diff options
Diffstat (limited to 'BKUOnline/src/main/resources/at/gv/egiz/bku/online')
-rw-r--r-- | BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml | 98 | ||||
-rw-r--r-- | BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties | 3 |
2 files changed, 101 insertions, 0 deletions
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml new file mode 100644 index 00000000..15d62155 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/accessControlConfig.xml @@ -0,0 +1,98 @@ +<?xml version="1.0" encoding="UTF-8"?>
+<AccessControl>
+ <Chains>
+ <Chain Id="InputChain">
+ <Rules>
+ <Rule Id="rule-1">
+ <AuthClass>certifiedGovAgency</AuthClass>
+ <AnyPeer />
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ <Rule Id="rule-2">
+ <AuthClass>pseudoanonymous</AuthClass>
+ <AnyPeer />
+ <Action>
+ <ChainRef>Command</ChainRef>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ <Rule Id="rule-3">
+ <AuthClass>anonymous</AuthClass>
+ <IPv4Address>127.0.0.1</IPv4Address>
+ <Action>
+ <ChainRef>Command</ChainRef>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ <Rule Id="rule-4">
+ <AuthClass>anonymous</AuthClass>
+ <DomainName>$.gv.at</DomainName>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ </Rules>
+ </Chain>
+ <Chain Id="Command">
+ <Rules>
+ <Rule Id="cmd-rule-1">
+ <AuthClass>certified</AuthClass>
+ <AnyPeer />
+ <Command Name="Infobox*">
+ <Param Name="InfoboxIdentifier">IdentityLink</Param>
+ <Param Name="PersonIdentifier">.*</Param>
+ </Command>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>confirm</UserInteraction>
+ </Rule>
+ <Rule Id="cmd-rule-2">
+ <AuthClass>certified</AuthClass>
+ <URL>https://finanzonline.bmf.gv.at/*
+ </URL>
+ <Command Name="InfoboxReadRequest">
+ <Param Name="InfoboxIdentifier">Mandates</Param>
+ <Param Name="PersonIdentifier">.*</Param>
+ </Command>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>info</UserInteraction>
+ </Rule>
+ <Rule Id="cmd-rule-3">
+ <AuthClass>certified</AuthClass>
+ <AnyPeer />
+ <Command Name="InfoboxReadRequest" />
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ <Rule Id="cmd-rule-4">
+ <AuthClass>anonymous</AuthClass>
+ <AnyPeer />
+ <Command Name="InfoboxReadRequest" />
+ <IPv4Address>127.0.0.1</IPv4Address>
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ <UserInteraction>none</UserInteraction>
+ </Rule>
+ </Rules>
+ </Chain>
+ <Chain Id="OutputChain">
+ <Rules>
+ <Rule Id="out-1">
+ <Action>
+ <RuleAction>allow</RuleAction>
+ </Action>
+ </Rule>
+ </Rules>
+ </Chain>
+ </Chains>
+</AccessControl>
diff --git a/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties new file mode 100644 index 00000000..12deac35 --- /dev/null +++ b/BKUOnline/src/main/resources/at/gv/egiz/bku/online/conf/defaultConf.properties @@ -0,0 +1,3 @@ +# Configuration for online CCE
+AccessController.acceptUnmatched=false
+AccessController.policyResource=classpath:at/gv/egiz/bku/online/conf/accessControlConfig.xml
\ No newline at end of file |