/* * Copyright 2003 Federal Chancellery Austria * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. * You may obtain a copy of the License at * * http://www.apache.org/licenses/LICENSE-2.0 * * Unless required by applicable law or agreed to in writing, software * distributed under the License is distributed on an "AS IS" BASIS, * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. * See the License for the specific language governing permissions and * limitations under the License. */ package at.gv.egovernment.moa.id.auth; import iaik.asn1.ObjectID; /** * Constants used throughout moa-id-auth component. * * @author Paul Ivancsics * @version $Id$ */ public interface MOAIDAuthConstants { /** servlet parameter "Target" */ public static final String PARAM_TARGET = "Target"; /** servlet parameter "OA" */ public static final String PARAM_OA = "OA"; /** servlet parameter "bkuURI" */ public static final String PARAM_BKU = "bkuURI"; /** servlet parameter "BKUSelectionTemplate" */ public static final String PARAM_BKUTEMPLATE = "BKUSelectionTemplate"; /** servlet parameter "BKUSelectionTemplate" */ public static final String PARAM_INPUT_PROCESSOR_SIGN_TEMPLATE = "InputProcessorSignTemplate"; /** default BKU URL */ public static final String DEFAULT_BKU = "http://localhost:3495/http-security-layer-request"; /** default BKU URL for https connections*/ public static final String DEFAULT_BKU_HTTPS = "https://127.0.0.1:3496/https-security-layer-request"; /** servlet parameter "returnURI" */ public static final String PARAM_RETURN = "returnURI"; /** servlet parameter "Template" */ public static final String PARAM_TEMPLATE = "Template"; /** servlet parameter "MOASessionID" */ public static final String PARAM_SESSIONID = "MOASessionID"; /** servlet parameter "XMLResponse" */ public static final String PARAM_XMLRESPONSE = "XMLResponse"; /** servlet parameter "SAMLArtifact" */ public static final String PARAM_SAMLARTIFACT = "SAMLArtifact"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.StartAuthenticationServlet} is mapped to */ public static final String REQ_START_AUTHENTICATION = "StartAuthentication"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyIdentityLinkServlet} is mapped to */ public static final String REQ_VERIFY_IDENTITY_LINK = "VerifyIdentityLink"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.ProcessValidatorInputServlet} is mapped to */ public static final String REQ_PROCESS_VALIDATOR_INPUT = "ProcessInput"; /** Request name {@link at.gv.egovernment.moa.id.auth.servlet.VerifyAuthenticationBlockServlet} is mapped to */ public static final String REQ_VERIFY_AUTH_BLOCK = "VerifyAuthBlock"; /** Logging hierarchy used for controlling debug output of XML structures to files */ public static final String DEBUG_OUTPUT_HIERARCHY = "moa.id.auth"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_EXPIRES = "Expires"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_EXPIRES = "Sat, 6 May 1995 12:00:00 GMT"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_PRAGMA = "Pragma"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_PRAGMA = "no-cache"; /** Header Name for controlling the caching mechanism of the browser */ public static final String HEADER_CACHE_CONTROL = "Cache-control"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_CACHE_CONTROL = "no-store, no-cache, must-revalidate"; /** Header Value for controlling the caching mechanism of the browser */ public static final String HEADER_VALUE_CACHE_CONTROL_IE = "post-check=0, pre-check=0"; /** * the identity link signer X509Subject names of those identity link signer certificates * not including the identity link signer OID. The authorisation for signing the identity * link must be checked by using their issuer names. After february 19th 2007 the OID of * the certificate will be used fo checking the authorisation for signing identity links. */ public static final String[] IDENTITY_LINK_SIGNERS_WITHOUT_OID = new String[] {"T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitgieds der Datenschutzkommission", "T=Dr.,CN=Nikolaus Schwab,O=BM f. Inneres i.A. des gf. Mitglieds der Datenschutzkommission"}; /** the number of the certifcate extension "Eigenschaft zur Ausstellung von Personenbindungen" */ public static final String IDENTITY_LINK_SIGNER_OID_NUMBER = "1.2.40.0.10.1.7.1"; /** * the OID of the identity link signer certificate (Eigenschaft zur Ausstellung von Personenbindungen); * used for checking the authorisation for signing the identity link for identity links signed after february 19th 2007 */ public static final ObjectID IDENTITY_LINK_SIGNER_OID = new ObjectID(IDENTITY_LINK_SIGNER_OID_NUMBER); /** the number of the certifcate extension for party representatives */ public static final String PARTY_REPRESENTATION_OID_NUMBER = "1.2.40.0.10.3"; /** the number of the certifcate extension for party organ representatives */ public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10"; }