# Optional #server: #port: 8080 # Optional logging: level: root: WARN # Spring Framework related messages org.springframework: WARN # Packages from EGIZ at.gv: INFO # MOA SPSS at.gv.egovernment.moa.spss: WARN at.gv.egovernment.moaspss: WARN # EAAF COMPONENTS at.gv.egiz.eid: WARN # MOA ZS at.gv.egiz.moazs: INFO at.gv.egiz.moazs.backend.SignatureVerifier: INFO at.gv.egiz.moazs.backend.LogResponseSink: INFO # IAIK Crypto Libs iaik: WARN # Log incoming / outgoing messages on services and clients. # (Incoming and outgoing messages are logged to INFO). #org.apache.cxf.services : INFO # Fine tune logging of messages per service / client: # Format: .. # Examples: #org.apache.cxf.services.app2mzsPortType.REQ_IN : INFO #org.apache.cxf.services.app2mzsPortType.RESP_OUT : INFO #org.apache.cxf.services.App2ZusePort.REQ_OUT : INFO #org.apache.cxf.services.App2ZusePort.RESP_IN: INFO # More information: https://codenotfound.com/apache-cxf-logging-soap-request-response-fault-messages-example.html # Mandatory # Default type for java's ssl key/trust store. When in doubt, set to # jks. javax.net.ssl: keyStoreType: jks trustStoreType: jks # Mandatory # Defines configuration profiles. Each profile contains all parameters # that are interpreted by MOA ZS to determine how a delivery request # should be processed. Configure parameters here and/or in # DeliveryRequest/Config. You can select a profile per delivery # request by referring to the profile id in # DeliveryRequest/Config/ProfileId. If a parameter is missing, MOA ZS # falls back to "default" You can override parameters in profiles. # Parameter have the following (descending) priority: # DeliveryRequest/Config > [profile referred by DeliveryRequest/Config/ProfileID] > default profile delivery-request-configuration-profiles: # ProfileID. Mandatory # The "default" profile. Will be chosen if # DeliveryRequest/Config/ProfileId is missing. default: # Optional # Specifies in seconds, how long the mzs service maximally waits # for a delivery request to complete. If the timeout is reached, # the service will reply with "PartialSuccess" and handle # responses asynchronously. A missing service-timeout means that the # service waits indefinitely. See also: msg-response-sinks, which # allows you to configure, how MOA ZS handles asynchronous # responses. service-timeout: 60 # Mandatory # If true, MOA ZS asks the tnvz service if the receiver is # addressable. Requires setting up the tnvz-client. perform-query-person-request: false # Mandatory (if perform-query-person-request is true) # Parameters for the connection to tnvz. Specify url, # connection-timeout, receive-timeout and ssl here. See msg-client # for an exhaustive description of all parameters. tnvz-client: # Mandatory url: http://localhost:8082/tnvz/ connection-timeout: 0 receive-timeout: 0 # Optional #ssl: ... #custom-http-headers: # X-PVP-NAME-1: VALUE-X # X-PVP-NAME-2: VALUE-Y # ... # Mandatory # Parameters for the connection to msg. msg-client: # Mandatory url: http://localhost:8081/services/DeliveryRequest # Mandatory # Time in ms after which a connection will be closed. 0 means # indefinitely. connection-timeout: 0 # Mandatory # Time in ms that the client waits after having sent the # request. 0 means indefinitely. receive-timeout: 0 # Mandatory # Specifies how MOA ZS should process asynchronous responses from msg. msg-response-sinks: # Mandatory # Save response on the file system under the folder "path". save-response-to-file: # Mandatory active: false # Mandatory if activated path: /msg-responses/ # Mandatory # Log response to the at.gv.egiz.moazs.backend.LogResponseSink Logger, level INFO log-response: true # Mandatory # Forward the response to mzs service. forward-response-to-service: # Mandatory active: false # Mandatory if activated mzs-client: url: http://service.which.implements.mzs2app.wsdl/services/ # connection-timeout # receive-timeout # ssl... # Optional # Add your own profiles (at wish) here. Follow the same structure as the "default" profile. # Override parameters at wish. # Example # "ssl-profile" is an example for a profile that overrides msg client parameters # to protect the msg connection with ssl client authentication. ssl-profile: msg-client: url: https://localhost/zusemsg/services/DeliveryRequest ssl: ## Boolean; if true, app will trust all server certificates; ## if false, server certificate needs to be in the truststore. trust-all: false ## Boolean; if true, app ignores mismatches between server's host name and ## Certificate's common name / alternative subject name. lax-hostname-verification: false ## Parameters for ssl client auth keystore: ## Path to file filename: config/ssl/client.cert.key.p12 ## Password to unlock key store. password: 123456 ## JKS or PKCS12 type: PKCS12 # Optional # If set to false, MOA ZS ignores an incomplete default DeliveryRequest-configuration # profile and continues startup. See 'delivery-request-configuration-profiles'. # Default value: true verify-completeness-of-default-delivery-request-configuration: true # Mandatory # Moa SP-SS Configuration moa.spss: # Mandatory # If active, Moa ZS verifies signed incoming messages with MOA SP-SS. is-active: false # Mandatory # If active, MOA SP-SS validates manifests in XML signatures. is-manifest-check-active: false # Mandatory server: # Mandatory # Path that points to MoaSPSSConfiguration file; can be: # - absolute path (unix: starts with /), or # - relative path (relative to application's class path # OR the applications working directory, but not relative to # application.yaml!) configuration: config/moa-spss/MOASPSSConfiguration.xml # Mandatory # Select, which trust-profile MOA SP-SS uses to verify a signature. default-trustprofile: test-trustprofile # Needed For Overriding Beans In Testing spring.main.allow-bean-definition-overriding: true # Mandatory repository: # Mandatory # Duration in minutes before repository records are evicted. expiresAfterWrite: 30 # Redis Setup (Cluster Mode) spring: redis: host: 172.17.0.2 port: 6379 # Optional # activate cluster mode # profiles.active: cluster