diff options
| author | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-26 08:47:58 +0200 |
|---|---|---|
| committer | Christof Rabensteiner <christof.rabensteiner@iaik.tugraz.at> | 2019-06-26 08:47:58 +0200 |
| commit | e2e77ed55687cb92c6f5a273995daf64dedef848 (patch) | |
| tree | c5955745715a513d2875fcd348a5d50d964c9b72 /src/main/resources/application.yaml | |
| parent | 97aadc426ca2f61dccd58a05f37d065b2752ef6d (diff) | |
| download | moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.tar.gz moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.tar.bz2 moa-zs-e2e77ed55687cb92c6f5a273995daf64dedef848.zip | |
Protect MsgClient via SSL (ink Client Authentication)
- Add Component to create SSLContexts with own Key- and trust store.
- Inject SSLContext into HTTP Client.
- Add EAAF-Components Core Dependency, which is needed by
SSLContextCreator (KeyStoreUtils).
Schema Changes in mzs:DeliveryRequest/Config:
- Got Rid of mzs:DeliveryRequest/Config/Server. In mzs 1.4.1,
Server replaces the result of zkopf query person request. Since this
zkopf interface does not exist anymore, Server was removed.
- Add ClientType, which holds all parameters needed to connect to a
service (Url, SSL params, a.o.).
Configuration:
- Add default parameters for SSL Clients in application.yaml.
- Merge default parameters into incoming mzs:DeliveryRequests.
MoaZSException Fixes:
- Remove "Extends throwable" from Builder.
- Add convenient shorthand init method (message, throwable).
Refactor:
- Put "determinePath" to FileUtils.
- Put string related utility functions into StringUtils.
Diffstat (limited to 'src/main/resources/application.yaml')
| -rw-r--r-- | src/main/resources/application.yaml | 29 |
1 files changed, 14 insertions, 15 deletions
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml index 9ce1158..a0040ca 100644 --- a/src/main/resources/application.yaml +++ b/src/main/resources/application.yaml @@ -13,32 +13,34 @@ spring: # Order: DeliveryRequest/Config > [chosen-profile] > default delivery-request-configuration-profiles: default: + + perform-query-person-request: false + ## All parameters for MSG client. - msg: + msg-client: - ## How to reach url: http://localhost:8081/services/DeliveryRequest + ssl: + ## Boolean; if true, app will trust all server certificates; + ## if false, server certificate needs to be in truststore. + trust-all: false + + ## Boolean; if true, app ignores mismatches between server's host name and + ## Certificate's common name / alternative subject name. + lax-hostname-verification: false + ## Parameters for ssl client auth keystore: ## Absolute path to file - filename: + filename: ssl/client.jks ## Password to unlock key store. password: 1233 ## JKS or PKCS12 type: JKS - ## Boolean; if true, app will trust all server certificates; - ## if false, server certificate needs to be in truststore. - trustall: false - ## Boolean; if true, app ignores mismatches between server's host name and - ## Certificate's common name / alternative subject name. - laxhostnameverification: false - - - perform-query-person-request: false app-profile-1: msg: @@ -49,9 +51,6 @@ delivery-request-configuration-profiles: msg: url: https://msg-url2.com -key-store-profiles: - msg-key-store: - ## If set to false, moa zs ignores an incomplete default DeliveryRequest-configuration ## profile and continues startup. See 'delivery-request-configuration-profiles'. ## Default value: true |