summaryrefslogtreecommitdiff
path: root/BKUOnline/src/main
diff options
context:
space:
mode:
Diffstat (limited to 'BKUOnline/src/main')
-rw-r--r--BKUOnline/src/main/policy/50mocca.policy7
-rw-r--r--BKUOnline/src/main/webapp/WEB-INF/conf/configuration.xml4
2 files changed, 10 insertions, 1 deletions
diff --git a/BKUOnline/src/main/policy/50mocca.policy b/BKUOnline/src/main/policy/50mocca.policy
index 8cda9eb6..d001e515 100644
--- a/BKUOnline/src/main/policy/50mocca.policy
+++ b/BKUOnline/src/main/policy/50mocca.policy
@@ -40,7 +40,9 @@
// with <any_resource_you_would_like_to_grant_XSLTs_document()_function_access_to>
//
// replace www.a-trust.at and ksp.ecard.sozialversicherung.gv.at
-// with <idLink_template_download_URL>
+// with <idLink_template_download_URL>, currently:
+// A-Trust: http://www.a-trust.at/zmr/persb204.xsl
+// Verwaltungssignatur: http://ksp.ecard.sozialversicherung.gv.at/ePortal/public/xslt/ExpandIdLink-2_0.xslt
// replace ldap.a-trust.at:389, ocsp.a-trust.at:80 and ocsp.ecard.sozialversicherung.at:80
// with <certificate_revocation_authority_endpoint> (OCSP, CRLs)
//
@@ -70,6 +72,9 @@ grant codeBase "file:${catalina.base}/webapps/bkuonline/-" {
permission java.net.SocketPermission "apps.egiz.gv.at:443", "connect, resolve";
permission java.net.SocketPermission "www.buergerkarte.at:443", "connect, resolve";
permission java.net.SocketPermission "www.sozialversicherung.gv.at:443", "connect, resolve";
+ permission java.net.SocketPermission "www.sozialversicherung.at:443", "connect, resolve";
+ permission java.net.SocketPermission "www2.sozialversicherung.gv.at:443", "connect, resolve";
+ permission java.net.SocketPermission "www2.sozialversicherung.at:443", "connect, resolve";
// other resources (crls, persb.xsl, ...)
permission java.net.SocketPermission "www.a-trust.at:80", "connect, resolve";
diff --git a/BKUOnline/src/main/webapp/WEB-INF/conf/configuration.xml b/BKUOnline/src/main/webapp/WEB-INF/conf/configuration.xml
index 20d27bb0..d4736429 100644
--- a/BKUOnline/src/main/webapp/WEB-INF/conf/configuration.xml
+++ b/BKUOnline/src/main/webapp/WEB-INF/conf/configuration.xml
@@ -7,4 +7,8 @@
-->
<MaxHops>50</MaxHops>
</DataURLConnection>
+ <!-- default revocation service type order: OCSP, CRL
+ <SSL>
+ <revocationServiceOrder>OCSP</revocationServiceOrder>
+ </SSL-->
</MoccaConfiguration> \ No newline at end of file