + h2#tabheader{ + padding-left: 2%; + padding-right: 2%; + font-size: 1.5em; + position: relative; + } + + .setAssertionButton_full { + background: #efefef; + cursor: pointer; margin-top: 15px; - } - #processSelectionArea { - width: 550px; - margin-left: 25px; - margin-top: 35px; - } - .processSelectionButtonArea { - float: none; - margin-bottom: 20px; - height: 35px; - } - .processSelectionButton { - background: #ababab; - cursor: pointer; - height: 30px; - width: 200px; - float: right; - border-style: solid; - border-bottom-width: 2px; - border-right-width: 2px; - border-left-width: 1px; - border-top-width: 1px; - border-color: #000000; - } - .buttonDescription { - float: left; - margin-left: 10px; - padding-top: 4px; - text-align: left; - width: 330px; - } - #processContent { - margin-top: 25px; - } - #eIDASButton { - /*color:#FFF;*/ - } - #eIDASSelection { - width: 120px; - margin-right: 5px; - } - .unvisible { - display: none; - } \ No newline at end of file + width: 70px; + height: 25px; + } + + input[type=button],input[type=submit] { + width: 70%; + } +} \ No newline at end of file diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html index 01249537f..62f954ada 100644 --- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html +++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html @@ -63,7 +63,7 @@

-
+
EULogin
@@ -72,6 +72,7 @@
+ - - - - + - - - - + ${catalina.base}/logs/moa-id.log - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n 1 @@ -25,14 +22,25 @@ 10000KB - - + + + ${catalina.base}/logs/moa-spss.log + + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n + + + 1 + ${catalina.base}/logs/moa-spss.log.%i + + + 10000KB + ${catalina.base}/logs/moa-id-webgui.log - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n 1 @@ -42,30 +50,56 @@ 10000KB + + + ${catalina.base}/moa-id-reversion.log + + %5p | %d{ISO8601} | %t | %m%n + + + 9999 + ${catalina.base}/moa-id-reversion.log.%i + + + 10000KB + + - %5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n + %5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n - - - - + + + + + + + + - + - - + - + + + - - - + + + + + + + + + + diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties index 1db01ba9b..614696628 100644 --- a/id/server/data/deploy/conf/moa-id/moa-id.properties +++ b/id/server/data/deploy/conf/moa-id/moa-id.properties @@ -27,11 +27,27 @@ configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/moni #MOA-ID 3.x Advanced Logging configuration.advancedlogging.active=false -#Online mandates webservice (MIS) +######################## Externe Services ############################################ + +######## Online mandates webservice (MIS) ######## service.onlinemandates.acceptedServerCertificates= service.onlinemandates.clientKeyStore=keys/.... service.onlinemandates.clientKeyStorePassword= +######## central eIDAS-node connector module ########## +modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 +modules.eidascentralauth.keystore.password=password +modules.eidascentralauth.metadata.sign.alias=pvp_metadata +modules.eidascentralauth.metadata.sign.password=password +modules.eidascentralauth.request.sign.alias=pvp_assertion +modules.eidascentralauth.request.sign.password=password +modules.eidascentralauth.response.encryption.alias=pvp_assertion +modules.eidascentralauth.response.encryption.password=password +modules.eidascentralauth.node.trustprofileID=centralnode_metadata + + +######################## Protokolle am IDP ############################################ + ##Protocol configuration## #PVP2 protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 @@ -51,29 +67,9 @@ protocols.oauth20.jwt.ks.key.name=oauth protocols.oauth20.jwt.ks.key.password=password - -######## central eIDAS-node connector module ########## -modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12 -modules.eidascentralauth.keystore.password=password -modules.eidascentralauth.metadata.sign.alias=pvp_metadata -modules.eidascentralauth.metadata.sign.password=password -modules.eidascentralauth.request.sign.alias=pvp_assertion -modules.eidascentralauth.request.sign.password=password -modules.eidascentralauth.response.encryption.alias=pvp_assertion -modules.eidascentralauth.response.encryption.password=password - -modules.eidascentralauth.node.trustprofileID=centralnode_metadata - -########################################################## - - - - - -##Database configuration## +######################## Datenbankkonfiguration ############################################ configuration.database.byteBasedValues=false - #Hibnerate configuration for MOA-ID 3.x session store moasession.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8&serverTimezone=UTC @@ -154,11 +150,38 @@ advancedlogging.dbcp.testWhileIdle=false advancedlogging.dbcp.validationQuery=select 1 -################ Additonal eID-modul configuration #################################### -## This additional eID moduls add special functionality to MOA-ID-Auth. -## The configuration of this modules is only needed if this modules are in use. -######## -### eIDAS protocol configuration ### +################ Additonal eID-modul configuration ################################ +## This additional eID moduls add special functionality to MOA-ID-Auth. # +## The configuration of this modules is only needed if this modules are in use. # +################################################################################### + +######## SL2.0 authentication module ######## +modules.sl20.vda.urls.qualeID.endpoint.default=https://www.handy-signatur.at/securitylayer2 +modules.sl20.vda.urls.qualeID.endpoint.1=https://hs-abnahme.a-trust.at/securitylayer2 +modules.sl20.vda.urls.qualeID.endpoint.2=https://test1.a-trust.at/securitylayer2 +modules.sl20.security.keystore.path=keys/sl20.jks +modules.sl20.security.keystore.password=password +modules.sl20.security.sign.alias=signing +modules.sl20.security.sign.password=password +modules.sl20.security.encryption.alias=encryption +modules.sl20.security.encryption.password=password +modules.sl20.vda.authblock.id=default +modules.sl20.vda.authblock.transformation.id=SL20Authblock_v1.0,SL20Authblock_v1.0_SIC +modules.sl20.security.eID.validation.disable=false +modules.sl20.security.eID.signed.result.required=true +modules.sl20.security.eID.encryption.enabled=true +modules.sl20.security.eID.encryption.required=true + +######## user-restriction ########## +configuration.restrictions.sp.entityIds= +configuration.restrictions.sp.users.url= +configuration.restrictions.sp.users.sector= + +####### Direkte Fremd-bPK Berechnung ######## +configuration.foreignsectors.pubkey.xxxxTargetxxx= xxx BASE64-Cert xxx + +######## eIDAS protocol configuration ######## +######## This is ONLY required, if MOA-ID operates as an eIDAS node!!! ######## moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml @@ -167,7 +190,7 @@ moa.id.protocols.eIDAS.node.country=Austria moa.id.protocols.eIDAS.node.countrycode=AT moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high -### HBV Mandate-Service client module ### +######## HBV Mandate-Service client module ######## modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH modules.elga_mandate.service.metadata.trustprofileID= modules.elga_mandate.service.mandateprofiles= @@ -180,7 +203,7 @@ modules.elga_mandate.request.sign.password=password modules.elga_mandate.response.encryption.alias=pvp_assertion modules.elga_mandate.response.encryption.password=password -### SSO Interfederation client module ### +######## SSO Interfederation client module ######## modules.federatedAuth.keystore.path=keys/moa_idp[password].p12 modules.federatedAuth.keystore.password=password modules.federatedAuth.metadata.sign.alias=pvp_metadata @@ -190,8 +213,8 @@ modules.federatedAuth.request.sign.password=password modules.federatedAuth.response.encryption.alias=pvp_assertion modules.federatedAuth.response.encryption.password=password -#Redis Settings, if Redis is used as a backend for session data. -#has to be enabled with the following parameter +######## Redis Settings, if Redis is used as a backend for session data. +# has to be enabled with the following parameter #redis.active=true redis.use-pool=true redis.host-name=localhost diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt new file mode 100644 index 000000000..2babcef6a --- /dev/null +++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/centralnode_metadata/national_central_eIDAS_node_-_testsystem.crt @@ -0,0 +1,24 @@ +-----BEGIN CERTIFICATE----- +MIIEFTCCAn0CBFtIcMwwDQYJKoZIhvcNAQELBQAwTzELMAkGA1UEBhMCQVQxDTAL +BgNVBAoMBEVHSVoxMTAvBgNVBAMMKG5hdGlvbmFsIGNlbnRyYWwgZUlEQVMgbm9k +ZSAtIHRlc3RzeXN0ZW0wHhcNMTgwNzEzMDkyODQ0WhcNMjEwNDA3MDkyODQ0WjBP +MQswCQYDVQQGEwJBVDENMAsGA1UECgwERUdJWjExMC8GA1UEAwwobmF0aW9uYWwg +Y2VudHJhbCBlSURBUyBub2RlIC0gdGVzdHN5c3RlbTCCAaIwDQYJKoZIhvcNAQEB +BQADggGPADCCAYoCggGBALK4bdf5OremKkj0+xCjU0eN7RUd1A2VqoGnvFUst7xj +LQ1PspHiDf9Pm2cwOIJabSnuZ01hYAGz9X+lU3Z3fwhVc+tEsuzsaAml/LPw3i3+ +ppoSTJDMiDvhCoUKTzJ8HBQj2gTvXNlqPljyGneuCJ+uBMr7Okq/XjMTJj2xzvut +rHS3qIO+/w+OkY967QLVRXh0bdFqYqnyAnlYcWJPIwjanOJtE2difPYqers7ZW1F +9djP0+IZRoyaook5rpLYvuQTHuvulgIE3zGlTuOx3sk8zMyInMndqi75Eh+ROnnd +SZE7gN3u5CfFpuO5pxFa2jj1h/AnR39Tg8/sU+Se+AwHrNvee3IWhxk5LkelYevf +eCQos7Dv2ASE9XMCCs7FoE47w8fDalECh09MFKDiotpklbq3OrPg9NQ4D//k0GXl +W5jYUKP/Wq/+suAI6mfhSnNkjOGMcMlzNTmwxGD/v7Py6OVA+YcJQsqYalLrqbvT +2tXVmYBVO3oqafg+kfevfwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBgQCioM8k0EEB +FtY4QyxOYFufPDLw9PNPct01ltnTVjNEEt/L6/8zYlDwrDeULEkJS7mV9zV3657N +PQ5IPT/Ib93Uk/RPi0iOA2CGWIMaDQIODN3BUYr+zPUqhbKS6OWOhTgV8GiRCUbx +rT1uc1AiacP63pga3TJX8k8WFnfW+Dqm2MfWWlxr4X2YB9VUW55X5sBNy035jYhE +pp8NCK/fTAhoEQNCG+rm3T9qhT6YyOnbW2kXU747+ZwXT2qA5o4ya/9+6dDc+LUl +HCEm4X7c6bcGvCfNezB4k56FzbAJlOLf2VDGzvEQBf0hsB+kElezm1VBlEkZ4Mjz +pBpHBMoR21SwTpcvrbR4ig0Bk1eEHNK44sw0F32K5yww3gnJftMIZtPhjhk8UdG2 +/H6vs9s/to2Vj4V6wN4o79RTULoQ8RjL6MPWEWzwOvOZXJAo2XJEECvDivSjIJvN +C0lfrK3zI3LH3c1JR6q2EfeCZ50wTJMFoChSaqunJQXKo81g6wNhP00= +-----END CERTIFICATE----- diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh index 9e292540a..d717ecd25 100644 --- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh +++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh @@ -4,6 +4,9 @@ export JAVA_HOME= export CATALINA_HOME= export CATALINA_BASE=$CATALINA_HOME +FILE_ENCODING=-Dfile.encoding=UTF-8 +RAND_FILE=-Djava.security.egd=file:///dev/urandom + LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml @@ -21,7 +24,7 @@ PROXY_OPT=-Dmoa.id.proxy.configuration=$CATALINA_BASE/conf/moa-id-proxy/MOAIDCon #TRUST_STORE_PASS_OPT=-Djavax.net.ssl.trustStorePassword=changeit #TRUST_STORE_TYPE_OPT=-Djavax.net.ssl.trustStoreType=jks -export CATALINA_OPTS="$CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m" +export CATALINA_OPTS="$FILE_ENCODING $RAND_FILE $CONFIG_OPT $LOGGING_OPT $LOGGING_LOGBACK_OPT $SPSS_OPT $TRUST_STORE_OPT $TRUST_STORE_PASS_OPT $TRUST_STORE_TYPE_OPT $CONFIGTOOL_OPT $CONFIGTOOL_USER_OPT $DEMOOA_OPT $STORK_OPT $PROXY_OPT -Xms512m -Xmx1536m -XX:PermSize=256m" echo CATALINA_HOME: $CATALINA_HOME echo CATALINA_BASE: $CATALINA_BASE diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat index 325ae1f20..afdd907c8 100644 --- a/id/server/data/deploy/tomcat/win32/startTomcat.bat +++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat @@ -9,6 +9,9 @@ set CATALINA_HOME= rem ---------------------------------------------------------------------------------------------- +set FILE_ENCODING=-Dfile.encoding=UTF-8 +set RAND_FILE=-Djava.security.egd=file:///dev/urandom + set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml @@ -20,7 +23,7 @@ set DEMOOA_OPT=-Dmoa.id.demoOA=%CATALINA_HOME%/conf/moa-id-oa/oa.properties set STORK_OPT=-Deu.stork.samlengine.config.location=%CATALINA_HOME%/conf/moa-id/stork/ set PROXY_OPT=-Dmoa.id.proxy.configuration=%CATALINA_HOME%/conf/moa-id-proxy/MOAIDConfiguration.xml -set PARAMS_MOA=%CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m +set PARAMS_MOA=%FILE_ENCODING %RAND_FILE %CONFIG_OPT_SPSS% %CONFIG_OPT_ID% %LOGGING_OPT% %LOGGING_LOGBACK_OPT% %CONFIGTOOL_OPT% %CONFIGTOOL_USER_OPT% %DEMOOA_OPT% %STORK_OPT% %PROXY_OPT% -Xms512m -Xmx1536m -XX:PermSize=256m rem set PARAM_TRUST_STORE=-Djavax.net.ssl.trustStore=truststore.jks rem set PARAM_TRUST_STORE_PASS=-Djavax.net.ssl.trustStorePassword=changeit -- cgit v1.2.3