********
*
*$PATH_TO_CONFIG$ muss durch den eigentlichen Pfad ersetzt werden!
*
******


##General MOA-ID 3.x Configuration

##For Testing
configuration.validation.certificate.QC.ignore=false
protocols.pvp2.assertion.encryption.active=false
protocols.pvp2.schemavalidation=true

##General MOA-ID 3.x operations
#MOA-ID 3.x session information encryption key (PassPhrase)
configuration.moasession.key=SessionEncryptionKey
configuration.moaconfig.key=ConfigurationEncryptionKey
configuration.ssl.validation.revocation.method.order=ocsp,crl
#configuration.ssl.validation.hostname=false
#configuration.validate.authblock.targetfriendlyname=true<


#MOA-ID 3.x Monitoring Servlet
configuration.monitoring.active=false
configuration.monitoring.message.success=All Tests passed!
configuration.monitoring.test.identitylink.url=$PATH_TO_CONFIG$/conf/moa-id/monitoring/monitoring_idl.xml

#MOA-ID 3.x Advanced Logging
configuration.advancedlogging.active=false

######################## Externe Services ############################################

######## Online mandates webservice (MIS) ######## 
service.onlinemandates.acceptedServerCertificates=
service.onlinemandates.clientKeyStore=keys/....
service.onlinemandates.clientKeyStorePassword=

######## central eIDAS-node connector module ##########
modules.eidascentralauth.keystore.path=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
modules.eidascentralauth.keystore.password=password
modules.eidascentralauth.metadata.sign.alias=pvp_metadata
modules.eidascentralauth.metadata.sign.password=password
modules.eidascentralauth.request.sign.alias=pvp_assertion 
modules.eidascentralauth.request.sign.password=password
modules.eidascentralauth.response.encryption.alias=pvp_assertion 
modules.eidascentralauth.response.encryption.password=password 
modules.eidascentralauth.node.trustprofileID=centralnode_metadata


######################## Protokolle am IDP ############################################

##Protocol configuration##
#PVP2
protocols.pvp2.idp.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
protocols.pvp2.idp.ks.kspassword=password
protocols.pvp2.idp.ks.metadata.alias=pvp_metadata
protocols.pvp2.idp.ks.metadata.keypassword=password
protocols.pvp2.idp.ks.assertion.sign.alias=pvp_assertion
protocols.pvp2.idp.ks.assertion.sign.keypassword=password
protocols.pvp2.idp.ks.assertion.encryption.alias=pvp_assertion
protocols.pvp2.idp.ks.assertion.encryption.keypassword=password
protocols.pvp2.metadata.entitycategories.active=false

#OpenID connect (OAuth)
protocols.oauth20.jwt.ks.file=file:$PATH_TO_CONFIG$/conf/moa-id/keys/moa_idp[password].p12
protocols.oauth20.jwt.ks.password=password
protocols.oauth20.jwt.ks.key.name=oauth
protocols.oauth20.jwt.ks.key.password=password


######################## Datenbankkonfiguration ############################################
configuration.database.byteBasedValues=false

#Hibnerate configuration for MOA-ID 3.x session store 
moasession.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
moasession.hibernate.connection.url=jdbc:mysql://localhost/moa-id-session?charSet=utf-8&serverTimezone=UTC
moasession.hibernate.connection.charSet=utf-8
moasession.hibernate.connection.driver_class=com.mysql.cj.jdbc.Driver
moasession.hibernate.connection.username=
moasession.hibernate.connection.password=

moasession.hibernate.hbm2ddl.auto=update
moasession.hibernate.current_session_context_class=thread
moasession.hibernate.transaction.flush_before_completion=true
moasession.hibernate.transaction.auto_close_session=true
moasession.hibernate.show_sql=false
moasession.hibernate.format_sql=true

moasession.jpaVendorAdapter.generateDdl=true
moasession.dbcp.connectionProperties=
moasession.dbcp.initialSize=5
moasession.dbcp.maxActive=100
moasession.dbcp.maxIdle=8
moasession.dbcp.minIdle=5
moasession.dbcp.maxWaitMillis=-1
moasession.dbcp.testOnBorrow=true
moasession.dbcp.testOnReturn=false
moasession.dbcp.testWhileIdle=false
moasession.dbcp.validationQuery=select 1



#Hibnerate configuration for MOA-ID 3.x configuration
configuration.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
configuration.jpaVendorAdapter.generateDdl=true
configuration.hibernate.show_sql=false

configuration.hibernate.connection.url=jdbc:mysql://localhost/moa-id-config?charSet=utf-8&autoReconnect=true&serverTimezone=UTC
configuration.hibernate.connection.charSet=utf-8
configuration.hibernate.connection.driver_class=com.mysql.cj.jdbc.Driver
configuration.hibernate.connection.username=
configuration.hibernate.connection.password=
configuration.dbcp.connectionProperties=

configuration.dbcp.initialSize=0
configuration.dbcp.maxActive=100
configuration.dbcp.maxIdle=8
configuration.dbcp.minIdle=0
configuration.dbcp.maxWaitMillis=-1
configuration.dbcp.testOnBorrow=true
configuration.dbcp.testOnReturn=false
configuration.dbcp.testWhileIdle=false
configuration.dbcp.validationQuery=SELECT 1

#
#Hibnerate configuration for MOA-ID 3.x advanced statistic logging
advancedlogging.hibernate.dialect=org.hibernate.dialect.MySQL5Dialect
advancedlogging.hibernate.connection.url=jdbc:mysql://localhost/moa-id-statistic?charSet=utf-8&autoReconnect=true&serverTimezone=UTC
advancedlogging.hibernate.connection.charSet=utf-8
advancedlogging.hibernate.connection.driver_class=com.mysql.cj.jdbc.Driver
advancedlogging.hibernate.connection.username=
advancedlogging.hibernate.connection.password=

advancedlogging.hibernate.hbm2ddl.auto=update
advancedlogging.hibernate.current_session_context_class=thread
advancedlogging.hibernate.transaction.auto_close_session=true
advancedlogging.hibernate.show_sql=false
advancedlogging.hibernate.format_sql=true
advancedlogging.hibernate.transaction.flush_before_completion=true

advancedlogging.jpaVendorAdapter.generateDdl=true
advancedlogging.dbcp.connectionProperties=
advancedlogging.dbcp.initialSize=3
advancedlogging.dbcp.maxActive=50
advancedlogging.dbcp.maxIdle=8
advancedlogging.dbcp.minIdle=3
advancedlogging.dbcp.maxWaitMillis=-1
advancedlogging.dbcp.testOnBorrow=true
advancedlogging.dbcp.testOnReturn=false
advancedlogging.dbcp.testWhileIdle=false
advancedlogging.dbcp.validationQuery=select 1


################ Additonal eID-modul configuration ################################
##  This additional eID moduls add special functionality to MOA-ID-Auth.          #
##  The configuration of this modules is only needed if this modules are in use.  #
###################################################################################

######## SL2.0 authentication module ######## 
modules.sl20.vda.urls.qualeID.endpoint.default=https://www.handy-signatur.at/securitylayer2
modules.sl20.vda.urls.qualeID.endpoint.1=https://hs-abnahme.a-trust.at/securitylayer2
modules.sl20.vda.urls.qualeID.endpoint.2=https://test1.a-trust.at/securitylayer2
modules.sl20.security.keystore.path=keys/sl20.jks
modules.sl20.security.keystore.password=password
modules.sl20.security.sign.alias=signing
modules.sl20.security.sign.password=password
modules.sl20.security.encryption.alias=encryption
modules.sl20.security.encryption.password=password
modules.sl20.vda.authblock.id=default
modules.sl20.vda.authblock.transformation.id=SL20Authblock_v1.0,SL20Authblock_v1.0_SIC
modules.sl20.security.eID.validation.disable=false
modules.sl20.security.eID.signed.result.required=true
modules.sl20.security.eID.encryption.enabled=true
modules.sl20.security.eID.encryption.required=true

######## user-restriction ##########
configuration.restrictions.sp.entityIds=
configuration.restrictions.sp.users.url=
configuration.restrictions.sp.users.sector=

####### Direkte Fremd-bPK Berechnung ######## 
configuration.foreignsectors.pubkey.xxxxTargetxxx= xxx BASE64-Cert xxx

######## eIDAS protocol configuration ########
######## This is ONLY required, if MOA-ID operates as an eIDAS node!!! ########
moa.id.protocols.eIDAS.samlengine.config.file=eIDAS/SamlEngine_basics.xml
moa.id.protocols.eIDAS.samlengine.sign.config.file=eIDAS/SignModule.xml
moa.id.protocols.eIDAS.samlengine.enc.config.file=eIDAS/EncryptModule.xml
moa.id.protocols.eIDAS.metadata.validation.truststore=eIDAS_metadata
moa.id.protocols.eIDAS.node.country=Austria
moa.id.protocols.eIDAS.node.countrycode=AT
moa.id.protocols.eIDAS.node.LoA=http://eidas.europa.eu/LoA/high

######## HBV Mandate-Service client module ########
modules.elga_mandate.nameID.target=urn:publicid:gv.at:cdid+GH
modules.elga_mandate.service.metadata.trustprofileID=
modules.elga_mandate.service.mandateprofiles=
modules.elga_mandate.keystore.path=keys/moa_idp[password].p12
modules.elga_mandate.keystore.password=password
modules.elga_mandate.metadata.sign.alias=pvp_metadata
modules.elga_mandate.metadata.sign.password=password
modules.elga_mandate.request.sign.alias=pvp_assertion
modules.elga_mandate.request.sign.password=password
modules.elga_mandate.response.encryption.alias=pvp_assertion
modules.elga_mandate.response.encryption.password=password

######## SSO Interfederation client module ########
modules.federatedAuth.keystore.path=keys/moa_idp[password].p12
modules.federatedAuth.keystore.password=password
modules.federatedAuth.metadata.sign.alias=pvp_metadata
modules.federatedAuth.metadata.sign.password=password
modules.federatedAuth.request.sign.alias=pvp_assertion
modules.federatedAuth.request.sign.password=password
modules.federatedAuth.response.encryption.alias=pvp_assertion
modules.federatedAuth.response.encryption.password=password

######## Redis Settings, if Redis is used as a backend for session data.
#        has to be enabled with the following parameter
#redis.active=true
redis.use-pool=true
redis.host-name=localhost
redis.port=6379

################SZR Client configuration####################################
##  The SZR client is only required if MOA-ID-Auth should be 
##  use as STORK <-> PVP Gateway. 
########
service.egovutil.szr.test=true
service.egovutil.szr.test.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR
service.egovutil.szr.prod.url=https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR
service.egovutil.szr.token.version=1.8
service.egovutil.szr.token.participantid=
service.egovutil.szr.token.gvoudomain=
service.egovutil.szr.token.userid=
service.egovutil.szr.token.cn=
service.egovutil.szr.token.gvouid=
service.egovutil.szr.token.ou=
service.egovutil.szr.token.gvsecclass=
service.egovutil.szr.token.gvfunction=
service.egovutil.szr.token.gvgid=
service.egovutil.szr.roles=
service.egovutil.szr.ssl.keystore.file=
service.egovutil.szr.ssl.keystore.password=
service.egovutil.szr.ssl.keystore.type=
service.egovutil.szr.ssl.truststore.file=
service.egovutil.szr.ssl.truststore.password=
service.egovutil.szr.ssl.truststore.type=
service.egovutil.szr.ssl.trustall=false
service.egovutil.szr.ssl.laxhostnameverification=false