...
Dans ce cadre, nous avons établi un document 'type' de 'qualification' que nbous nous partageons ici également : ESUP-SGC-Point-Controle-COMUE-NU.pdf (fichier source Excel ici)
...
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<bean id="dummyExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtDummy"/>
<bean id="tagIdCheckApiLdapWithCsn" class="org.esupportail.nfctag.service.api.impl.TagIdCheckLdap">
<property name="searchFilter" value="supannRefId='{'ISO15693'}'{0}"/>
<property name="description" value="via LDAP ISO15693"/>
<property name="ldapServices">
<util:list>
<ref bean="ldapServiceUnivVille"/>
</util:list>
</property>
</bean>
<bean id="tagIdCheckApiDummy" class="org.esupportail.nfctag.service.api.impl.TagIdCheckDummyWs">
<property name="description" value="TagIdCheckDummy"/>
</bean>
<bean id="csnAuthConfig" class="org.esupportail.nfctag.service.api.impl.CsnAuthConfig">
<property name="description" value="Authentification CSN"/>
</bean>
<bean id="desfireAuthConfigComue" class="org.esupportail.nfctag.service.api.impl.DesfireReadConfig">
<property name="desfireKeyNumber" value="01"/>
<property name="desfireFileNumber" value="00"/>
<property name="desfireAppId" value="F585C2"/>
<property name="desfireAppName" value="csn-domain"/>
<property name="desfireFileOffset" value="000000"/>
<property name="desfireKey" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<property name="description" value="Authentification Desfire CSN-DOMAIN"/>
</bean>
<bean id="ldapContextSourceUnivville" class="org.springframework.ldap.core.support.LdapContextSource">
<property name="url" value="ldap://ldap.univ-ville.fr" />
<property name="base" value="dc=univ-ville,dc=fr" />
<property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" />
<property name="password" value="XXXXXXXX" />
</bean>
<bean id="ldapTemplateUnivville" class="org.springframework.ldap.core.LdapTemplate">
<constructor-arg ref="ldapContextSourceUnivville" />
</bean>
<bean id="ldapServiceUnivville" class="org.esupportail.nfctag.service.LdapService">
<property name="ldapTemplate" ref="ldapTemplateUnivville" />
</bean>
<bean id="esupSgcExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagable"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTag"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locations"/>
<property name="description" value="Web Service Write Esup SGC"/>
</bean>
<bean id="esupSgcUpdateExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagable"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTag"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locationsUpdater"/>
<property name="description" value="Web Service Update Esup SGC"/>
</bean>
<bean id="esupSgcSearchExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagable"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTag"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locationsSearch"/>
<property name="description" value="Web Service Search Esup SGC"/>
</bean>
<bean id="esupSgcLivraisonExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagable"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTag"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locationsLivreur"/>
<property name="description" value="Web Service livraison Esup SGC"/>
</bean>
<bean id="esupSgcVersoExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagable"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTag"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locationsVerso"/>
<property name="displayUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/verso"/>
<property name="description" value="Web Service Verso Esup SGC"/>
</bean>
<bean id="tagIdCheckApiEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagIdCheckRestWs">
<property name="tagIdCheckUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/tagIdCheck"/>
<property name="idFromEppnInitUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromEppnInit"/>
<property name="description" value="via Esup SGC"/>
</bean>
<bean id="desfireDeuinfoReadConfig" class="org.esupportail.nfctag.service.api.impl.DesfireReadDeuinfoConfig">
<property name="baseKey" value="11111111111111111111111111111111"/>
<property name="description" value="Check Desfire DEUINFO"/>
</bean>
<bean id="iso7816DesfireDeuinfoReadConfig" class="org.esupportail.nfctag.service.api.impl.Iso7816ReadDeuinfoConfig">
<property name="description" value="Check Iso7816 DEUINFO"/>
</bean>
<bean id="esupSgcDeuinfoExtApi" class="org.esupportail.nfctag.service.api.impl.AppliExtRestWs">
<property name="isTagableUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/isTagableDeuinfo"/>
<property name="validateTagUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/validateTagDeuinfo"/>
<property name="getLocationsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/locationsDeuinfo"/>
<property name="displayUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/deuinfo"/>
<property name="description" value="DEUINFO"/>
</bean>
<bean id="tagIdCheckApiDeuinfoEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagIdCheckRestWs">
<property name="tagIdCheckUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/tagIdCheckDeuinfo"/>
<property name="idFromEppnInitUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromEppnInit"/>
<property name="description" value="Deuinfo"/>
</bean>
|
src/main/resources/META-INF/spring/applicationContext-desfire.xml
La carte doit comporter les applications leocode (F585C0), idp2s (F585C1) et csn-domain (F585C2)
Chaque p:key est à remplacer par les clés qui vous ont été fournies (les clés p:keyNo=00 sont les master key respectives de chaque application)
| Info | |||||||
|---|---|---|---|---|---|---|---|
Suite à des modifications au niveau d'Esup-NFC-Tag-Server (possibilité de créer des applications vides, correction de l'application de mise à jour et optimisations) les TagUpdateRestWs sont supprimés. Il faut donc remplacer les références idp2sTagUpdateEsupSgc par idp2sTagWriteEsupSgc dans le bean desfireComueTagUpdateEsupSgc et remplacer la proprieté p:tagUpdateApi-ref par p:tagWriteApi-ref. De plus un nouveau bean est à ajouter :
Il permet de récupérer la date de dernier encodage de la carte en cours de mise à jour Il faut aussi retirer l'attribut p:type au niveau de desfireKey et l'attribut p:keyVersionStart au niveau de desfireTag (ils ne sont plus utiles) |
src/main/resources/META-INF/spring/applicationContext-desfire.xml
La carte doit comporter les applications leocode (F585C0), idp2s (F585C1) et csn-domain (F585C2)
Chaque p:key est à remplacer par les clés qui vous ont été fournies (les clés p:keyNo=00 sont les master key respectives de chaque application)
| Info | |||||||
|---|---|---|---|---|---|---|---|
Suite à des modifications au niveau d'Esup-NFC-Tag-Server (possibilité de créer des applications vides, correction de l'application de mise à jour et optimisations) les TagUpdateRestWs sont supprimés. Il faut donc remplacer les références idp2sTagUpdateEsupSgc par idp2sTagWriteEsupSgc dans le bean desfireComueTagUpdateEsupSgc et remplacer la proprieté p:tagUpdateApi-ref par p:tagWriteApi-ref. De plus un nouveau bean est à ajouter :
| |||||||
| Bloc de code | |||||||
| |||||||
<bean id="idp2sTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=access-control"/>
</bean>
<bean id="leocodeTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=bu"/>
</bean>
<bean id="csnDomainTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=csn-domain"/>
</bean>
<bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagLastUpdateRestWs">
<property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/>
</bean>
<bean id="escnDeuInfoTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getEscDeuInfoEscn?csn={0}"/>
</bean>
<bean id="signatureDeuInfoTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getEscDeuInfoSignature?csn={0}"/>
</bean>
<bean id="certDeuInfoTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getEscDeuInfoCertificat?csn={0}"/>
</bean>
<bean id="csnDeuInfoDiversifiedKeyService" class="org.esupportail.nfctag.service.desfire.DesfireDiversificationService">
<property name="baseKey" value="11111111111111111111111111111111"/>
</bean>
<bean id="escnDeuInfoDiversifiedKeyService" class="org.esupportail.nfctag.service.desfire.DesfireDiversificationService">
<property name="baseKey" value="11111111111111111111111111111111"/>
<property name="tagWriteApi">
<bean class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getEscDeuInfoEscn?csn={0}"/>
</bean>
</property>
</bean>
<bean id="damKeysTagWriteRestWs" class="org.esupportail.nfctag.service.api.impl.DamKeysTagWriteRestWs">
<property name="createDamKeysFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/createDamDiversBaseKey?csn={0}"/>
<property name="damKeysFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getDamDiversBaseKey?csn={0}"/>
<property name="resetDamKeysUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/resetDamDiversBaseKey?csn={0}"/>
</bean>
<bean id="desfireComueTagEsupSgc" class="org.esupportail.nfctag.beans.DesfireTag" p:formatBeforeWrite="false"
p:keyStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeStart="AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVersionFinish="01"
p:damKeysTagWriteApi-ref="damKeysTagWriteRestWs">
<property name="applications">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireApplication"
p:desfireAppId="F585C0" p:amks="0B" p:nok="84">
<property name="files">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireFile"
p:fileNumber="00" p:communicationSettings="03" p:accessRights="1223" p:tagWriteApi-ref="leocodeTagWriteEsupSgc"/>
</util:list>
</property>
<property name="keys">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
</util:list>
</property>
</bean>
<bean class="org.esupportail.nfctag.beans.DesfireApplication"
p:desfireAppId="F585C1" p:amks="0B" p:nok="85">
<property name="files">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireFile"
p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
<bean class="org.esupportail.nfctag.beans.DesfireFile"
p:fileNumber="01" p:communicationSettings="03" p:accessRights="2444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
<bean class="org.esupportail.nfctag.beans.DesfireFile"
p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
</util:list>
</property>
<property name="keys">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
<bean class="org.esupportail.nfctag.beans.DesfireKey"
p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
</util:list>
</property>
</bean>
<bean class="org.esupportail.nfctag.beans.DesfireApplication"
p:desfireAppId="F585C2" p:amks="0B" p:nok="86">
<property name="files">
<util:list>
<bean class="org.esupportail.nfctag.beans.DesfireFile"
p:fileNumber="00" p:communicationSettings="03" p:accessRights="1FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
<bean
Il permet de récupérer la date de dernier encodage de la carte en cours de mise à jour Il faut aussi retirer l'attribut p:type au niveau de desfireKey et l'attribut p:keyVersionStart au niveau de desfireTag (ils ne sont plus utiles) |
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<bean id="idp2sTagWriteEsupSgc" p:fileNumber="01" p:communicationSettings="03" p:accessRights="2FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="02" p:communicationSettings="03" p:accessRights="3FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.service.api.beans.DesfireFile" p:fileNumber="03" p:communicationSettings="03" p:accessRights="4FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <beanimpl.TagWriteRestWs"> <property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=access-control"/> </bean> <bean id="leocodeTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.beansimpl.DesfireFileTagWriteRestWs"> p:fileNumber<property name="04idFromCsnUrlTemplate" p:communicationSettingsvalue="03" p:accessRights="5FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> </util:list> </property> <property name="keys"> <util:list> <beanhttps://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=bu"/> </bean> <bean id="csnDomainTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.beansimpl.DesfireKeyTagWriteRestWs" p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean> <property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&appName=csn-domain"/> </bean> <bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.beansimpl.DesfireKeyTagLastUpdateRestWs"> p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean <property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/> </bean> <bean id="damKeysTagWriteRestWs" class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <beanservice.api.impl.DamKeysTagWriteRestWs"> <property name="createDamKeysFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/createDamDiversBaseKey?csn={0}"/> <property name="damKeysFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/getDamDiversBaseKey?csn={0}"/> <property name="resetDamKeysUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/resetDamDiversBaseKey?csn={0}"/> </bean> <bean id="desfireComueTagEsupSgc" class="org.esupportail.nfctag.beans.DesfireKey" DesfireTag" p:keyNoformatBeforeWrite="04false" p:keyVerkeyStart="01XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keykeyTypeStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="05AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVerkeyVersionFinish="01" p:keydamKeysTagWriteApi-ref="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXdamKeysTagWriteRestWs"/> </util:list> </property> </bean> <!-- Application DEUINFO de la carte étudiante européenne nok A3 : ISO enbaled, 3 AES keys amks OB : configuration changeable, free directory list access without master key --> <property name="applications"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireApplication" p:desfireAppId="F58840F585C0" p:amks="0B" p:nok="A3="84"> <property name="files"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="00" p:communicationSettings="03" p:isoIdaccessRights="10001223" p:isoNametagWriteApi-ref="A00000061404F58840leocodeTagWriteEsupSgc"/> </util:list> </property> <property name="fileskeys"> <util:list> <!-- ESCN File communicationSettings 00 : communication plain text for clear access accessRights E000 : - read access clear 'E' - write access '0' master key only - read/write access clear '0' - change acces rights '0' master key only - fileSize : 16 bytes -> 000010 -> 100000. --> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> </util:list> </property> </bean> <bean class="org.esupportail.nfctag.beans.DesfireApplication" p:desfireAppId="F585C1" p:amks="0B" p:nok="85"> <property name="files"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="01" p:communicationSettings="03" p:accessRights="2444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/> </util:list> </property> <property name="keys"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> </util:list> </property> </bean> <bean class="org.esupportail.nfctag.beans.DesfireApplication" p:desfireAppId="F585C2" p:amks="0B" p:nok="86"> <property name="files"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="00" p:communicationSettings="03" p:accessRights="1FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="01" p:communicationSettings="03" p:accessRights="2FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="02" p:communicationSettings="03" p:accessRights="3FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="03" p:communicationSettings="03" p:accessRights="4FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="04" p:communicationSettings="03" p:accessRights="5FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/> </util:list> </property> <property name="keys"> <util:list> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="00" p:communicationSettings="00" p:accessRights="E000DesfireKey" p:keyNo="00" p:isoIdkeyVer="1001" p:tagWriteApi-ref="escnDeuInfoTagWriteEsupSgc" /> <!-- Signature (71 ou 72 octets) - taille variable --> 01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumberDesfireKey" p:keyNo="02" p:keyVer="01" p:communicationSettings="00" p:accessRights="E000key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="03" p:isoIdkeyVer="1002" p:tagWriteApi-ref="signatureDeuInfoTagWriteEsupSgc" /> <!-- Certificat - taille variable --> 01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireFile" p:fileNumber="02DesfireKey" p:keyNo="04" p:communicationSettingskeyVer="0001" p:accessRightskey="E000" p:isoId="1003" p:tagWriteApi-ref="certDeuInfoTagWriteEsupSgc"/> </util:list> </property> <property name="keys"> <util:list> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="05" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/> </util:list> </property> </bean> </util:list> </property> </bean> |
Configuration ESUP-SGC
src/main/resources/META-INF/spring/applicationContext-services.xml
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<!-- masterused keyfor ofldap deuInfosearch application : private app master key of the universityon /manager/ldapSearch - super-manager only --> <bean class="org.esupportail.nfctag.beans.DesfireKey" id="ldapPersonService" class="org.esupportail.sgc.services.ldap.LdapPersonService"> <property p:keyNoname="00ldapTemplate" p:keyVerref="00" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" ldapTemplate"/> <property name="ldapTemplates"> <map> <!-- deuinfo master <entry key="Ldap diversifiedUniversité withde ESCNVille" --value-ref="ldapTemplate"/> <entry key="Ldap Comue" value-ref="comueLdapTemplate"/> </map> </property> </bean> <bean id="shibUserInfoService" class="org.esupportail.sgc.nfctagservices.beans.DesfireKey" p:keyNo="01" p:keyVer="00" p:desfireKeyService-ref="escnDeuInfoDiversifiedKeyService" /> <!-- deuinfo master key diversified with CSN --> <bean class="org.esupportail.nfctag.beans.DesfireKey" p:keyNo="02" p:keyVer="00" p:desfireKeyService-ref="csnDeuInfoDiversifiedKeyService" /userinfos.ShibUserInfoService" p:order="1"> <property name="sgcParam2requestHeader"> <map> <entry key="email" value="mail"/> <entry key="firstname" value="givenname"/> <entry key="name" value="sn"/> <entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/> <entry key="supannEtuId" value="supannEtuId"/> <entry key="supannEmpId" value="supannEmpId"/> <entry key="supannEtuEtape" value="supannEtuEtape"/> <entry key="supannEntiteAffectationPrincipale" value="supannEntiteAffectationPrincipale"/> <entry key="supannEtablissement" value="supannEtablissement"/> <entry key="supannCodeINE" value="supannCodeINE"/> <entry key="schacDateOfBirth" value="schacDateOfBirth"/> <entry key="recto2" value="givenname"/> <entry key="recto3" value="sn"/> </map> </property> </bean> <bean id="ldapContextSourcePool" class="org.springframework.ldap.pool2.factory.PooledContextSource"> <constructor-arg> </util:list> <bean class="org.springframework.ldap.pool2.factory.PoolConfig"> </property> </bean> </util:list> </property> </bean> |
Configuration ESUP-SGC
src/main/resources/META-INF/spring/applicationContext-services.xml
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<!-- used for ldap search on /manager/ldapSearch - super-manager only --> <bean id="ldapPersonService" class="org.esupportail.sgc.services.ldap.LdapPersonService"> <property name="testWhileIdle" value="true"/> <property name="testOnBorrow" value="true"/> <property name="ldapTemplatetimeBetweenEvictionRunsMillis" refvalue="ldapTemplate30000"/> <property name="minEvictableIdleTimeMillis" value="ldapTemplates60000"/> <map> </bean> <entry key="Ldap Université de Ville" value-ref="ldapTemplate"/></constructor-arg> <entry<property keyname="Ldap ComuecontextSource" value-ref="comueLdapTemplateldapContextSource" /> </map> </property> <property name="dirContextValidator" ref="dirContextValidator"/> </bean> <bean id="shibUserInfoServicedirContextValidator" class="org.esupportailspringframework.sgcldap.servicespool2.userinfosvalidation.ShibUserInfoService" p:order="1DefaultDirContextValidator" /> <bean id="ldapContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="sgcParam2requestHeader"ldap://ldap.univ-ville.fr" /> <map> <entry key<property name="emailbase" value="mail"dc=univ-ville,dc=fr" /> <entry<property keyname="firstnameuserDn" value="givenname"cn=admin,dc=univ-ville,dc=fr" /> <entry<property keyname="namepassword" value="snXXXXXXXX" /> </bean> <entry<bean keyid="eduPersonPrimaryAffiliationldapTemplate" valueclass="eduPersonPrimaryAffiliation"/org.springframework.ldap.core.LdapTemplate"> <entry key<constructor-arg ref="supannEtuIdldapContextSourcePool" value="supannEtuId"/> </bean> <entry key="supannEmpId" value="supannEmpId"/ <bean id="ldapUserInfoService" class="org.esupportail.sgc.services.userinfos.LdapUserInfoService" p:order="2"> <entry<property keyname="supannEtuEtapeeppnFilter" value="supannEtuEtape.*@univ-ville\.fr"/> <entry<property keyname="supannEntiteAffectationPrincipaleldapTemplate" valueref="supannEntiteAffectationPrincipaleldapTemplate"/> <entry<property keyname="supannEtablissement" value="supannEtablissement"/>sgcParam2ldapAttr"> <map> <entry key="supannCodeINEemail" value="supannCodeINEmail"/> <entry key="schacDateOfBirtheduPersonPrimaryAffiliation" value="schacDateOfBirtheduPersonPrimaryAffiliation"/> <entry key="recto2supannEtuId" value="givennamesupannEtuId"/> <entry key="recto3supannEmpId" value="snsupannEmpId"/> </map> </property> </bean> <bean<entry idkey="ldapContextSourcePoolsupannCodeINE" classvalue="org.springframework.ldap.pool.factory.PoolingContextSource"supannCodeINE"/> <property name="contextSource" ref="ldapContextSource" /> <property<entry namekey="dirContextValidatorsupannEntiteAffectationPrincipale" refvalue="dirContextValidatorsupannEntiteAffectationPrincipale"/> <property name="testWhileIdle" value="true"/> <property<entry namekey="testOnBorrowfirstname" value="truegivenname"/> </bean> <bean id="dirContextValidator" class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" /> <bean id="ldapContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldap://ldap.univ-ville.fr" /> <property name="base" value="dc=univ-ville,dc=fr" /> <property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" /> <property name="password" value="XXXXXXXX" /> </bean> <bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="ldapContextSourcePool" /> <entry key="name" value="sn"/> <entry key="schacDateOfBirth" value="schacDateOfBirth"/> <entry key="supannEtablissement" value="supannEtablissement"/> <entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/> <entry key="recto3" value="givenname"/> <entry key="recto2" value="sn"/> <entry key="schacExpiryDate" value="schacExpiryDate"/> </map> </property> </bean> <bean id="ldapUserInfoServicegroupService" class="org.esupportail.sgc.services.userinfos.LdapUserInfoService" p:order="2ldap.LdapGroupService"> <property name="eppnFilterldapTemplate" valueref=".*@univ-ville\.frldapTemplate"/> <property name="ldapTemplategroupSearchBase" refvalue="ldapTemplateou=groups" /> <property name="groupSearchFilter" value="sgcParam2ldapAttrmember={0}"/> <map> <entry key<property name="emailmemberSearchBase" value="mailou=people"/> <entry<property keyname="eduPersonPrimaryAffiliationmemberSearchFilter" value="eduPersonPrimaryAffiliationmemberOf={0}"/> </bean> <!-- <entry key="supannEtuId" value="supannEtuId"/> <entry key="supannEmpIdExemple de sqlUserInfoService. Recupécation des informations utilisateur via une requete SQL --> <bean class="org.apache.commons.dbcp2.BasicDataSource" destroy-method="close" id="mysqlDataSource"> <property name="driverClassName" value="supannEmpIdcom.mysql.jdbc.Driver"/> <entry<property keyname="supannCodeINEurl" value="supannCodeINEjdbc:mysql://mysql.univ-ville.fr:3306/database"/> <entry<property keyname="supannEntiteAffectationPrincipaleusername" value="supannEntiteAffectationPrincipaleadmin"/> <entry<property keyname="firstnamepassword" value="givennamexxxxxxxx"/> <entry<property keyname="nametestOnBorrow" value="sntrue" /> <entry<property keyname="schacDateOfBirthtestOnReturn" value="schacDateOfBirthtrue" /> <entry<property keyname="supannEtablissementtestWhileIdle" value="supannEtablissementtrue" /> <entry<property keyname="jpegPhoto4ExternalCardtimeBetweenEvictionRunsMillis" value="jpegPhoto1800000" /> <entry<property keyname="recto3numTestsPerEvictionRun" value="givenname3" /> <entry<property keyname="recto2minEvictableIdleTimeMillis" value="sn1800000" /> <entry<property keyname="schacExpiryDatevalidationQuery" value="schacExpiryDate"/> </map> </property> SELECT version();" /> </bean> <bean id="groupServiceunivvilleUserInfoService" class="org.esupportail.sgc.services.ldapuserinfos.LdapGroupServiceSqlUserInfoService"> <property name="ldapTemplate" ref="ldapTemplate"/ p:order="3"> <property name="groupSearchBaseeppnFilter" value="ou=groups" .*@univ-ville\.fr"/> <property name="groupSearchFilterdataSource" valueref="member={0}mysqlDataSource"/> <property name="memberSearchBasesqlQuery" value="ou=people"/> <property name="memberSearchFilter" value="memberOf={0}"/> </bean> <!-- Exemple de sqlUserInfoService. Recupécation des informations utilisateur via une requete SQL --> <bean class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close" id="mysqlDataSource"> <property name="driverClassName" value="com.mysql.jdbc.Driver"/> <property name="url" value="jdbc:mysql://mysql.univ-ville.fr:3306/database"/> <property name="username" value="admin"/> <property name="password" value="xxxxxxxx"/> <property name="testOnBorrow" value="true" /> <property name="testOnReturn" value="true" /> <property name="testWhileIdle" value="true" /> <property name="timeBetweenEvictionRunsMillis" value="1800000" /> <property name="numTestsPerEvictionRun" value="3" /> <property name="minEvictableIdleTimeMillis" value="1800000" /> <property name="validationQuery" value="SELECT version();" /> </bean> select ligneTitre as recto1, nom as recto2, prenom as recto3, dateNaissance as recto4, identifiant as recto5, ligneAnneeUniv as recto7, divers1 as verso1, divers2 as verso2, divers3 as verso3, divers4 as verso4, anneeUniv as verso5, typepopulationcrous as referenceStatut, indiceinm as indice, concat(replace(datefindroits,'-',''),'235959Z') as schacExpiryDate, leocode as secondaryId, adresseFilterLibelle as address from SgcLeoCarte where eppn=?"/> </bean> <!-- On s'assure que eduPersonPrimaryAffiliation est conservé On fait également en sorte de toujours conserver une email, même si celui-ci n'est plus valide : le crous exige qu'un compte ait toujours un email de présent --> <bean id="univvilleUserInfoServicespelUserInfoServiceEPPA" class="org.esupportail.sgc.services.userinfos.SqlUserInfoService" p:order="3"> <property name="eppnFilter" value=".*@univ-ville\.fr"/.SpelUserInfoService" p:order="4"> <property name="dataSource" ref="mysqlDataSource"/>sgcParam2spelExp"> <map> <property <entry namekey="sqlQueryeduPersonPrimaryAffiliation" value="select ligneTitre as recto1, nom as recto2, prenom as recto3, dateNaissance as recto4, identifiant as recto5, ligneAnneeUniv as recto7, divers1 as verso1, divers2 as verso2, divers3 as verso3, divers4 as verso4, anneeUniv as verso5, typepopulationcrous as referenceStatut, indiceinm as indice, concat(replace(datefindroits,'-',''),'235959Z') as schacExpiryDate, leocode as secondaryId, adresseFilterLibelle as address from SgcLeoCarte where eppn=?"/> </bean> <!-- On s'assure que eduPersonPrimaryAffiliation est conservé On fait également en sorte de toujours conserver une email, même si celui-ci n'est plus valide : le crous exige qu'un compte ait toujours un email de présent --> <bean id="spelUserInfoServiceEPPA" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="4"> <property name="sgcParam2spelExp"> <map>#userInfosInComputing['eduPersonPrimaryAffiliation'] == Null or #userInfosInComputing['eduPersonPrimaryAffiliation'] == '' ? #user.eduPersonPrimaryAffiliation : #userInfosInComputing['eduPersonPrimaryAffiliation'] "/> <entry key="email" value="#userInfosInComputing['email'] != Null and #userInfosInComputing['email'] matches '.*@.*' ? #userInfosInComputing['email'] : #user.email"/> </map> </property> </bean> <!-- On calcule l'institute en fonction de l'eppn On calcule le userType en fonction de eduPersonPrimaryAffiliation On calcule le template de la carte en fonction de l'eppn --> <bean id="spelUserInfoService" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="5"> <property name="sgcParam2spelExp"> <map> <entry key="institute" value=" #user.eppn matches '.*@univ-ville\.fr' ? 'Université de Ville' : #user.eppn matches '.*@univ-village\.fr' ? 'Université du Village' : #user.eppn matches '.*@ecole-ville\.fr' ? 'Ecolde de Ville' : #user.eppn matches '.*@comue\.fr' ? 'COMUE' : 'Extérieur'"/> <entry key="eduPersonPrimaryAffiliationuserType" value="#userInfosInComputing['eduPersonPrimaryAffiliation'] == Null or !(#user.eppn matches '.*@univ-ville\.fr') ? 'Ext' : #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'student' ? 'E' : #user.eduPersonPrimaryAffiliation :#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'staff' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'teacher' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'employee' ? 'P' : 'I'"/> <entry key="emailtemplate" value="#userInfosInComputing['email'] != Null and #userInfosInComputing['email'] #user.eppn matches '.*@.*@univ-ville\.fr' ? #userInfosInComputing['emailuniv-ville'] : #user.email'undefined'"/> </map> </property> </bean> <!-- On calcule l'institute en fonction de l'eppn On calcule le userType en fonction de eduPersonPrimaryAffiliation On calcule le template de la carte en fonction de l'eppnSi recto1 et recot4 non trouvé (dans la Base de Données ici) on les calcule en fonction du userType et de schacDateOfBirth on reformatte recto7 : 2017/2018 -> 2017<br/>2018 - cf propriété recto7Replace donnée dans sgc.properties --> <bean id="spelUserInfoServicespelUserInfoService2" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="5"> <property name="sgcParam2spelExp"> <map> <entry key="institute" value=" #user.eppn matches '.*@univ-ville\.fr' ? 'Université de Ville' : #user.eppn matches '.*@univ-village\.fr' ? 'Université du Village' : #user.eppn matches '.*@ecole-ville\.fr' ? 'Ecolde de Ville' : #user.eppn matches '.*@comue\.fr' ? 'COMUE' :.services.userinfos.SpelUserInfoService" p:order="6"> <property name="sgcParam2spelExp"> <map> <entry key="recto1" value="#userInfosInComputing['recto1'] != Null ? #userInfosInComputing['recto1'] : #userInfosInComputing['Extérieur'"/> <entry key="userType" value="!(#user.eppn matches '.*@univ-ville\.fr')userType'] == 'E' ? 'Extétudiant' : #userInfosInComputing['eduPersonPrimaryAffiliationuserType'] == 'studentP' ? 'Eprofessionnelle' : #userInfosInComputing['eduPersonPrimaryAffiliationuserType'] == 'I' ? 'staffinvité' or : 'extérieur'"/> <entry key="recto4" value="#userInfosInComputing['eduPersonPrimaryAffiliationrecto4'] !== 'teacher' or Null ? #userInfosInComputing['recto4'] : #userInfosInComputing['eduPersonPrimaryAffiliationschacDateOfBirth'] !== Null ? 'employeeNé le : ' ? 'P'+ #dateUtils.schadDateOfBirthDay2FrenchDate(#userInfosInComputing['schacDateOfBirth']) : 'I'"/> <entry key="template" value="#user.eppn matches '.*@univ-ville\.fr' ? 'univ-ville' : 'undefined'="recto7" value="${recto7Replace}"/> </map> </property> </bean> <!-- Si recto1 et recot4 non trouvé (dans la Base de Données ici) on les calcule en fonction du userType et de schacDateOfBirth on reformatte recto7 : 2017/2018 -> 2017<br/>2018 - cf propriété recto7Replace donnée dans sgc.propertiesrequestFree à false pour les étudiants ayant une carte de moins de 3ans *par rapport au 6 juillet de l'année de demande de la carte* les cartes avant le 29/06/2018 (anciennes leocartes) ne sont pas prises en compte --> <bean id="spelUserInfoService2requestNotFreeUserInfoService" class="org.esupportail.sgc.services.userinfos.SpelUserInfoServiceSqlUserInfoService" p:order="6"order="8"> <property name="eppnFilter" value=".*@univ-ville\.fr"/> <property name="sgcParam2spelExp""dataSource" ref="dataSource"/> <map> <entry key<property name="recto1sqlQuery" value="#userInfosInComputing['recto1'] != Null ? #userInfosInComputing['recto1'] : #userInfosInComputing['userType'] == 'E' ? 'étudiant' : #userInfosInComputing['userType'] == 'P' ? 'professionnelle' : #userInfosInComputing['userType'] == 'I' ? 'invité' : 'extérieur'"/> <entry key="recto4" value="#userInfosInComputing['recto4'] != Null ? #userInfosInComputing['recto4'] : #userInfosInComputing['schacDateOfBirth'] != Null ? 'Né le : ' + #dateUtils.schadDateOfBirthDay2FrenchDate(#userInfosInComputing['schacDateOfBirth']) : ''"/> <entry key="recto7" value="${recto7Replace}"/> </map> </property> select (not exists (select c.id from card as c, user_account as u where c.request_date > (select x from (SELECT to_date('06.07.' || date_part('year', current_timestamp)-2, 'DD.MM.YYYY') as x union SELECT to_date('06.07.' || date_part('year', current_timestamp)-3, 'DD.MM.YYYY') as x) AS d where current_timestamp-d.x > INTERVAL '2 year' order by x desc limit 1) and c.eppn=u.eppn and u.edu_person_primary_affiliation='student' and c.request_date > '2018-05-28' and u.eppn = ?)) ::text as requestFree"/> </bean> <!-- requestFree à false pour les étudiants ayant une carte de moins de 3ans *par rapport au 6 juillet de l'année de demande de la carte* les cartes avant le 29/06/2018 (anciennes leocartes) ne sont pas prises en compte --> <bean id="requestNotFreeUserInfoService" class="org.esupportail.sgc.services.userinfos.SqlUserInfoService" p:order="8"> <property name="eppnFilter" value=".*@univ-ville\.fr"/> <property name="dataSource" ref="dataSource"/> <property name="sqlQuery" value="select (not exists (select c.id from card as c, user_account as u where c.request_date > (select x from (SELECT to_date('06.07.' || date_part('year', current_timestamp)-2, 'DD.MM.YYYY') as x union SELECT to_date('06.07.' || date_part('year', current_timestamp)-3, 'DD.MM.YYYY') as x) AS d where current_timestamp-d.x > INTERVAL '2 year' order by x desc limit 1) and c.eppn=u.eppn and u.edu_person_primary_affiliation='student' and c.request_date > '2018-05-28' and u.eppn = ?)) ::text as requestFree"/> </bean> <bean id="comueLdapContextSourcePool" class="org.springframework.ldap.pool2.factory.PooledContextSource"> <constructor-arg> <bean class="org.springframework.ldap.pool2.factory.PoolConfig"> <property name="testWhileIdle" value="true"/> <property name="testOnBorrow" value="true"/> <property name="timeBetweenEvictionRunsMillis" value="30000" /> <property name="minEvictableIdleTimeMillis" value="60000" /> </bean> </constructor-arg> <property name="contextSource" ref="comueLdapContextSource" /> <property name="dirContextValidator" ref="comueDirContextValidator"/> </bean> <bean id="comueDirContextValidator" class="org.springframework.ldap.pool2.validation.DefaultDirContextValidator" /> <bean id="comueLdapContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldaps://ldap.comue.fr" /> <property name="base" value="dc=unr-runn,dc=fr" /> <property name="userDn" value="cn=esup-sgc-univ-ville,ou=system,dc=comue,dc=fr" /> <property name="password" value="XXXXXXXX" /> </bean> <bean id="comueLdapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="comueLdapContextSourcePool" /> </bean> <bean id="comueLdapContextSourcePoolcomueLdapUserInfoService" class="org.springframeworkesupportail.ldapsgc.poolservices.factory.PoolingContextSourceuserinfos.LdapUserInfoService" p:order="2"> <property name="contextSourceeppnFilter" refvalue="comueLdapContextSource" ^((?!@univ-ville\.fr).)*$"/> <property name="dirContextValidatorldapTemplate" ref="comueDirContextValidatorcomueLdapTemplate"/> <property name="sgcParam2ldapAttr"> <map> <entry key="testWhileIdleemail" value="truemail"/> <entry <property name="testOnBorrowkey="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/> <entry key="firstname" value="truegivenname"/> </bean> <bean id="comueDirContextValidator" class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" /> <bean id="comueLdapContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldaps://ldap.comue.fr" /> <property name="base" value="dc=unr-runn,dc=fr" /> <property name="userDn" value="cn=esup-sgc-univ-ville,ou=system,dc=comue,dc=fr" /> <property name="password" value="XXXXXXXX" /> </bean> <bean id="comueLdapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="comueLdapContextSourcePool" /> </bean> <entry key="name" value="sn"/> <entry key="schacDateOfBirth" value="schacDateOfBirth"/> <entry key="supannEtablissement" value="supannEtablissement"/> <entry key="supannRefId4ExternalCard" value="supannRefId"/> <entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/> <entry key="recto3" value="givenname"/> <entry key="recto2" value="sn"/> <entry key="schacExpiryDate" value="schacExpiryDate"/> </map> </property> </bean> <bean id="comueLdapUserInfoServicecomueSpelUserInfoService" class="org.esupportail.sgc.services.userinfos.LdapUserInfoServiceSpelUserInfoService" p:order="24"> <property name="eppnFilter" value="^((?!@univ-ville\.fr).)*$"/> <property name="ldapTemplate" ref="comueLdapTemplate".fr).)*$"/> <property name="sgcParam2ldapAttrsgcParam2spelExp"> <map> <entry key="emailsecondaryId" value="mail${leocodeReplace}"/> <entry key="eduPersonPrimaryAffiliationaccess-control4ExternalCard" value="eduPersonPrimaryAffiliation${accesscontrolReplace}"/> <entry key="firstnamecsn4ExternalCard" value="givenname${csnReplace}"/> <entry key="name" value="sn"/></map> </property> </bean> <bean id="cardIdsService" class="org.esupportail.sgc.services.cardid.CardIdsService"> <property name="cardIdServices"> <list> <entry<bean key="schacDateOfBirth" value="schacDateOfBirth"/> <entry key="supannEtablissement" value="supannEtablissement"/> <entry key="supannRefId4ExternalCard" value="supannRefId"/> <entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/> <entry key="recto3" value="givenname"/> <entry key="recto2" value="sn"/> <entry key="schacExpiryDate" value="schacExpiryDateclass="org.esupportail.sgc.services.cardid.ComueNuAccessControlCardIdService"> <!-- warning : access-control is a keyword for access-control services : org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control' --> <property name="appName" value="access-control"/> <property name="idCounterBegin" value="XXXXXXXXXXXXXXXX"/> <property name="postgresqlSequence" value="card_sequence"/> </map>bean> </property> </bean> <bean id="comueSpelUserInfoService" class="org.esupportail.sgc.services.userinfoscardid.SpelUserInfoService" p:order="4"ComueNuBuCardIdService"> <property name="eppnFilterappName" value="^((?!@univ-ville\.fr).)*$bu"/> <property name="sgcParam2spelExp"> <map> <entry key="secondaryId" value="${leocodeReplace}"/> <entry key="access-control4ExternalCard" value="${accesscontrolReplace}"/> </bean> <bean class="org.esupportail.sgc.services.cardid.CsnDomainCardIdService"> <entry<property keyname="csn4ExternalCardappName" value="${csnReplace}csn-domain"/> </bean> </map>list> </property> </bean> <bean id="esupNfcTagService" class="org.esupportail.sgc.services.EsupNfcTagService"> <property name="restTemplate" ref="restTemplate"/> <property name="webUrl" value="https://esup-nfc-tag.univ-ville.fr"/> <bean<property idname="cardIdsServiceapplicationName" classvalue="org.esupportail.sgc.services.cardid.CardIdsService">Ecriture SGC"/> <property name="location" value="cardIdServicesEncodage ESUP SGC"/> </bean> <list> <bean id="ldapAdminContextSourcePool" class="org.esupportailspringframework.sgcldap.servicespool2.cardidfactory.ComueNuAccessControlCardIdServicePooledContextSource"> <!-- warning : access-control is a keyword for access-control services : org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control' --> <property name="appName" value="access-control"/> <constructor-arg> <bean class="org.springframework.ldap.pool2.factory.PoolConfig"> <property name="idCounterBegintestWhileIdle" value="XXXXXXXXXXXXXXXXtrue"/> <property name="postgresqlSequencetestOnBorrow" value="card_sequencetrue"/> </bean> <bean class="org.esupportail.sgc.services.cardid.ComueNuBuCardIdService"> <property name="appNametimeBetweenEvictionRunsMillis" value="bu30000" /> </bean> <property <bean class="org.esupportail.sgc.services.cardid.CsnDomainCardIdService"> name="minEvictableIdleTimeMillis" value="60000" /> </bean> </constructor-arg> <property name="appNamecontextSource" valueref="csn-domainldapAdminContextSource" /> <property name="dirContextValidator" ref="dirContextValidator"/> </bean> </list> </property> </bean> <bean id="esupNfcTagService" class="org.esupportail.sgc.services.EsupNfcTagService" <bean id="ldapAdminContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldap://ldap.univ-ville.fr" /> <property name="restTemplatebase" refvalue="restTemplate"dc=univ-ville,dc=fr" /> <property name="webUrluserDn" value="https://esup-nfc-tag.cn=admin,dc=univ-ville.,dc=fr" /> <property name="applicationNamepassword" value="XXXXXXXX"Ecriture SGC"/> </bean> <property<bean nameid="locationldapAdminTemplate" value="Encodage ESUP SGC"class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="ldapAdminContextSourcePool" /> </bean> <bean id="ldapAdminContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource" id="ldapValidateService" class="org.esupportail.sgc.services.ldap.LdapValidateService"> <property name="ldapTemplate" ref="ldapAdminTemplate"/> <property name="contextSourcepeopleSearchFilter" refvalue="ldapAdminContextSource" (eduPersonPrincipalName={0})"/> <property name="dirContextValidator" ref="dirContextValidator"/> <property name="testWhileIdle" value="true"/> <property name="testOnBorrow" value="true"/> </bean> <bean id="ldapAdminContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldap://ldap.univ-ville.fr" /> <property name="base" value="dc=univ-ville,dc=fr" />ldapCardIdsMappingMultiValues"> <map> <entry key="swissEduPersonCardUID"> <list> <value>%reverse_csn%@ISO15693</value> </list> </entry> <entry key="supannRefId"> <list> <value>{ISO15693}%csn%</value> <value>{LEOCARTE:ACCESS-CONTROL}%access-control%</value> </list> </entry> </map> </property> <!-- <property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" /ldapCardIdsMappingValue"> <property name <map> <entry key="passwordjpegPhoto" value="XXXXXXXX%photo%" /> </bean>map> </property> --> </bean> <bean id="ldapAdminTemplateadContextSourcePool" class="org.springframework.ldap.pool2.corefactory.LdapTemplatePooledContextSource"> <constructor-arg ref="ldapAdminContextSourcePool" /> </bean> <bean id="ldapValidateService" <constructor-arg> <bean class="org.esupportailspringframework.sgcldap.servicespool2.ldapfactory.LdapValidateServicePoolConfig"> <property name="ldapTemplate" ref="ldapAdminTemplate"/> <property name="peopleSearchFiltertestWhileIdle" value="(eduPersonPrincipalName={0})true"/> <property name="ldapCardIdsMappingMultiValues"> <map> <entry key="swissEduPersonCardUID"> <list> <value>%reverse_csn%@ISO15693</value> </list> </entry> <entry key="supannRefId"> <list> <value>{ISO15693}%csn%</value> <value>{LEOCARTE:ACCESS-CONTROL}%access-control%</value> </list> </entry> </map> </property> <property name="testOnBorrow" value="true"/> <!-- <property name="timeBetweenEvictionRunsMillis" value="ldapCardIdsMappingValue30000"> <map> <entry key="jpegPhoto/> <property name="minEvictableIdleTimeMillis" value="%photo%60000"/> </map>bean> </property>constructor-arg> --> </bean> <bean id="adContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource"> <property name="contextSource" ref="adContextSource" /> <property name="dirContextValidator" ref="dirContextValidator"/> <property name="testWhileIdle" value="true"/> <property name="testOnBorrow" value="true"/> </bean> <bean id="adContextSource" class="org.springframework.ldap.core.support.LdapContextSource"> <property name="url" value="ldaps://ad.univ-ville.fr:636" /> <property name="base" value="DC=ur,DC=univ-ville,DC=fr"/> <property name="pooled" value="true" /> <property name="userDn" value="cn=Administrateur,cn=users,dc=ur,dc=univ-ville,dc=fr"/> <property name="password" value="XXXXXXXX" /> </bean> <bean id="adLdapTemplate" class="org.springframework.ldap.core.LdapTemplate"> <constructor-arg ref="adContextSourcePool" /> <property name="ignorePartialResultException" value="true"/> </bean> <bean id="adValidateService" class="org.esupportail.sgc.services.ldap.LdapValidateService"> <property name="ldapTemplate" ref="adLdapTemplate"/> <property name="peopleSearchFilter" value="(&(objectClass=person)(cn={1}))"/> <property name="ldapCardIdsMappingValue"> <map> <entry key="pager"> <value>%csn%</value> </entry> </map> </property> </bean> <bean id="ipService" class="org.esupportail.sgc.services.IpService"> <property name="maps"> <bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"> <property name="location" value="classpath:ip.properties"/> </bean> </property> </bean> <bean class="org.springframework.mail.javamail.JavaMailSenderImpl" id="mailSender"> <property name="host" value="${email.host}"/> <property name="protocol" value="${email.protocol}"/> </bean> <bean id="emailService" class="org.esupportail.sgc.services.EmailService"> <property name="mailSender" ref="mailSender"/> <property name="isEnabled" value="true"/> </bean> <bean id="papercutValidateService" class="org.esupportail.sgc.services.papercut.PapercutService"> <property name="authToken" value="tokenPapercutUnivVille" /> <property name="server" value="papercut.univ-ville.fr" /> <property name="scheme" value="https" /> <property name="port" value="443" /> <property name="accountName" value="" /> <property name="papercutUidFromEppnRegex" value="([^@]*)@.*"/> </bean> <bean id="comueRefSiRestValidateService" class="org.esupportail.sgc.services.AsyncRestValidateService"> <property name="use4ExternalCard" value="true"/> <property name="delay" value="10000"/> <property name="restTemplate" ref="comueRefSiRestTemplate"/> <property name="validateRestUrl" value="https://referentiel.comue.fr/maj/%s"/> <property name="invalidateRestUrl" value="https://referentiel.comue.fr/maj/%s"/> </bean> <bean id="comueRefSiRestTemplate" class="org.esupportail.sgc.tools.RestTemplateClientCertBuilder"> <property name="certFile" value="classpath:META-INF/security/certif-esup-sgc.p12"/> <property name="password" value="passwordducertif"/> </bean> |
...
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<bean id="httpClientFactory"
class="org.springframework.http.client.HttpComponentsClientHttpRequestFactory">
<property name="connectTimeout" value="10000" />
<property name="readTimeout" value="10000" />
<property name="httpClient" ref="httpClient"/>
</bean>
<bean id="restTemplate" class="org.springframework.web.client.RestTemplate">
<constructor-arg ref="httpClientFactory" />
</bean>
<bean id="httpClientBuilder" class="org.apache.http.impl.client.HttpClientBuilder"
factory-method="create">
<property name="connectionReuseStrategy">
<bean class="org.apache.http.impl.NoConnectionReuseStrategy"/>
</property>
</bean>
<bean id="httpClient" factory-bean="httpClientBuilder" factory-method="build" />
<bean id="apiCrousService" class="org.esupportail.sgc.services.crous.ApiCrousService">
<property name="enable" value="true"/>
<property name="webUrl" value="https://api.lescrous.fr" />
<property name="appId" value="XXXXXXXX" />
<property name="appSecret" value="XXXXXXXXXXXXXXXXXXXXXX" />
<property name="restTemplate" ref="restTemplate" />
</bean>
<bean id="esistCrousService" class="org.esupportail.sgc.services.crous.EsistCrousService">
<property name="esistFiles">
<list>
<!-- value>esist/ESIST-cnrs.xml</value-->
<value>esist/ESIST-02012018-no-hbg.xml</value>
</list>
</property>
</bean>
<bean id="europeanStudentCardService" class="org.esupportail.sgc.services.esc.ApiEscrService">
<property name="enable" value="false"/>
<property name="webUrl" value="https://api.europeanstudentcard.eu/v1" />
<property name="key" value="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" />
<property name="restTemplate" ref="restTemplate" />
<property name="countryCode" value="FR"/>
<property name="picInstitutionCode" value="XXXXXXXXXX"/>
<!--
Type of cards. Possibles values are :
1 - passive card, with no electronic
2 - Smartcard without European common data zone
3 - Smartcard with European common data zone
4 - Smartcard on which application may be installed by service providers
-->
<property name="cardType" value="2"/>
<property name="cardTypes">
<map>
<entry key="2021-03-25 10:41:00" value="3"/>
<entry key="2021-07-07 16:25:00" value="4"/>
</map>
</property>
</bean>
<bean id="escUidFactoryService" class="org.esupportail.sgc.services.esc.EscUidFactoryService">
<property name="pic" value="XXXXXXXXX"/>
<property name="prefixe00" value="1 3" />
<property<entry namekey="qrCodeUrlPrefixe2021-07-07 16:25:00" value="4"http://esc.gg/" />/>
</map>
</property>
</bean>
<bean id="escDeuInfoServiceescUidFactoryService" class="org.esupportail.sgc.services.esc.EscDeuInfoServiceEscUidFactoryService">
<property name="pic" value="le-code-pic-de-letablissementXXXXXXXXX"/>
<property name="deuInfoPrivateKeyprefixe" value="classpath:META-INF/security/esc/ca.intermediate.key.der"1 " />
<property name="deuInfoPublicKeyqrCodeUrlPrefixe" value="classpathhttp:META-INF/security/esc/ca.intermediate.cert.der.gg/" />
</bean>
</beans>
|
src/main/resources/META-INF/spring/applicationContext-acces-control.xml
| Bloc de code | ||||
|---|---|---|---|---|
| ||||
<bean id="accessControlService" class="org.esupportail.sgc.services.ac.AccessControlService">
<property name="use4ExternalCard" value="true"/>
</bean>
<bean class="org.esupportail.sgc.services.ac.CsvExportP2sService">
<constructor-arg ref="p2sVfsAccessService"/>
</bean>
<bean class="org.esupportail.sgc.services.ac.CsvExportSynchronicService">
<constructor-arg ref="synchronicVfsAccessService"/>
</bean>
<bean class="org.esupportail.sgc.services.ac.CsvExportTilService">
<constructor-arg ref="tilVfsAccessService"/>
</bean>
<bean id="p2sVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
<property name="uri" value="smb://p2s.univ-ville.fr/import-P2S/" />
<property name="domain" value="univ-ville" />
<property name="username" value="import-P2S" />
<property name="password" value="XXXXXXXX" />
</bean>
<bean id="synchronicVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
<property name="uri" value="smb://synchronic.univ-ville.fr/import-synchronic/" />
<property name="domain" value="univ-ville" />
<property name="username" value="import-SYNCHRONIC" />
<property name="password" value="XXXXXXXX" />
</bean>
<bean id="tilVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
<property name="uri" value="smb://til.univ-ville.fr/import-til/" />
<property name="domain" value="univ-ville" />
<property name="username" value="import-TIL" />
<property name="password" value="XXXXXXXX" />
</bean> |