deploy eidas proxy service 1.0.0 to qa
This commit is contained in:
parent
a96db40214
commit
1e88f9634f
11 changed files with 318 additions and 68 deletions
|
@ -3,70 +3,72 @@ STATUS=UPDATED
|
|||
-----BEGIN PGP MESSAGE-----
|
||||
Version: GnuPG v2
|
||||
|
||||
hQEMA+dyWM/+Cjt5AQgAn4t5SCBFkImjSNMHAcTI+wiXZuysjA/Dl6xYofYg2KHI
|
||||
glVIHXrjG8K8tvqJLpeV3YmL6TBgUKsVZgYgV+yv5bEOccJ5R+diGJGfAu868aPg
|
||||
fx9WusMn48RHVovuHbNoLMyTxgTcA7g2rb/GUtrgFAXRGwG2YT905NFc0htZ9bLs
|
||||
5awFwmHcQN0InlDTJDQNouLzkuzMi9lTDcMkloCI9qNPNia3a5+J2Q3tEJMJ2Fmh
|
||||
0xRFCD+nYTXwU34M/yqspRmpXeF41bi0MVU2OCoBNOpeMykY5BsANVLO8pl+kp7K
|
||||
pEEFaL9ufAsYwBCTv0ls4E9ybiPCQHsxKwbYegPgmNLrAecJujfGm7WYHeaJJMdi
|
||||
p/DpNBy7ZWZdsgVW4m4Xl/GOnMF4+WXUYybloALnhZCLhTOOljlHJNut2/dNCChm
|
||||
lInAjv6rr/YRdtx97/r8tUwIlOjU82X88ydiouH7SWkPJWcGJwchBGeBmVtbkn07
|
||||
LqIl+1st1fNlYa9BAq9lVGBIlWcwtPF3EsywG5+f8GDkfqKorxPn9ZA9c1+vl1xW
|
||||
rcLlSpj5MSPt822U/fUTzHWDWvh9QlnqD1LHvTbqFTObyXO/7/xsPAOW/ykDk4sv
|
||||
XD40cQWO/N4aE9KS1O0kMZd1/oKWRXy0JsBRRhsZtV3Qkho7fYfUbD2PekkL9QF5
|
||||
n4GzH/eKnzuPSuIEflfXqa9hkdLd68+vxpLhpDNRibgyqanTbgUXEzDWq9bw/g+S
|
||||
Il0QcaVoyQx2bYWjrKjnTqrSE6A+FPexZDdunn7W6MD2PVkZ/Vgkx022WfI4YxLu
|
||||
kCe0Z7hvMO3he/6/Dq4mtazszSHEnBQ9IX+Am7DcAVrgUHA4BMHvZJ8fU6Y49M+d
|
||||
jPerRuqxgsLukMjDOEivzOUxnUwJuFxRPY5S2Ati0lFwvhj4rNDea8tp5VVHnVTV
|
||||
9QEwH8/T37HuFsORNdtN09O8PyWGgVwr5DyBnQ/Z3i+om6ZoxrkV84hwmaDNu1+O
|
||||
asBQsLRCHN+PQ6U4mCkDJuZdVOqhgkeDRZtrYm2drXOxMitt09jDCLioFCa9QC7/
|
||||
EE3Ibn9qDl3h40ADd/RHuROBg83bw6BmiNe9YehZ+CtUGq2ePH6ZXG7DqFJY0aAJ
|
||||
r1t1NbLurBdY9pfL8y3VH5J7UCjzN5MYZYOJqszBefPRzIg/mOPton5AZsAGTNVx
|
||||
MrbCO2A0gREd6oyZAWjv8jRXpGlqjXTQklDctagyoqO0oJcULyZwgrKc8Varb5el
|
||||
aWpvrUZdQXgXd9zV7bzDN+aXzYl1N38n7zStAH0yxFaJxAn4s/i8+ktZRFneLar5
|
||||
MVIXF8Ejq+SJXLUCLt9hFfCITIYtBeG3CrMiWkR5zAuyuXViznYOYRfdK1JVJHbo
|
||||
8n019JbOC+VU1osMrDt+bykkmRcrt4tugTa+P8mSqCkzdpQHVhR/4inNhmWU2BYJ
|
||||
2PAzWO4/3rdihbXEMXnFkT/eqIE0nPAoX2RLZtT7JZC48tsvrn7SUNFYtCNPtWXh
|
||||
YjRT2CaK8iOjGDpRxR6VBtBf1hp14oxPRHtNcRWkeuPeELZgQNJP5iKvk6vHWKFn
|
||||
T9hDQj/D0nfNDb4ziOIcLT3Tbnyv499K36puHuv8p7eyDGJXH0jaQQAoe+Hx5cjG
|
||||
6DmfxVQocVubcGMBgUZXpi93FCaqFdoDHO00Eur6KCFfAfH8k3aSWEzisBti5Pdg
|
||||
WspnXPWuXle+MKAWZgVv90E8JzzVjV2bPyiXbMkRf4jiPFY+OjVggSnMn/fPSm9W
|
||||
MfIUIqm2cKxhFW7SDErbUIqvEgV6Ic0Vi8trs6zTtd1PjPdJk/HjAY2EkNLnw6FU
|
||||
8Z4njRXdczR+H774Zu8CUxsMl7QICLahHN1BsJN+2N4Dj80oiKnXzqSGZgoVAnnF
|
||||
Ah2TnqthZ0WakYbosd1zzTBWJRdrLilLXkEIOmw0xDdNd3Mz9FbYR18d0F7FNn44
|
||||
43hIpM4cwuIMHy6yGJUiLP+8A8qBJU7wmWu87ArFvDwvk/A760gzunvp4SC7CVPZ
|
||||
1hZ6WvX9ZkyNz+3yiO10l26w+XFk5Spdl4ZX4l89jJe3THAjl1ofMhZ+A1c44FQD
|
||||
dzhmM5aVWwkk6ODx45yZnqN2GzHcbD3PYDYXxY+91tKNLwo94ahfBvL9O9Vo1X6+
|
||||
dQaTyjXMnPUudAqkPGlzFff3bFtqdpQZrYQ2IaMEWQd5Xq/oUgVG5QZOYDsBsSpU
|
||||
wTMNaHQkp3UXy2408/V61rFNwbBH9Oh6bVMz+p/jAbFIViIgpr0PRji3OQHmCuQS
|
||||
GSxG7nTqfYdD7shvpZbRfHRzJhIZUiAS1WTkBt0RO8Ik8z8Bk/KpxC7Ba0MrWKJE
|
||||
MTLU1/7Kc6q/f7+HWcjlC5Odz4tNyygxjc7w9vJO+mAvSoPSZk0IpD/o0VeN1OBq
|
||||
9V7iCMnN3DGkUtRQtybZYMTxwcIR+r+iHSnt0G8TItcu9hQrNqu5JAt7RPC+45KG
|
||||
4OjFwuHcUKg63qAaFB9KOjavzdYM+nvp/XuL5Vq9Tfvz7J1f8znWrSG4fnysCPub
|
||||
IM85oW6edGNAEoyBD+RFTU+IEZOnK+sy3irxbZ/wkIa+Yw0qUXe8vaGhLW270ikj
|
||||
p8IHvU2okxb+pQGM4BHDoQzGscI0ctw0Xoa8Yz0xXD6nhiclITkhv+a9ZM8zuUus
|
||||
QOEGZjOvvaLl3QmMs4aaOe3NUoF90jzDQwYy3QPggDOXl9gFPbM5klonCGTOyOLw
|
||||
m14Z3bCK15cu+Ww5iS3tc80jplgN5l5aOQllcf+nj1785Pa0BVw9JgiwjGlmc5Vy
|
||||
rZAs5KXHXP0NOUuLpLq9HVxJmc91kYn7LjZ6TfMcEjju+UUe6EfTWAygPVEVuV2V
|
||||
ED0/wGMRcYd7FCTanOpfBy3k7E5Ld+mNKzftlnAT2qC6uUDXC1lMnR4mlp668msv
|
||||
62gvdTGMFVkimgnVnDjyXSZe0EWXV5RQOazFItJZ5tO6HRXho0aR/g081KdZoSB7
|
||||
MPr/5lQY3MDxRm9jbFJLm4DsoYqobl3Beiy2txT7q2NouX8EYPhluiveT7wZd6Ii
|
||||
fasX9hOcBLuoSXtunQo5NYTplO+xecXzHBn+y8jY2CUmiPD56CwFnhPAdSlwBnWH
|
||||
2Ms4nh8fANjd/6V8iAkWrsX9ZyC6vy2/yubYkrnAqdXxYYR3QNTbFLe7j1r58RIh
|
||||
4zlWq3yryrITwDm5WQl2GeNOenR33LNF29ACc2vcT10wUGywbm5DgpMjUINTt2D+
|
||||
t900iFNnaD6+aM9/hZ6tCUzlqOv2WQm3W/+rEH+pztenDmMGNUoIhfC2F7kFfqGG
|
||||
hGoEgJFCPYRd42MZ2BR7TDLniW6J3XM8pl4U2tCGV8+SHXZeURfAvC5xIE8SVg6R
|
||||
sLLJO0rXpRNQIquCrEPKfuSaWvBu2lDsvH45nLYke0/09tXIt2PA0WJ9r6nlj2Iu
|
||||
8CDX6lzvacm9kHHSIDZclck1BrIkD3CQ6d0MxjZVdEM9KaPOSwQtGqc9zvFiJ2/k
|
||||
ACly9dYPNO3riABBgWwrn4OFpYB+ggLP4f/pwBsf5T7QEvEQXsJ+x08VVRMXpZT0
|
||||
e7u2NUFRS3lO/qBp6sCn6e3qi6c6OsLq4rdhpu/z1kAxiWaX1BTe07V3nYlyJjnx
|
||||
C5cYx+BPEblYyA+2It2S3Y0xoyVl8O2l/H5ynYmj+Pg/kHxSpNH8evMTArwv5Nb7
|
||||
x/U2NhtkjNkq5wBq8MuHgofLuvz7lJh5xfpgEqkm3uvIDR+NXC0PKSGf+MvN6zQe
|
||||
05jAS03QgcSlJDd3yF54F90D+HMK1zqxsYgLK7EuVFFMnqEBDhFLFly9944A0K2u
|
||||
LygD3H523C7t19klm7KsHN+ST8H8SJTa9QL4rlvGdEiqRK7julcCVWTwdURmQvy4
|
||||
gRglFtByQrJPhIiwAyhmqCPZ7fIlEBn2xtR4HQzYJulI2qmqxhix88i6GxzwjUBs
|
||||
Y3+LpktCL2FPqoZksKLPeXt5usOOPZAzq5dFEEFf1j0mwuEcEKwKsfApt89Qa61a
|
||||
xGuqcVdju1OPr/i9rn9BQxg1BQJOhPKv4Lp8LdO5jHEFzj73ndZ5s1t4MreR4brN
|
||||
CqySwUz5C8uSQX5lx4K81uaYK+KOrh9lFI4UgQPx8Q==
|
||||
=gugK
|
||||
hQEMA+dyWM/+Cjt5AQf8DzKh3pD402Wq+hFvmloyq27+dIAvHbBkM78q01my0GpY
|
||||
YRARkeBsulEu61Abk4iJNBDFgJ2vLHVa73FV8M/46sQLeDKZLU6exNGHeKqU+V0L
|
||||
ebhQWmSrMw44y95XuBPJf+L0QI3kMDtBaSfGyHNrlQAk+KSYNIQf0MLJslP42Ayk
|
||||
ITWmvYr9uTTiSGVE2Tc5w7wOBzxHUVzlKj3Vd/rNTcld2hBHKjz0SnM7lEgP4RZY
|
||||
mDOgDqEcRtu2/y8wO05WwlrPJ54w+zA91ZTK9KZLxQZWwtPTI/rK89UiaQWXaKVu
|
||||
PQGqbHR3iTvzRDwdeV9auvM6ZKk80ixyGW/DAyUQP9LrATR/fhj20x5WUf9gRJoU
|
||||
bvuo006UTA3RpOuFklwZ1z8iZPfLUVH5I/grCi/G8kbKZ56YOktsMz8UeCe+r9GI
|
||||
gGho7vrSLOib4N+eQ4beUvjiQQVIg3CaziiCVx+XKCNI+XrYLAPsaLwAydJg2dbm
|
||||
6ljbLZ17ECqymV+2S1d67XyecJg2shths7bra+gJRhmtDMF+5DbHbAylj4ViT1XD
|
||||
NrH6Hi2MqVmESHQW19dkH2Cvwc42kWsSvdrYU+/g5uvUXRRdX3ddcNIFRC9HA1Dw
|
||||
8IelGZfJ2KhNTi/328NVQwCXapge/dMmUWMNgkZYm2sK+xzdHNe79X+aeMa7KOO3
|
||||
c5YctQbDRF8egO0khkqK9ugE6z/IM5sggm+FOC4WeANLCw+7tYCL0ZWLEgP+kk31
|
||||
sAMNSBJioK5uwDpCVOa4f0+0nkotEItu+Ctn+dprvD6aSUUMqh2G5D8mptmRewos
|
||||
wqeAmd1X5a2IG6Vc4kxTn7+peRffJBkwEfYcF5of/p3Jw9yUbzYaDXV6JRCnHNZH
|
||||
rA42X3bdEBvfZhFVgKhd9aEZQmkH2x0ecXabfv+AhG4zoYD/yyJxCKXEP2tVxqMC
|
||||
6faVqBL31p5YlpcYZn3gm1DG3pQ+V9abdl6Z+LaLPz0oz9ooPZ50mQ2z/zAs2p0D
|
||||
o26G6Ox0YX4KVtkKAkzh61gIYD+WNFYNPEF8jpQo4YWxwSyCt93Pff44dRlzaZ7o
|
||||
BXLU/q4QaaxDL50HGgpBMRSYGazV/aJankmGKrce4TxGORbYL+8KHn3l9eAI/QlB
|
||||
JY6rbQVrdE2ooOPsb9hxI+mWuU9LNjweqkvTqDofzCMvCNQI15GbyvGX2UoYbkwY
|
||||
/dG/BQg+2uXyT7bmr8LWQrO6hQgaSDbIAUZBgsXOFRXKCBTBg6aG4fYBY0yfOanA
|
||||
sZ3KX4CZrKXOwRIeWtAVtBHPU+Sne1+vU9x5Bw10nPBRu9MvMA87OoENDoG3ycNX
|
||||
UBW7oC7vs95GXMCCcF58Mrhze3tg7wDHgwG7Fzxpr3vFh33xaWosTB6EzPpvYeEg
|
||||
4gnVv55SOyvss0iSPxUUFsuVd61yqNlzW3tdO1HwhhjTHc6foFTZCwc4cOthE0BB
|
||||
/8i4vn57S0dQZwkuTRiCBVZBUKAfUl1sLahNVFnHZ9eabG5nt7xIw/mFhh8VT9F3
|
||||
FmyWITUIRHHltJp2494JuX5a1LZgYk2KlwoWavkP2JXZnXRus8W6IYh+ybXwMKic
|
||||
hdwkaagix87VuUT150CCFaU3J+O91IKbHuu3u7O+8N7/KJVdtMOdqF/uXVLxnpRa
|
||||
OqfXjQ+MmNfhp/L2nGq7IZLMfSuvzcR/LteFcaHOJBP3O0OIoFJTJ4WJuEFDNjOy
|
||||
BpaermVciq0vqiFQeMJM3fhu0zurkI/nrxa6lhpF8+UsncKUHbFyZ+fLUFYpSf21
|
||||
7DCq+Za262Gfmzw7yvkzNg0JrLYsuh9OT5FcMPDZPXTCX/z1QYeTHb3QaDJBekTP
|
||||
M+JQ7MXFADWciGFBeXono316n0pxJFKNk31puzK66Ci7DeZrq9IqEqffXVyokUWM
|
||||
Fc0jrC1GD+NUBtzFbfvqM6YZ0S79Yg2lZcl5s5TRzqjMGnhz/9zQo1FOT8gse+YT
|
||||
xkACiuPHjiQkQggrMd+Z46+6yN6veXALHV2nrmJJtgAeZCe+UKrRGyYcK3Fwtth+
|
||||
SrSkDF6qpzkPncZeqNgvfkl0MtIC/oGkYmcprdnKRza2bYZOJYFxis9VRVD73r7X
|
||||
oHxo4kT45t6EHB3cPDZ9oI2A+niuiq26W6QtX4MORNX0YaAUq/GFThIxF5Z0IfV1
|
||||
QWuFrMN7a4o80zprCVr9AUXuyTzChTL62TGccWuFKu8VTgxTnInD5qpaSIE5Ya4H
|
||||
46ycvYAaahxE5zsQ64VfjYAgubwNKbfSrNjdgtS3PD4abqMfwpjKYG7M53mQYATm
|
||||
OaxsAi8I0iwhUuSYIXwEhnNXnT5SryTGVyptbRgNMYAgkYccMib+BeQPlDzSK/5E
|
||||
ZrwZERYjjZhra45uDBxmnDNqUL7Cg1Du/qCLsEhhjI0MQPIOA9x+l6eP1zWNuvh3
|
||||
t5PBNO8LDduK2ZHMx0JHP9beQWuZIaeuN4gTp3mYiKDWN5dkKgFz5MsA7aOAX3GO
|
||||
gQl0iZjufcjSqslqxLXKyxKfjGnQkz3deOGL1YkGeuDWJcrKC4e9w/VEWWbOMqK1
|
||||
ToF2UrQMHFajH0+FP+kqGd2r1fg65nCWtuC5tpCWOJ7/m/p3UW7tYsRXlgaDLIkm
|
||||
wFYVNwuamhccW5W/YrlyW/LtIe3plmqFGPNRSAF2CkAXCsdXhPdQjMs3A+GUifek
|
||||
nU8nle7EWJqGjssnncBBULxSx+EonnWaR5CZ3VdBN4XbwJUNbcwwX7CZ1IDtYqPw
|
||||
1gJFNVXwv9+0g/6mx5yb2r1K+AoWHi9dJU8+GTRDOuXDopkLkaIvNB9DM/4hRw4U
|
||||
oTc/nhuQjoaBw/I4YDu0lNb+xYWJFxqRfZr+uDVrI1Scum39HmR22mf1Rel7em+E
|
||||
7332QfBwOr06/uayalClOQsWoWkCuYwEcZdPj8Vr6mddXXfJUXTBCEXBTVAgzaRY
|
||||
+0qEVbO5bt2hJGsSm0Vqxcq6CO8XALAScy8gyCc6Lhss2kprVZrQ/GVs5JSm76ep
|
||||
zPVLaQV/pf0/J3ZjM7UoW+uyC1lpTVgYjVfe5uzDmtXwKYpZT6IcT7kvj8FXr+G8
|
||||
SQD1kh/EvDAATNJ73T9Nf2Pp3io2KtGORIY4iradhASaou8eBRGvoHBmafMzku5c
|
||||
iIY34x8VhrJdurwB1Rcon8Kc0h3mhVGUTimSp1aw3kwAoeVXnS0D1H69pASpYFjY
|
||||
7Zzo/SBiDmLUwISgjCEELxMGJqF6adK9tGNTM9YpQEY6UtpYDHN+ju77vfN0CjnG
|
||||
5VRZi6Iia8S3NgGqWlfwFcHleiAKg2VTTziwZpkB5XcUj7Kwv7e80qZHQS3E+D9k
|
||||
26bmfBUPRJJyCRRsigtuBv5hH5tY6rNPCUlSJ++TtTwFQpZ4od+Hcf71HOeGQr+3
|
||||
BLmZKFJh6n68PNt6QPwQ6H1zDTATNKgh76OjcJTVHSn85V3bfweus5IYjCi1yMn2
|
||||
xWeGWVYHer+Rpl9EyCw6Gn6bcDVvlaMcGGj8jUt9hwFmptEWOvtA/GVmrKpNTX+B
|
||||
5B9iawACw7G+UVoyihPIKZLxkpol34PIM6bnxTqfoLKOmclOr411Wzxrl1fQA/B+
|
||||
DW6a1yYxVF1kKq2GgkuUr5qbSq8XoQjr5Wlzx8jKDnuWTmz5z737QPcL6dWR5QsD
|
||||
EiZjn6+A34nKdXmrvYah+V0qk0F0QUOrV0Bwh2y9Hs1YlAIl22zORW1S1I4x8scj
|
||||
RSrrgOJnmB6ml4uX2fsa3VJeYnZInwElyBVnqbFf8InYrv57ad0i0C5ToFTFVx42
|
||||
lkLAlljSalXakKpGNE1gi9D2Pcd+9PT/D7PhKsUUU6kAxDwzZdjoNh7CT4JPzCVj
|
||||
jk0sCCyAHX35X1yXAZmVP0eUBQIWebYuzjvPi9GQmaPyrva0Sjvt0xtANJU0ewC3
|
||||
UWtOvaTgu2RNFzPy15fwFcsS8lHg5D5ag5vSM6xrENzzosor6iYhf9kQAGZodfvO
|
||||
1yuotbca18DCL0rQaOdc1yfxcRFi6obSP5SnjWFqzr7UcUtW3waVjPMdg03TrjFo
|
||||
J4DUXyu4JbFFnWT4TAypjsDtrWXuh6toNmhmSOxsuhUZInp/5Gl6RLPCgGieIzqv
|
||||
NK+lf3i2APb3Xz7RzSHMbdmC58srMshOgU3MhvoFwdSYBvadyqDm/N3uT0ImBLGz
|
||||
+tHhAUs8/4RJCob0+WEUmLzmd18GGM0tvBNi0r9/HMA8ggC9fG9/fVY6l22MLxpj
|
||||
wBfojoHjaQCGPA==
|
||||
=OUZI
|
||||
-----END PGP MESSAGE-----
|
||||
|
|
|
@ -0,0 +1,77 @@
|
|||
# Logging
|
||||
logging.level.org.springframework.web=INFO
|
||||
|
||||
# Service path
|
||||
server.context-path=/eidas-ps
|
||||
|
||||
# Service port connector settings
|
||||
server.port=8443
|
||||
server.ssl.key-store=classpath:server-tls.jks
|
||||
server.ssl.key-store-password=secret
|
||||
server.ssl.key-password=secret
|
||||
|
||||
tomcat.ajp.port=8009
|
||||
tomcat.ajp.remoteauthentication=false
|
||||
tomcat.ajp.enabled=true
|
||||
|
||||
# For development. Allowing signature check on metadata to be skipped. Default false.
|
||||
#proxy-service.dev.ignoreMetadataSignCheck=true
|
||||
|
||||
# Initial delay in milliseconds (default 5000) and seconds between metadata configuration recache (default 240 sec).
|
||||
#proxy-service.daemon.inital.delay.ms=5000
|
||||
proxy-service.daemon.recache.delay.sec=240
|
||||
|
||||
# Location of other properties files (general-metadata.properties, psidp-metadata.properties and natsp-metadata.properties)
|
||||
# Example specifying external location: 'proxy-service.config.location=file:///opt/webapp/eidas-ps/cfg/'
|
||||
# Example specifying src/main/resources config location: 'classpath:'
|
||||
proxy-service.config.location=file://${proxy-service.path.prefix}/cfg/
|
||||
|
||||
|
||||
# Key Store properties
|
||||
# Location can be specified as "classpath:" or as file path e.g "/opt/webapp/eidas-ps/keystore/keyStore.jks"
|
||||
proxy-service.keyStoreLocation=${proxy-service.path.prefix}/nodeKeyStore.jks
|
||||
proxy-service.keyStorePass=local-demo
|
||||
proxy-service.keyStoreAlias=local-demo-cert
|
||||
|
||||
# Session Encryption properties
|
||||
#proxy-service.cookieEncryptPw=changeme
|
||||
|
||||
# Requirements to show consent dialogue (Default false);
|
||||
proxy-service.consent=true
|
||||
proxy-service.consent.attributes=urn:oid:1.2.752.201.3.7,\
|
||||
urn:oid:2.5.4.4,\
|
||||
urn:oid:2.5.4.42,\
|
||||
urn:oid:1.3.6.1.5.5.7.9.3,\
|
||||
urn:oid:1.3.6.1.5.5.7.9.1
|
||||
proxy-service.consent.valuetranslation=urn:oid:1.3.6.1.5.5.7.9.3
|
||||
|
||||
# Welcome page presentation text location
|
||||
proxy-service.welcomepage.markdown=${proxy-service.path.prefix}/cfg/infotext.md
|
||||
|
||||
#Metadata Service List location specified as either URL (http or https), "file://" or "classpath:"
|
||||
proxy-service.eidasMdListLocation=https://eid.svelegtest.se/nodeconfig/mdservicelist
|
||||
|
||||
# Optional certificate file for validating metadata service list file signatures
|
||||
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
|
||||
proxy-service.eidasMdListCertFile=${proxy-service.path.prefix}/eIDASmdListCert.crt
|
||||
|
||||
#Metadata location for aggregated metadata specified as either URL (http or https), "file://" or "classpath:"
|
||||
proxy-service.eidasMetadataLocation=https://eid.svelegtest.se/nodeconfig/metadata
|
||||
|
||||
# Optional certificate file for validating metadata signatures
|
||||
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
|
||||
proxy-service.eidasMetadataCertFile=${proxy-service.path.prefix}/eIDASmdListCert.crt
|
||||
|
||||
# Optional cache dir for caching downloaded metadata. If not set, cache is stored in memory.
|
||||
proxy-service.eidasMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache
|
||||
|
||||
|
||||
#Metadata location for national IdP metadata specified as either URL (http or https), "file://" or "classpath:"
|
||||
proxy-service.nationalMetadataLocation=http://eid.svelegtest.se/metadata/mdx/role/idp.xml
|
||||
|
||||
# Optional certificate file for validating metadata signatures
|
||||
# If no certificate is specified then proxy-service.dev.ignoreMetadataSignCheck=true must be set
|
||||
proxy-service.nationalMetadataCert=${proxy-service.path.prefix}/se-metadata-cert.crt
|
||||
|
||||
# Optional cache dir for caching downloaded national metadata. If not set, cache is stored in memory.
|
||||
proxy-service.nationalPsMetadataCacheDirName=${proxy-service.path.prefix}/ps-mdcache
|
|
@ -0,0 +1,12 @@
|
|||
psgen.country=XY
|
||||
psgen.name=Sweden XY eIDAS ProxyService
|
||||
psgen.orgName=Swedish E-Identification Board
|
||||
psgen.dispName=Swedish eIDAS Proxy Service
|
||||
psgen.orgUrl=http://eidasweb.se
|
||||
psgen.supportGivenName=Customer support
|
||||
psgen.techGivenName=Technical support
|
||||
psgen.supportEmail=support@example.com
|
||||
psgen.techEmail=support@example.com
|
||||
|
||||
|
||||
|
44
eidas-proxy/overlay/etc/eidas-proxy/xy/cfg/infotext.md
Normal file
44
eidas-proxy/overlay/etc/eidas-proxy/xy/cfg/infotext.md
Normal file
|
@ -0,0 +1,44 @@
|
|||
### Proxy Service
|
||||
|
||||
This is the Swedish XY Country test proxy sevice of the Swedish eIDAS Pilot
|
||||
|
||||
**Relevant resources:**
|
||||
<table class="table table-dark table-links table-responsive">
|
||||
|
||||
<tr><td>eIDAS Project Home Page</td>
|
||||
<td><a href="http://eidasweb.se/home/">http://eidasweb.se</a></td><tr>
|
||||
|
||||
<tr><td>eIDAS Proxy Service Metadata</td>
|
||||
<td><a href="ServiceMetadata">https://eunode.eidastest.se/EidasNode-XY/ServiceMetadata</a></td><tr>
|
||||
|
||||
<tr><td>National SP Metadata</td>
|
||||
<td><a href="nat-metadata">https://eunode.eidastest.se/EidasNode-XY/nat-metadata</a></td><tr>
|
||||
|
||||
<tr><td>Swedish E-Identification Board</td>
|
||||
<td><a href="https://www.elegnamnden.se">https://www.elegnamnden.se</a></td><tr>
|
||||
|
||||
</table>
|
||||
|
||||
**Metadata validation certificate:**
|
||||
<div style="margin-left:20px; font-size:small">
|
||||
|
||||
```
|
||||
-----BEGIN CERTIFICATE-----
|
||||
MIIDOzCCAiMCBgFfWGgYvjANBgkqhkiG9w0BAQ0FADBhMSkwJwYDVQQDEyBUZXN0IENvdW50cnkg
|
||||
ZUlEQVMgUHJveHkgU2VydmljZTEnMCUGA1UEChMeU3dlZGlzaCBFLUlkZW50aWZpY2F0aW9uIEJv
|
||||
YXJkMQswCQYDVQQGEwJYWTAeFw0xNzEwMjYwOTE4NTdaFw0yMjEwMjYxMTE4NTdaMGExKTAnBgNV
|
||||
BAMTIFRlc3QgQ291bnRyeSBlSURBUyBQcm94eSBTZXJ2aWNlMScwJQYDVQQKEx5Td2VkaXNoIEUt
|
||||
SWRlbnRpZmljYXRpb24gQm9hcmQxCzAJBgNVBAYTAlhZMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A
|
||||
MIIBCgKCAQEAoo+9Fjjtx50yc8QzkFHxmRDqZC3/cPvWNIK0bqmXrBdlvstB5kYn0x+t644d9zQA
|
||||
v6yXFW3hhSHjTeeB49NVwa2HVxtmkX5VzJLNo0mjQm3c3vAZNooUHzv+deZrl5HhFkZZPD1sLwOb
|
||||
dlCHd1ozf60+diD/P0EkMkCwwaVWnq13pHv1XuQOBFmVb0O5/muJrzu6uGZAsPS4SUsg9IFgl1AK
|
||||
hcl5FPykNvqYMEamOKCbJoL2mpjUQFGtudlDaqneqz0Jt4syoQmvuFal/0uC1XhKwLNitu3GGceZ
|
||||
Mwdq6TJlR1pMNDgFOjSO2Yv0v/3kKtmhiOCBpmXXl4JcWDCMBQIDAQABMA0GCSqGSIb3DQEBDQUA
|
||||
A4IBAQBTCQT2OTGE+f5qWe4NiXRZBHfLuU0A2Lj3fm30dA+N/3WO5eOTHCGSEJhSh/SxeFzexTiG
|
||||
QSrdUuJtTM+mtqF6v0OfJ55K+dhSNzcE5dtM3ds6qZ73VAJQlxLv3qE4hqR7bLMhvz0Zby0Hq0XJ
|
||||
+FCMs5vSMDtMi5n/CLqh/ctEacUx+lNfQEjZWHInfntMBRUxwy6SYfqjPdhDneP+IXAertPi/Uqn
|
||||
NFkI8ewylphNXoewIEIjfFk6WSAwgc2scWgnj8U4un1LFjl//m4DWCEQEkjwuxNf1pTCQFDW7Gc3
|
||||
+lNgymwLJoieNYqSOhomsTRZTXyuRI4b/ttebvbNiALS
|
||||
-----END CERTIFICATE-----
|
||||
```
|
||||
</div>
|
|
@ -0,0 +1,27 @@
|
|||
proxy-service.idpdisco.idplist=\
|
||||
testIdp,\
|
||||
mobIdp,\
|
||||
ccBankid,\
|
||||
ccTelia
|
||||
proxy-service.idpdisco.langs=\
|
||||
se,\
|
||||
en,\
|
||||
fr
|
||||
proxy-service.idpdisco.entityid={\
|
||||
testIdp :'https://idp.svelegtest.se/idp',\
|
||||
mobIdp :'https://midp.svelegtest.se/idp',\
|
||||
ccBankid : 'https://eid.identityhub.se/demo/bankid/',\
|
||||
ccTelia : 'https://eid.identityhub.se/demo/teliabrowserplugin/'\
|
||||
}
|
||||
proxy-service.idpdisco.name={\
|
||||
testIdp :'Test ID-tjänst, Test IdP, Test IdP',\
|
||||
mobIdp :'Mobil Test IdP, Mobile Test IdP, Mobile Test IdP',\
|
||||
ccBankid : 'BankID, BankID, BankID',\
|
||||
ccTelia : 'Telia,Telia,Telia'\
|
||||
}
|
||||
proxy-service.idpdisco.logo={\
|
||||
testIdp :'https://eid.svelegtest.se/logos/elegnamnden_notext_68x67.png, 67, 68',\
|
||||
mobIdp :'https://eid.svelegtest.se/logos/elegnamnden_notext_68x67.png, 67, 68',\
|
||||
ccBankid : 'img/disco/bankid_logo.png, 94, 100',\
|
||||
ccTelia : 'img/disco/telia_min_logo.png,89,86'\
|
||||
}
|
|
@ -0,0 +1,24 @@
|
|||
#EntityID of the n
|
||||
natsp.entityId=${proxy-service.domain.prefix}/nat-ps-sp
|
||||
natsp.displayNames={\
|
||||
en:'Swedish Citizen Adapter',\
|
||||
sv:'Sveriges internationella legitimeringsnod'\
|
||||
}
|
||||
natsp.descriptions={\
|
||||
en:'Test service for the Swedish eIDAS Pilot New Local',\
|
||||
sv:'Testtjänst för Svenska eIDAS piloten'\
|
||||
}
|
||||
# Logos are specified as a map with the url as key followed by height,width[,lang] as comma separated parameters.
|
||||
natsp.logos={\
|
||||
'https://eunode.eidastest.se/Connector/custom/idpLogo.png':'276,293'\
|
||||
}
|
||||
natsp.assertionConsumerServices={\
|
||||
'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':'${proxy-service.domain.prefix}/assertionconsumer'\
|
||||
}
|
||||
natsp.nameIDFormats=\
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent,\
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:transient
|
||||
natsp.entityCategories=\
|
||||
http://id.elegnamnden.se/ec/1.0/loa3-pnr
|
||||
|
||||
|
|
@ -0,0 +1,25 @@
|
|||
psmd.gen.entityID=${proxy-service.domain.prefix}/ServiceMetadata
|
||||
psmd.ext.supportedEncAlgos=\
|
||||
http://www.w3.org/2009/xmlenc11#aes128-gcm,\
|
||||
http://www.w3.org/2009/xmlenc11#aes192-gcm,\
|
||||
http://www.w3.org/2009/xmlenc11#aes256-gcm
|
||||
psmd.ext.supportedSigAlgorithms=\
|
||||
http://www.w3.org/2001/04/xmldsig-more#rsa-sha512,\
|
||||
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256,\
|
||||
http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256
|
||||
psmd.ext.supportedDigestAlgorithms=\
|
||||
http://www.w3.org/2001/04/xmldsig-more#sha384,\
|
||||
http://www.w3.org/2001/04/xmlenc#sha512,\
|
||||
http://www.w3.org/2001/04/xmlenc#sha256
|
||||
psmd.idp.nameIDFormats=\
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:persistent,\
|
||||
urn:oasis:names:tc:SAML:2.0:nameid-format:transient,\
|
||||
urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified
|
||||
psmd.idp.ssoList={'urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST':'${proxy-service.domain.prefix}/ColleagueRequest'}
|
||||
psmd.idp.supportedAttributes=\
|
||||
http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName,\
|
||||
http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName,\
|
||||
http://eidas.europa.eu/attributes/naturalperson/DateOfBirth,\
|
||||
http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier,\
|
||||
http://eidas.europa.eu/attributes/naturalperson/Gender
|
||||
psmd.idp.assuranceCertifications=http://eidas.europa.eu/LoA/substantial
|
17
eidas-proxy/overlay/etc/eidas-proxy/xy/eIDASmdListCert.crt
Normal file
17
eidas-proxy/overlay/etc/eidas-proxy/xy/eIDASmdListCert.crt
Normal file
|
@ -0,0 +1,17 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIIDSTCCAjECBgFc72gQnTANBgkqhkiG9w0BAQ0FADBoMScwJQYDVQQKEx5Td2VkaXNoIEUtSWRl
|
||||
bnRpZmljYXRpb24gQm9hcmQxCzAJBgNVBAYTAlNFMTAwLgYDVQQDEydTd2VkaXNoIGVJREFTIG5v
|
||||
ZGUgdHJ1c3QgY29uZmlnIHNlcnZpY2UwHhcNMTcwNjI4MTQ1MzEzWhcNMjIwNjI4MTU1MzEzWjBo
|
||||
MScwJQYDVQQKEx5Td2VkaXNoIEUtSWRlbnRpZmljYXRpb24gQm9hcmQxCzAJBgNVBAYTAlNFMTAw
|
||||
LgYDVQQDEydTd2VkaXNoIGVJREFTIG5vZGUgdHJ1c3QgY29uZmlnIHNlcnZpY2UwggEiMA0GCSqG
|
||||
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQCR93BFw1lFLD3IUkYwKFj29R2h2kz8X1mKBoLKufXdTg7F
|
||||
HHgkJFUy6Kf+JTWiJoEC60WBTBj1Mf+phA0PS24PDBqErtnv5l1K8x1Bo930NqxMStwFbmaeah5a
|
||||
1ZeEMsWWGfJfMU26/yHux4ULkUqwxJQ9x5hYp5qLf/UaCbJvxOLyZ5wmHnups1+hT5AFe/ix6mua
|
||||
hKNCJplrZLpnMhFuSjZC+yDDH0F83X71kU0bsm8RKd9OW2t+g+XFRnVpf+mgHPf2bCGxDJpt5h/s
|
||||
ipQCP78gXsCL+6J7lS8pnxy/ZW2Qr4cwIvWucTlph0nAEHVv9j2K4pgCKR4hbD5MonFjAgMBAAEw
|
||||
DQYJKoZIhvcNAQENBQADggEBAFI5NDg0xPP8GGwItDSPYqF/PbN9k4Rc/ujXVxgNC/cZ3gSYS8Hl
|
||||
jcRs2bGx7uiOkJIWiaNXapMptyOgwbjhB4kKLkFnywIH9nV1yYdkf1ToBZJz/SuCAXSkVylTARKa
|
||||
memIj/9JL9L0FX7i+qyArJJO8Z7PhSUP1uhGEaPSLA3AuNT9xYzMUvrwf8+aDscvf0h0YjPjrIhn
|
||||
r3i8fvkDDSaRPbAe1xJjHZoOA2Y8socfw+8BsGoibaS00wVgjx9+gZWIE5/d6PBQesF3KMPUZZMp
|
||||
6WJrOnxk0z03V7R38PB/bTqivErVSYOZ3M8zIyqfPiWM2Fe35tHXXHN8XsQel6s=
|
||||
-----END CERTIFICATE-----
|
15
eidas-proxy/overlay/etc/eidas-proxy/xy/se-metadata-cert.crt
Normal file
15
eidas-proxy/overlay/etc/eidas-proxy/xy/se-metadata-cert.crt
Normal file
|
@ -0,0 +1,15 @@
|
|||
-----BEGIN CERTIFICATE-----
|
||||
MIICyzCCAbMCBgFEwQFDRDANBgkqhkiG9w0BAQUFADApMScwJQYDVQQDDB5Td2VkaXNoIEUtaWRl
|
||||
bnRpZmljYXRpb24gYm9hcmQwHhcNMTQwMzE0MTIzMTI5WhcNMTkwMzE0MTQzMTI5WjApMScwJQYD
|
||||
VQQDDB5Td2VkaXNoIEUtaWRlbnRpZmljYXRpb24gYm9hcmQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
|
||||
DwAwggEKAoIBAQCGxrPbCuZYeMZniwOAIO1MiQjGD3LIfaLBddNucsAVrxpYW7bYMwzvgL2Gp4yV
|
||||
6IyAx5kUgHPjEkEEIjH+NhxYdChD8iWBkLuaOkxyYNXFjFQ3APk5kqP+BB+fP8peWlKGX6S2mfcB
|
||||
7eObDQqb28osfXE+bak4X2rNf5i+Yx9VdXBpRhDxk7umDdWTSJlc+ZCxWUt3ldc58/sXIgAzVWk4
|
||||
9A3GIvOHlBVgm/5g3yzU9HnxD1fyOKT+NkF5J9mjM0x8Qg9K/Zep3n1xmb8kZ/vcRxv+AounGDd7
|
||||
w/QWW84sPegySHqm5GkLSgwB63nJZr5wS+qoT9sTooCM0AhBhY1FAgMBAAEwDQYJKoZIhvcNAQEF
|
||||
BQADggEBAESqy6GrAEbL/blJQxDb/LCCW4y3KAAs/pqvR4SQMP0rvVe5FJiUJsE/6DEhk+cl0N+o
|
||||
5e8/NusIUD7f6vKSYTHgCodSeDYGdrkRrOucDBWgIlYVsR3yTb/za3AlgiTW6eGGqiY6SeEzXNTM
|
||||
5o0GpoZbknQZEK/xCJLtMAU6oX7pDBLahtYeJAJJNFVjtPKsERr2Ob2ni9XW8+fxyjv0v2gmlQvW
|
||||
i6VnpD6VJ3nwAFDsGHBgzli32YBd62rukqyiqvC595LNg0Dg4fyv1ZuOiqajWSd3x8JI6bS01QvY
|
||||
3fNKY84wMQXpRq9C3zRtpPKmh22W6mcQvh1uN3qNaIEEklE=
|
||||
-----END CERTIFICATE-----
|
|
@ -25,3 +25,6 @@ r1.komreg.net:
|
|||
openstack_ubuntu_16_04_dockerhost:
|
||||
sunet_iaas_cloud:
|
||||
autoupdate:
|
||||
eidas_proxy:
|
||||
hostname: xy.qa.sveidas.se
|
||||
country: xy
|
||||
|
|
|
@ -198,7 +198,6 @@ class swamid_pyff_signer {
|
|||
}
|
||||
|
||||
class eidas_connector($hostname) {
|
||||
$proxy_service_cookie_encrypt_pw = safe_hiera('proxy_service_cookie_encrypt_pw',NOT_SET);
|
||||
file {['/etc/eidas-connector','/var/log/eidas-connector']: ensure => directory } ->
|
||||
sunet::docker_run {'eidas_connector':
|
||||
image => 'docker.sunet.se/eidas-connector',
|
||||
|
@ -207,10 +206,13 @@ class eidas_connector($hostname) {
|
|||
volumes => ['/var/log/eidas-connector:/var/log/eidas-connector',
|
||||
'/etc/eidas-connector:/etc/eidas-connector'],
|
||||
env => ["IDP_SERVER_HOSTNAME=$hostname"]
|
||||
}
|
||||
} ->
|
||||
class {'webserver': } ->
|
||||
class {'https_server': }
|
||||
}
|
||||
|
||||
class eidas_proxy($hostname,$country) {
|
||||
$proxy_service_cookie_encrypt_pw = safe_hiera('proxy_service_cookie_encrypt_pw',NOT_SET);
|
||||
file {['/etc/eidas-proxy/',"/etc/eidas-proxy/$country"]: ensure => directory } ->
|
||||
sunet::snippets::secret_file {
|
||||
hiera_key => 'eidas_proxy_keystore',
|
||||
|
@ -228,6 +230,8 @@ class eidas_proxy($hostname,$country) {
|
|||
"SPRING_CONFIG_LOCATION=/etc/eidas-proxy/$country/cfg/",
|
||||
"PROXY_SERVICE_COOKIEENCRYPTPW=$proxy_service_cookie_encrypt_pw"]
|
||||
}
|
||||
class {'webserver': } ->
|
||||
class {'https_server': }
|
||||
}
|
||||
|
||||
class sunetops {
|
||||
|
|
Loading…
Add table
Reference in a new issue