<?xml version="1.0" encoding="UTF-8"?> <!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'> <web-app> <display-name>MOA ID Auth</display-name> <description>MOA ID Authentication Service</description> <servlet> <servlet-name>SelectBKU</servlet-name> <display-name>SelectBKU</display-name> <description>Select Bürgerkartenartenumgebung</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.SelectBKUServlet</servlet-class> </servlet> <servlet> <servlet-name>StartAuthentication</servlet-name> <display-name>StartAuthentication</display-name> <description>Start authentication process</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet</servlet-class> <load-on-startup>0</load-on-startup> </servlet> <servlet> <servlet-name>VerifyIdentityLink</servlet-name> <display-name>VerifyIdentityLink</display-name> <description>Verify identity link coming from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet</servlet-class> </servlet> <servlet> <servlet-name>VerifyCertificate</servlet-name> <display-name>VerifyCertificate</display-name> <description>Verify the certificate coming from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyCertificateServlet</servlet-class> </servlet> <servlet> <servlet-name>GetMISSessionID</servlet-name> <display-name>GetMISSessionID</display-name> <description>Get the MIS session ID coming from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetMISSessionIDServlet</servlet-class> </servlet> <servlet> <servlet-name>GetForeignID</servlet-name> <display-name>GetForeignID</display-name> <description>Gets the foreign eID from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.GetForeignIDServlet</servlet-class> </servlet> <servlet> <servlet-name>ProcessInput</servlet-name> <display-name>ProcessInput</display-name> <description>Process user input needed by infobox validators</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet</servlet-class> </servlet> <servlet> <servlet-name>VerifyAuthBlock</servlet-name> <display-name>VerifyAuthBlock</display-name> <description>Verify AUTH block coming from security layer</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet</servlet-class> </servlet> <servlet> <servlet-name>ConfigurationUpdate</servlet-name> <display-name>ConfigurationUpdate</display-name> <description>Update MOA-ID Auth configuration from the configuration file</description> <servlet-class>at.gv.egovernment.moa.id.auth.servlet.ConfigurationServlet</servlet-class> </servlet> <servlet> <servlet-name>AxisServlet</servlet-name> <display-name>Apache-Axis Servlet</display-name> <servlet-class>org.apache.axis.transport.http.AxisServlet</servlet-class> </servlet> <!-- JSP servlet --> <servlet> <servlet-name>jspservlet</servlet-name> <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class> </servlet> <servlet> <servlet-name>PEPSConnectorServlet</servlet-name> <display-name>PEPSConnectorServlet</display-name> <description>Servlet receiving STORK SAML Response Messages from different C-PEPS</description> <servlet-class> at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet</servlet-class> </servlet> <!-- servlet mapping for jsp pages --> <!-- errorpage.jsp (customizeable) --> <servlet-mapping> <servlet-name>jspservlet</servlet-name> <url-pattern>/errorpage-auth.jsp</url-pattern> </servlet-mapping> <!-- message.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) --> <servlet-mapping> <servlet-name>jspservlet</servlet-name> <url-pattern>/message-auth.jsp</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>SelectBKU</servlet-name> <url-pattern>/SelectBKU</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>StartAuthentication</servlet-name> <url-pattern>/StartAuthentication</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>VerifyIdentityLink</servlet-name> <url-pattern>/VerifyIdentityLink</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>VerifyCertificate</servlet-name> <url-pattern>/VerifyCertificate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>GetMISSessionID</servlet-name> <url-pattern>/GetMISSessionID</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>GetForeignID</servlet-name> <url-pattern>/GetForeignID</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>ProcessInput</servlet-name> <url-pattern>/ProcessInput</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>VerifyAuthBlock</servlet-name> <url-pattern>/VerifyAuthBlock</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>ConfigurationUpdate</servlet-name> <url-pattern>/ConfigurationUpdate</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>AxisServlet</servlet-name> <url-pattern>/services/*</url-pattern> </servlet-mapping> <servlet-mapping> <servlet-name>PEPSConnectorServlet</servlet-name> <url-pattern>/PEPSConnector</url-pattern> </servlet-mapping> <session-config> <session-timeout>5</session-timeout> </session-config> <error-page> <error-code>500</error-code> <location>/errorpage.jsp</location> </error-page> <security-constraint> <web-resource-collection> <web-resource-name>ConfigurationUpdate</web-resource-name> <url-pattern>/ConfigurationUpdate</url-pattern> </web-resource-collection> <auth-constraint> <role-name>moa-admin</role-name> </auth-constraint> </security-constraint> <login-config> <auth-method>BASIC</auth-method> <realm-name>UserDatabase</realm-name> </login-config> <security-role> <description> The role that is required to log in to the moa Application </description> <role-name>moa-admin</role-name> </security-role> </web-app>