aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-10-04 14:25:59 +0200
committerChristof Rabensteiner <christof.rabensteiner@iaik.tugraz.at>2019-10-04 14:25:59 +0200
commitff47866920e7c51a824f6e98c40d8fd4ca380940 (patch)
treefa8d5deefb369191946a7b5ee23b0f1df1b70c79
parentb16d5ee8fb482b81f1ae92a3984d876b57cf74f1 (diff)
downloadmoa-zs-ff47866920e7c51a824f6e98c40d8fd4ca380940.tar.gz
moa-zs-ff47866920e7c51a824f6e98c40d8fd4ca380940.tar.bz2
moa-zs-ff47866920e7c51a824f6e98c40d8fd4ca380940.zip
Update readme.md
- Put SSL client auth guide into separate file. - Add download link to apps.egiz.gv.at/releases. - Put note that cluster mode is not ready.
-rw-r--r--docs/howto-ssl-client-auth-with-apache.md26
-rw-r--r--readme.md37
-rw-r--r--src/test/resources/config/application.yaml1
3 files changed, 33 insertions, 31 deletions
diff --git a/docs/howto-ssl-client-auth-with-apache.md b/docs/howto-ssl-client-auth-with-apache.md
new file mode 100644
index 0000000..44999f7
--- /dev/null
+++ b/docs/howto-ssl-client-auth-with-apache.md
@@ -0,0 +1,26 @@
+ ZS - How To Set Up SSL inc. Client Authentication with Apache 2
+
+Some integration tests require SSL protection of the service endpoint with SSL Client Authentication.
+Here's a quick guide how to set up an Apache 2 service on localhost as a SSL terminating reverse proxy to the zusemsg endpoint that runs on <http://localhost:8081/>.
+
+1. Install Apache 2.
+1. Ensure that mod-proxy is installed and enabled.
+1. In `default-ssl.conf` add the following lines to proxy requests from `https://localhost/zusemsg` to `http://localhost:8081`:
+
+ ProxyRequests off
+ ProxyPass /zusemsg/ http://localhost:8081/
+ ProxyPassReverse /zusemsg/ http://localhost:8081/
+ <Proxy *>
+ Order allow,deny
+ allow from all
+ </Proxy>
+
+1. Use certificate and key provided in this repository for the TLS connection and add the following directives to `default-ssl.conf`:
+
+ SSLCertificateFile <path/to/repo/ssl/server>/server.localhost.cert.pem
+ SSLCertificateKeyFile <path/to/repo/ssl/server>/server.localhost.key.pem
+ SSLCertificateChainFile <path/to/repo/ssl/server>/ca-chain.cert.pem
+
+1. Trust the client certificate with the following directive in `default-ssl-conf`:
+
+ SSLCACertificateFile <path/to/repo/ssl>/trusted-cas-bundle.pem
diff --git a/readme.md b/readme.md
index 7a7694f..47852b0 100644
--- a/readme.md
+++ b/readme.md
@@ -32,36 +32,7 @@ Command:
Note that some integration tests (prefix `ITSSL`) rely on a TLS connection and Client Authentication.
-The following guide explains how to set up TLS and Client Authentication with Apache 2.
-
-#### Quick Guide: Set Up SSL (inc. Client Authentication) in Apache 2.
-
-This guide is only needed for running all tests.
-Some tests require SSL protection of the service endpoint with SSL Client Authentication.
-Here's a quick guide how to set up an Apache 2 service on localhost as a SSL terminating reverse proxy to the zusemsg endpoint that runs on <http://localhost:8081/>.
-
-1. Install Apache 2.
-1. Ensure that mod-proxy is installed and enabled.
-1. In `default-ssl.conf` add the following lines to proxy requests from `https://localhost/zusemsg` to `http://localhost:8081`:
-
- ProxyRequests off
- ProxyPass /zusemsg/ http://localhost:8081/
- ProxyPassReverse /zusemsg/ http://localhost:8081/
- <Proxy *>
- Order allow,deny
- allow from all
- </Proxy>
-
-1. Use certificate and key provided in this repository for the TLS connection and add the following directives to `default-ssl.conf`:
-
- SSLCertificateFile <path/to/repo/ssl/server>/server.localhost.cert.pem
- SSLCertificateKeyFile <path/to/repo/ssl/server>/server.localhost.key.pem
- SSLCertificateChainFile <path/to/repo/ssl/server>/ca-chain.cert.pem
-
-1. Trust the client certificate with the following directive in `default-ssl-conf`:
-
- SSLCACertificateFile <path/to/repo/ssl>/trusted-cas-bundle.pem
-
+[This guide](docs/howto-ssl-client-auth-with-apache.md) explains how to set up TLS and Client Authentication with Apache 2.
### Package to .war
@@ -71,9 +42,13 @@ The application can be packaged to a web application archive by running the foll
Find the war file in the `target/` folder.
+## Download
+
+You can download a ready-to-deploy web application archive (`.war`) of MOA ZS from <https://apps.egiz.gv.at/releases/moa-zs/>.
+
## Deployment
-After packaging the application to a `war` file, the application can be deployed into a servlet container or as a standalone application.
+After obtaining the `war` file, MOA ZS needs to be configured and can then be deployed into a servlet container or as a standalone application.
### Configuration
diff --git a/src/test/resources/config/application.yaml b/src/test/resources/config/application.yaml
index a32d14d..b6f8ef8 100644
--- a/src/test/resources/config/application.yaml
+++ b/src/test/resources/config/application.yaml
@@ -206,6 +206,7 @@ repository:
expiresAfterWrite: 30
# Redis Setup (Cluster Mode)
+# Note: Cluster Mode is not operational in the current release.
spring:
redis:
host: 172.17.0.2