ESUPSGC

Arborescence des pages

Comparaison des versions

Ancienne version 20

changes.mady.by.user David Lemaignent

Sauvegardée le

comparé à

Nouvelle version 40

changes.mady.by.user Vincent Bonamy

Sauvegardée le

Légende

  • Ces lignes ont été ajoutées. Ce mot a été ajouté.
  • Ces lignes ont été supprimées. Ce mot a été supprimé.
  • La mise en forme a été modifiée.

...

L'installation d' ESUP-SGC au sein de le la COMUE Normandie Université nécessite une configuration spécifique notamment au niveau des applications Desfire écrites sur la carte, du paramétrage CROUS et du contrôle d'acces.

Dans ce document on donne la structure des fichiers de configuration à titre d'exemple et sans les clés confidentielles.

Cest ce type d'installation qui a ainsi été réalisé dans les différents établissements de la COMUE Normandie Université.

Dans ce cadre, nous avons établi un document 'type' de 'qualification' que nbous partageons ici également : ESUP-SGC-Point-Controle-COMUE-NU.pdf 

Sommaire

Versionning de la configuration

...

 

git add src/main/resources/META-INF/spring/applicationContext-custom.xml
git commit -m "config prod univ-ville-fr"

 

La modification du fichier applicationContext-custom.xml sera versionnée ce qui permet de conserver les traces de toutes les modifications (procédure à faire à chaque modification). De plus lors d'une mise à jour d'ESUP-SGC (git pull) la configuration ne sera pas écrasée.

...

Info

Suite à des modifications au niveau d'Esup-NFC-Tag-Server (possibilité de créer des applications vides, correction de l'application de mise à jour et optimisations) les TagUpdateRestWs sont supprimés. Il faut donc remplacer les références idp2sTagUpdateEsupSgc par idp2sTagWriteEsupSgc dans le bean desfireComueTagUpdateEsupSgc et remplacer la proprieté p:tagUpdateApi-ref par p:tagWriteApi-ref.

De plus un nouveau bean est à ajouter :

<bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagLastUpdateRestWs">
<property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/>
</bean>

Il permet de récupérer la date de dernier encodage de la carte en cours de mise à jour

Il faut aussi retirer l'attribut p:type au niveau de desfireKey et l'attribut p:keyVersionStart au niveau de desfireTag (ils ne sont plus utiles)

...

Bloc de code
languagexml
    <bean id="idp2sTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
		<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=access-control"/>
    </bean>

    <bean id="leocodeTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
		<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=bu"/>
    </bean>
    
    <bean id="csnDomainTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
	    <property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=csn-domain"/>
    </bean>

    <bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagLastUpdateRestWs">
    	<property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/>
    </bean>
    
	<bean id="desfireComueTagEsupSgc" class="org.esupportail.nfctag.beans.DesfireTag" p:formatBeforeWrite="false" 
p:keyStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeStart="AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVersionFinish="01">    
 	<property name="applications">
		<util:list>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"
				p:desfireAppId="F585C0" p:amks="0B" p:nok="84">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1223" p:fileSize="1F0000" p:tagWriteApi-ref="leocodeTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
					</util:list>
				</property>
			</bean>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"
				p:desfireAppId="F585C1" p:amks="0B" p:nok="85">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="01" p:communicationSettings="03" p:accessRights="2444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>		
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>	
					</util:list>
				</property>
			</bean>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication" 
				p:desfireAppId="F585C2" p:amks="0B" p:nok="86">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="01" p:communicationSettings="03" p:accessRights="2FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="03" p:communicationSettings="03" p:accessRights="4FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="04" p:communicationSettings="03" p:accessRights="5FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="05" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
					</util:list>
				</property>
			</bean>
		</util:list>
	</property>
    </bean>

Configuration ESUP-SGC

src/main/resources/META-INF/spring/applicationContext-services.xml

Bloc de code
languagexml
   <!-- used for ldap search on /manager/ldapSearch - super-manager only -->
   <bean id="desfireAuthConfigComueWriteEsupSgcldapPersonService" class="org.esupportail.nfctagsgc.serviceservices.apildap.impl.DesfireWriteConfigLdapPersonService">
		        <property name="desfireTagldapTemplate" ref="desfireComueTagEsupSgcldapTemplate" />
		        <property name="descriptionldapTemplates" value="Ecriture ESUP SGC"/>
>
        	<map>
        </bean>
	<bean id="desfireComueTagUpdateEsupSgc" class="org.esupportail.nfctag.beans.DesfireTag" p:formatBeforeWrite="false" p:keyStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeStart="AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVersionFinish="02">
		<entry key="Ldap Université de Ville" value-ref="ldapTemplate"/>
        		<entry key="Ldap Comue" value-ref="comueLdapTemplate"/>
        	</map>
        </property>
   </bean>	
 
	<bean id="shibUserInfoService" class="org.esupportail.sgc.services.userinfos.ShibUserInfoService" p:order="1">
		<property name="applicationssgcParam2requestHeader">
		<util:list>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"	<map>
				<entry key="email" value="mail"/>
				p:desfireAppId="F585C1" p:amks<entry key="0Bfirstname" p:nokvalue="85" p:updateDate="2016-03-01 12:00" p:tagLastUpdateRestWs-ref="dateLastUpdateEsupSgc"givenname"/>
				<entry key="name" value="sn"/>
				<property name<entry key="eduPersonPrimaryAffiliation" value="fileseduPersonPrimaryAffiliation"/>
					<util:list><entry key="supannEtuId" value="supannEtuId"/>
						<bean<entry class="org.esupportail.nfctag.beans.DesfireFile"key="supannEmpId" value="supannEmpId"/>
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgc<entry key="supannEtuEtape" value="supannEtuEtape"/>
				<entry key="supannEntiteAffectationPrincipale" value="supannEntiteAffectationPrincipale"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"<entry key="supannEtablissement" value="supannEtablissement"/>
							p:fileNumber<entry key="01supannCodeINE" p:communicationSettingsvalue="03" p:accessRights="2444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgcsupannCodeINE"/>
				<entry key="schacDateOfBirth" value="schacDateOfBirth"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"<entry key="recto2" value="givenname"/>
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgc"/>
		<entry key="recto3" value="sn"/>
			</util:list>map>
		</property>	
	</property>bean>
				<property name="keys
	<bean id="ldapContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<property name="contextSource" ref="ldapContextSource" />
		<property name="dirContextValidator" ref="dirContextValidator"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX<property name="testWhileIdle" value="true"/>
		<property name="testOnBorrow" value="true"/>
						<bean</bean>
   
	<bean id="dirContextValidator"
	 class="org.springframework.esupportailldap.nfctagpool.beansvalidation.DesfireKeyDefaultDirContextValidator" />
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean 
	<bean id="ldapContextSource"
		class="org.springframework.esupportailldap.nfctagcore.beanssupport.DesfireKeyLdapContextSource">
							p:keyNo<property name="03url" p:keyVervalue="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>		
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>	
					</util:list>
				</property>
			</bean>
		</util:list>
	</property>
    </bean>
 
    <bean id="desfireAuthConfigComueUpdateEsupSgcldap://ldap.univ-ville.fr" />
		<property name="base" value="dc=univ-ville,dc=fr" />
		<property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" />
		<property name="password" value="XXXXXXXX" />
	</bean>    
	
	<bean id="ldapTemplate" class="org.esupportailspringframework.nfctagldap.service.api.impl.DesfireUpdateConfigcore.LdapTemplate">
		<property name="desfireTag" <constructor-arg ref="desfireComueTagUpdateEsupSgcldapContextSourcePool" />
		<property name="description" value="Mise à jour ESUP SGC"/>
    </bean>

Configuration ESUP-SGC

src/main/resources/META-INF/spring/applicationContext-services.xml

Bloc de code
languagexml
</bean>
	
	<bean id="shibUserInfoServiceldapUserInfoService" class="org.esupportail.sgc.services.userinfos.ShibUserInfoServiceLdapUserInfoService" p:order="12">
		<property name="sgcParam2requestHeader">
			eppnFilter" value=".*@univ-ville.fr"/>
		<property name="ldapTemplate" ref="ldapTemplate"/>
		<property name="sgcParam2ldapAttr">
			<map>
				<entry key="email" value="mail"/>
				<entry key="firstnameeduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>
				<entry key="supannEtuId" value="givennamesupannEtuId"/>
				<entry key="namesupannEmpId" value="snsupannEmpId"/>
				<entry key="eduPersonPrimaryAffiliationsupannCodeINE" value="eduPersonPrimaryAffiliationsupannCodeINE"/>
				<entry key="supannEtuIdsupannEntiteAffectationPrincipale" value="supannEtuIdsupannEntiteAffectationPrincipale"/>
				<entry key="supannEmpIdfirstname" value="supannEmpIdgivenname"/>
				<entry key="supannEtuEtapename" value="supannEtuEtapesn"/>
				<entry key="supannEntiteAffectationPrincipaleschacDateOfBirth" value="supannEntiteAffectationPrincipaleschacDateOfBirth"/>
				<entry key="supannEtablissement" value="supannEtablissement"/>
				<entry key="supannCodeINEjpegPhoto4ExternalCard" value="supannCodeINEjpegPhoto"/>
				<entry key="schacDateOfBirthrecto3" value="schacDateOfBirthgivenname"/>
				<entry key="recto2" value="givennamesn"/>
				<entry key="recto3schacExpiryDate" value="snschacExpiryDate"/>
			</map>
		</property>	
	</bean>
	
	<bean id="ldapContextSourcePoolgroupService" class="org.springframeworkesupportail.ldapsgc.poolservices.factoryldap.PoolingContextSourceLdapGroupService">
		<property name="contextSourceldapTemplate" ref="ldapContextSource="ldapTemplate"/>
		<property name="groupSearchBase" value="ou=groups" />
		<property name="dirContextValidatorgroupSearchFilter" refvalue="dirContextValidatormember={0}"/>
		<property name="testWhileIdlememberSearchBase" value="trueou=people"/>
		<property name="testOnBorrowmemberSearchFilter" value="truememberOf={0}"/>
	</bean>
	<!--
	Exemple de sqlUserInfoService. 
	<bean id="dirContextValidator"
	Recupécation des informations utilisateur via une requete SQL
	-->

	<bean class="org.springframeworkapache.ldapcommons.pooldbcp.validation.DefaultDirContextValidator" />
	
	<beanBasicDataSource" destroy-method="close" id="ldapContextSourcemysqlDataSource">
		class<property name="org.springframework.ldap.core.support.LdapContextSource"driverClassName" value="com.mysql.jdbc.Driver"/>
		<property name="url" value="ldapjdbc:mysql://ldapmysql.univ-ville.fr:3306/database" />
		<property name="baseusername" value="dc=univ-ville,dc=fr" admin"/>
		<property name="userDnpassword" value="cn=admin,dc=univ-ville,dc=fr" xxxxxxxx"/>
		<property name="passwordtestOnBorrow" value="XXXXXXXXtrue" />
		</bean>    
	
	<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="ldapContextSourcePool" />
	<property name="testOnReturn" value="true" />
		<property name="testWhileIdle" value="true" />
		<property name="timeBetweenEvictionRunsMillis" value="1800000" />
		<property name="numTestsPerEvictionRun" value="3" />
		<property name="minEvictableIdleTimeMillis" value="1800000" />
		<property name="validationQuery" value="SELECT version();" />
	</bean>
	
	<bean id="ldapUserInfoServiceunivvilleUserInfoService" class="org.esupportail.sgc.services.userinfos.LdapUserInfoServiceSqlUserInfoService" p:order="23">
		<property name="eppnFilter" value=".*@univ-ville.fr"/>
		<property name="ldapTemplatedataSource" ref="ldapTemplatemysqlDataSource"/>
		<property name="sgcParam2ldapAttr">sqlQuery" value="select ligneTitre as recto1,
			<map>nom as recto2,
				<entry key="email" value="mail"/>prenom as recto3,
				<entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>dateNaissance as recto4,
				<entry key="supannEtuId" value="supannEtuId"/>identifiant as recto5,
				<entry key="supannEmpId" value="supannEmpId"/>ligneAnneeUniv as recto7,
				<entry key="supannCodeINE" value="supannCodeINE"/>divers1 as verso1,
				<entry key="supannEntiteAffectationPrincipale" value="supannEntiteAffectationPrincipale"/>divers2 as verso2,
				<entry key="firstname" value="givenname"/>divers3 as verso3,
				<entry key="name" value="sn"/>
				<entry key="schacDateOfBirth" value="schacDateOfBirth"/>divers4 as verso4,
			anneeUniv as verso5,
				<entry key="supannEtablissement" value="supannEtablissement"/>typepopulationcrous as referenceStatut,
				<entry key="supannRefId4ExternalCard" value="supannRefId"/>indiceinm as indice,
				<entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/>concat(replace(datefindroits,'-',''),'235959Z') as schacExpiryDate,
				<entry key="recto3" value="givenname"/>leocode as secondaryId,
				<entry key="recto2" value="sn"/>adresseFilterLibelle as address
				<entry key="schacExpiryDate" value="schacExpiryDate"from SgcLeoCarte where eppn=?"/>
			</map>bean>
		</property>	
	</bean>
	
	<bean id="groupService" class="org.esupportail.sgc.services.ldap.LdapGroupService">
		<property name="ldapTemplate" ref="ldapTemplate"/>
		<property name="groupSearchBase" value="ou=groups" />
		<property name="groupSearchFilter" value="member={0}"/!-- 
	On s'assure que eduPersonPrimaryAffiliation est conservé
	On fait également en sorte de toujours conserver une email, même si celui-ci n'est plus valide : le crous exige qu'un compte ait toujours un email de présent
	-->
	<bean id="spelUserInfoServiceEPPA" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="4">
		<property name="memberSearchBase" value="ou=people"/sgcParam2spelExp">
		<property name	<map>
				<entry key="memberSearchFiltereduPersonPrimaryAffiliation" value="memberOf={0}"/>
	</bean>
	<!--
	Exemple de sqlUserInfoService. Recupécation des informations utilisateur via une requete SQL
	-->

	<bean class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close" id="mysqlDataSource">
		<property name="driverClassName" value="com.mysql.jdbc.Driver"/>
		<property name="url" value="jdbc:mysql://mysql.univ-ville.fr:3306/database"/>
		<property name="username" value="admin"/>
		<property name="password" value="xxxxxxxx"/>
		<property name="testOnBorrow" value="true" />
		<property name="testOnReturn" value="true" />
		<property name="testWhileIdle" value="true" />
		<property name="timeBetweenEvictionRunsMillis" value="1800000" /#userInfosInComputing['eduPersonPrimaryAffiliation'] == Null or #userInfosInComputing['eduPersonPrimaryAffiliation'] == '' ? 
							#user.eduPersonPrimaryAffiliation : #userInfosInComputing['eduPersonPrimaryAffiliation'] "/>
				<entry key="email" value="#userInfosInComputing['email'] != Null and #userInfosInComputing['email'] matches '.*@.*' ? #userInfosInComputing['email'] : #user.email"/>
			</map>
		</property>	
	</bean>
	
	<!-- 
	On calcule l'institute en fonction de l'eppn
	On calcule le userType en fonction de eduPersonPrimaryAffiliation
	On calcule le template de la carte en fonction de l'eppn
	-->
	<bean id="spelUserInfoService" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="5">
		<property name="numTestsPerEvictionRun" value="3" /sgcParam2spelExp">
			<property name="minEvictableIdleTimeMillis" value="1800000" /><map>
		<property		<entry namekey="validationQueryinstitute" value="SELECT version();" />
	</bean>
	
	<bean id="univvilleUserInfoService" class="org.esupportail.sgc.services.userinfos.SqlUserInfoService" p:order="3">
		<property name="eppnFilter" value=".*@univ-ville.fr"/>
		<property name="dataSource" ref="mysqlDataSource"/>
		<property name="sqlQuery" value="select ligneTitre as recto1,
			nom as recto2,
			prenom as recto3,
			dateNaissance as recto4,
			identifiant as recto5,
			ligneAnneeUniv as recto7,
			divers1 as verso1,
			divers2 as verso2,
			divers3 as verso3,
			divers4 as verso4,
			anneeUniv as verso5,
			typepopulationcrous as referenceStatut,
			indiceinm as indice,
			concat(replace(datefindroits,'-',''),'235959Z') as schacExpiryDate,
			leocode as secondaryId,
			adresseFilterLibelle as address
			from SgcLeoCarte where eppn=?"/>
	</bean>
	
	<!-- 
	On s'assure que eduPersonPrimaryAffiliation est conservé
	On fait également en sorte de toujours conserver une email, même si celui-ci n'est plus valide : le crous exige qu'un compte ait toujours un email de présent				#user.eppn matches '.*@univ-ville.fr' ? 'Université de Ville' :
					#user.eppn matches '.*@univ-village.fr' ? 'Université du Village' :
					#user.eppn matches '.*@ecole-ville.fr' ? 'Ecolde de Ville' :
					#user.eppn matches '.*@comue.fr' ? 'COMUE' :
					'Extérieur'"/>
				<entry key="userType" value="!(#user.eppn matches '.*@univ-ville.fr') ? 'Ext' : 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'student' ? 'E' : 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'staff' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'teacher' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'employee' ? 'P' : 'I'"/>
				<entry key="template" value="#user.eppn matches '.*@univ-ville.fr' ? 'univ-ville' : 'undefined'"/>
			</map>
		</property>	
	</bean>
	
	<!-- 
	Si recto1 et recot4 non trouvé (dans la Base de Données ici) on les calcule en fonction du userType et de schacDateOfBirth
	on reformatte recto7 : 2017/2018 -> 2017<br/>2018 - cf propriété recto7Replace donnée dans sgc.properties
	-->
	<bean id="spelUserInfoServiceEPPAspelUserInfoService2" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="46">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="eduPersonPrimaryAffiliationrecto1" value="#userInfosInComputing['eduPersonPrimaryAffiliationrecto1'] !== Null or ? #userInfosInComputing['recto1'] : 
					#userInfosInComputing['eduPersonPrimaryAffiliationuserType']  == 'E' ? 'étudiant' : 
							#user.eduPersonPrimaryAffiliation#userInfosInComputing['userType'] == 'P' ? 'professionnelle' : 
					#userInfosInComputing['eduPersonPrimaryAffiliationuserType'] == 'I' ? 'invité' :  
					'extérieur'"/>
				<entry key="emailrecto4" value="#userInfosInComputing['emailrecto4'] != Null and? #userInfosInComputing['emailrecto4'] matches '.*@.*' ? : 
					#userInfosInComputing['emailschacDateOfBirth']  : #user.email!= Null ? 'Né le : ' + #dateUtils.schadDateOfBirthDay2FrenchDate(#userInfosInComputing['schacDateOfBirth']) : ''"/>
				<entry key="recto7" value="${recto7Replace}"/>
			</map>
		</property>	
	</bean>
	 
	<!-- 
	On calcule l'institute en fonction de l'eppn
	On calcule le userType en fonction de eduPersonPrimaryAffiliation
	On calcule le templaterequestFree à false pour les étudiants ayant une carte de moins de 3ans *par rapport au 6 juillet de l'année de demande de la carte* en fonction de l'eppn 
	les cartes avant le 29/06/2018 (anciennes leocartes) ne sont pas prises en compte
	-->
	<bean id="spelUserInfoServicerequestNotFreeUserInfoService" class="org.esupportail.sgc.services.userinfos.SpelUserInfoServiceSqlUserInfoService" p:order="58">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="institute" eppnFilter" value="#user.eppn matches '.*@univ-ville.fr' ? 'Université de ville' : 'Extérieur'"/>
		<property name="dataSource" ref="dataSource"/>
				<entry<property keyname="userTypesqlQuery" value="!(#user.eppn matches '.*@univ-ville.fr') ? 'Ext' :select (not exists (select c.id from card as c, 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'student' ? 'E' :user_account as u 
			where c.request_date > (select x from (SELECT to_date('06.07.' || date_part('year', current_timestamp)-2, 'DD.MM.YYYY') as x 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'staff' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'teacher' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'employee' ? 'P' : 'I'"/>
				<entry key="template" value="#user.eppn matches '.*@univ-ville.fr' ? 'univ-ville' : 'undefined'"/>
			</map>
		</property>	
	</bean>
	
	<!-- 
	Si recto1 et recot4 non trouvé (dans la Base de Données ici) on les calcule en fonction du userType et de schacDateOfBirth
	on reformatte recto7 : 2017/2018 -> 2017<br/>2018 - cf propriété recto7Replace donnée dans sgc.properties
	-->
	<bean id="spelUserInfoService2" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="6">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="recto1" value="#userInfosInComputing['recto1'] != Null ? #userInfosInComputing['recto1'] : 
					#userInfosInComputing['userType']  == 'E' ? 'étudiant' : 
					#userInfosInComputing['userType'] == 'P' ? 'professionnelle' : 
					#userInfosInComputing['userType'] == 'I' ? 'invité' :  
					'extérieur'"/>
				<entry key="recto4" value="#userInfosInComputing['recto4'] != Null ? #userInfosInComputing['recto4'] : 
					#userInfosInComputing['schacDateOfBirth']  != Null ? 'Né le : ' + #dateUtils.schadDateOfBirthDay2FrenchDate(#userInfosInComputing['schacDateOfBirth']) : ''"/>
				<entry key="recto7" value="${recto7Replace}"/>
			</map>
		</property>	
	</union SELECT to_date('06.07.' || date_part('year', current_timestamp)-3, 'DD.MM.YYYY') as x) AS d 
			where current_timestamp-d.x > INTERVAL '2 year' order by x desc limit 1) 
			and c.eppn=u.eppn and u.edu_person_primary_affiliation='student' 	
			and c.request_date > '2018-05-28'		 
			and u.eppn = ?)) ::text as requestFree"/>
	</bean>
 
 
	
	<bean id="comueLdapContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
      <property name="contextSource" ref="comueLdapContextSource" />
      <property name="dirContextValidator" ref="comueDirContextValidator"/>
      <property name="testWhileIdle" value="true"/>
      <property name="testOnBorrow" value="true"/>
   </bean>
   
   <bean id="comueDirContextValidator"
         class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
	
    <bean id="comueLdapContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="url" value="ldaps://ldap.comue.fr" />
		<property name="base" value="dc=unr-runn,dc=fr" />
		<property name="userDn" value="cn=esup-sgc-univ-ville,ou=system,dc=comue,dc=fr" />
		<property name="password" value="XXXXXXXX" />
	</bean>    
	
	<bean id="comueLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="comueLdapContextSourcePool" />
	</bean>
	
	<bean id="cardIdsServicecomueLdapUserInfoService" class="org.esupportail.sgc.services.cardid.CardIdsServiceuserinfos.LdapUserInfoService" p:order="2">
		<property name="cardIdServices"="eppnFilter" value="^((?!@univ-ville\.fr).)*$"/>
			<list><property name="ldapTemplate" ref="comueLdapTemplate"/>
				<bean<property classname="org.esupportail.sgc.services.cardid.ComueNuAccessControlCardIdServicesgcParam2ldapAttr">
			<map>
		<!-- warning : access-control is a keyword for access-control services :		<entry key="email" value="mail"/>
						org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control'
					 --<entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>
					<property<entry namekey="appNamefirstname" value="access-controlgivenname"/>
					<property<entry namekey="idCounterBeginname" value="XXXXXXXXXXXXXXXXsn"/>
					<property<entry namekey="postgresqlSequenceschacDateOfBirth" value="card_sequenceschacDateOfBirth"/>
				</bean>
				<bean class="org.esupportail.sgc.services.cardid.ComueNuBuCardIdService"<entry key="supannEtablissement" value="supannEtablissement"/>
					<property<entry namekey="appNamesupannRefId4ExternalCard" value="busupannRefId"/>
				</bean>
				<bean class="org.esupportail.sgc.services.cardid.CnousCardIdService"<entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/>
					<property<entry namekey="appNamerecto3" value="crousgivenname"/>
					<property<entry namekey="idCounterBeginrecto2" value="XXXXXXXXsn"/>
					<property<entry namekey="postgresqlSequenceschacExpiryDate" value="crous_smart_card_sequenceschacExpiryDate"/>
					<property name="crousEncodeEnabled" value="false"/></map>
		</property>	
	</bean>
 
                <bean 	<bean id="comueSpelUserInfoService" class="org.esupportail.sgc.services.cardiduserinfos.CsnDomainCardIdServiceSpelUserInfoService">
                     p:order="4">
		<property name="appNameeppnFilter" value="csn-domain^((?!@univ-ville\.fr).)*$"/>
                </bean>		<property name="sgcParam2spelExp">
			</list><map>
		</property>
	</bean>
	
	<bean<entry idkey="esupNfcTagServicesecondaryId" classvalue="org.esupportail.sgc.services.EsupNfcTagService">
		<property name="restTemplate" ref="restTemplate"/>
		<property name="webUrl" value="https://esup-nfc-tag.univ-ville.fr"/>
		<property name="applicationName" value="Ecriture SGC"/>	
		<property name="location" value="Encodage ESUP SGC"/>
	</bean>${leocodeReplace}"/>
				<entry key="access-control4ExternalCard" value="${accesscontrolReplace}"/>
                <entry key="csn4ExternalCard" value="${csnReplace}"/>
			</map>
		</property>	
	</bean>
	
	
	<bean id="ldapAdminContextSourcePoolcardIdsService" class="org.springframeworkesupportail.ldapsgc.poolservices.factorycardid.PoolingContextSourceCardIdsService">
		<property name="contextSource" ref="ldapAdminContextSource" /cardIdServices">
		<property name="dirContextValidator" ref="dirContextValidator"/>
			<list>
				<bean class="org.esupportail.sgc.services.cardid.ComueNuAccessControlCardIdService">
					<!-- warning : access-control is a keyword for access-control services :
						org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control'
					 -->
					<property name="testWhileIdleappName" value="trueaccess-control"/>
					<property name="testOnBorrowidCounterBegin" value="trueXXXXXXXXXXXXXXXX"/>
	</bean>
	
	<bean id="ldapAdminContextSource"
						<property name="postgresqlSequence" value="card_sequence"/>
				</bean>
				<bean class="org.springframeworkesupportail.ldapsgc.coreservices.supportcardid.LdapContextSourceComueNuBuCardIdService">
					<property name="urlappName" value="ldap://ldap.univ-ville.fr" bu"/>
				<property name="base" value="dc=univ-ville,dc=fr" />
		<property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" />
		</bean>
                <bean class="org.esupportail.sgc.services.cardid.CsnDomainCardIdService">
                    <property name="passwordappName" value="XXXXXXXXcsn-domain" />
	</bean>                </bean>
	
	<bean id="ldapAdminTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="ldapAdminContextSourcePool" />		</list>
		</property>
	</bean>
	
	<bean id="ldapValidateServiceesupNfcTagService" class="org.esupportail.sgc.services.ldap.LdapValidateServiceEsupNfcTagService">
		<property name="ldapTemplaterestTemplate" ref="ldapAdminTemplaterestTemplate"/>
		<property name="peopleSearchFilterwebUrl" value="(eduPersonPrincipalName={0})https://esup-nfc-tag.univ-ville.fr"/>
		<property name="ldapCardIdsMappingMultiValues">
			<map>
				<entry key="swissEduPersonCardUID">
					<list>
						<value>%reverse_csn%@ISO15693</value>
					</list>
				</entry>
				<entry key="supannRefId">
					<list>
						<value>{ISO15693}%csn%</value>
						<value>{LEOCARTE:ACCESS-CONTROL}%access-control%</value>
					</list>
				</entry>
			</map>
		</property>
             <!-- 
		<property name="ldapCardIdsMappingValue">
			<map>
				<entry key="jpegPhoto" value="%photo%"/>
			</map>
	        </property>
 			-->
	</bean>
	
	<bean id="adContextSourcePool" applicationName" value="Ecriture SGC"/>	
		<property name="location" value="Encodage ESUP SGC"/>
	</bean>
	
	<bean id="ldapAdminContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
		<property name="contextSource" ref="ldapAdminContextSource" />
		<property name="dirContextValidator" ref="dirContextValidator"/>
		<property name="testWhileIdle" value="true"/>
		<property name="testOnBorrow" value="true"/>
	</bean>
	
	<bean id="ldapAdminContextSource"
		class="org.springframework.ldap.poolcore.factorysupport.PoolingContextSourceLdapContextSource">
		<property name="contextSourceurl" refvalue="adContextSourceldap://ldap.univ-ville.fr" />
		<property name="dirContextValidatorbase" refvalue="dirContextValidator"dc=univ-ville,dc=fr" />
		<property name="testWhileIdleuserDn" value="true"cn=admin,dc=univ-ville,dc=fr" />
		<property name="testOnBorrowpassword" value="trueXXXXXXXX" />
	</bean>    
	 
	<bean id="adContextSourceldapAdminTemplate"
		 class="org.springframework.ldap.core.support.LdapContextSourceLdapTemplate">
		<property<constructor-arg nameref="urlldapAdminContextSourcePool" value="ldaps://ad.univ-ville.fr:636" />
		<property name="base" value="DC=ur,DC=univ-ville,DC=fr"//>
	</bean>
	
	<bean id="ldapValidateService" class="org.esupportail.sgc.services.ldap.LdapValidateService">
		<property name="pooledldapTemplate" valueref="trueldapAdminTemplate" />
		<property name="userDnpeopleSearchFilter"	 value="cn=Administrateur,cn=users,dc=ur,dc=univ-ville,dc=fr(eduPersonPrincipalName={0})"/>
		<property name="password" value="XXXXXXXX" />
	</bean>
	
	<bean id="adLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">  
		<constructor-arg ref="adContextSourcePool" />
		<property name="ignorePartialResultException" value="true"/>
	</bean>
	<bean id="adValidateServiceldapCardIdsMappingMultiValues">
			<map>
				<entry key="swissEduPersonCardUID">
					<list>
						<value>%reverse_csn%@ISO15693</value>
					</list>
				</entry>
				<entry key="supannRefId">
					<list>
						<value>{ISO15693}%csn%</value>
						<value>{LEOCARTE:ACCESS-CONTROL}%access-control%</value>
					</list>
				</entry>
			</map>
		</property>
             <!-- 
		<property name="ldapCardIdsMappingValue">
			<map>
				<entry key="jpegPhoto" value="%photo%"/>
			</map>
	        </property>
 			-->
	</bean>
	
	<bean id="adContextSourcePool" class="org.esupportailspringframework.sgcldap.servicespool.ldapfactory.LdapValidateServicePoolingContextSource">
		<property name="ldapTemplatecontextSource" ref="adLdapTemplateadContextSource" />
		<property name="peopleSearchFilterdirContextValidator" valueref="(&amp;(objectClass=person)(cn={1}))dirContextValidator"/>
		<property name="ldapCardIdsMappingValue"testWhileIdle" value="true"/>
			<map>
				<entry key="pager">
					<value>%csn%</value>
				</entry>
			</map>
		</property>
	</bean>
	<bean id="ipService" class="org.esupportail.sgc.services.IpService">
	    <property name="testOnBorrow" value="true"/>
	</bean>
	 
	<bean id="adContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="maps">
			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean"url" value="ldaps://ad.univ-ville.fr:636" />
				<property name="locationbase" value="classpath:ip.propertiesDC=ur,DC=univ-ville,DC=fr"/>
			</bean>
		</property><property name="pooled" value="true" />
		<property name="userDn"	value="cn=Administrateur,cn=users,dc=ur,dc=univ-ville,dc=fr"/>
		<property name="password" value="XXXXXXXX" />
	</bean>
	
	<bean id="adLdapTemplate" class="org.springframework.mailldap.javamailcore.JavaMailSenderImplLdapTemplate" id="mailSender">>  
		<property<constructor-arg nameref="hostadContextSourcePool" value="${email.host}"/>
		<property name="protocolignorePartialResultException" value="${email.protocol}true"/>
	</bean>
    
	<bean id="emailServiceadValidateService" class="org.esupportail.sgc.services.ldap.EmailServiceLdapValidateService">
		<property name="mailSender" ref="mailSender"/>
		<property name="isEnabled" value="true"/>
	</bean>

src/main/resources/META-INF/spring/sgc.properties

Si cette règle (valeur/propriété recto7Replace) est déportée dans un fichier de properties c'est pour pouvoir utiliser les caractères (réservés en XML) < et > 

<property name="ldapTemplate" ref="adLdapTemplate"/>
		<property name="peopleSearchFilter" value="(&amp;(objectClass=person)(cn={1}))"/>
		<property name="ldapCardIdsMappingValue">
			<map>
				<entry key="pager">
					<value>%csn%</value>
				</entry>
			</map>
		</property>
	</bean>
	<bean id="ipService" class="org.esupportail.sgc.services.IpService">
	    <property name="maps">
			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
				<property name="location" value="classpath:ip.properties"/>
			</bean>
		</property>
	</bean>
	<bean class="org.springframework.mail.javamail.JavaMailSenderImpl" id="mailSender">
		<property name="host" value="${email.host}"/>
		<property name="protocol" value="${email.protocol}"/>
	</bean>
    
	<bean id="emailService" class="org.esupportail.sgc.services.EmailService">
		<property name="mailSender" ref="mailSender"/>
		<property name="isEnabled" value="true"/>
	</bean>


	<bean id="papercutValidateService" class="org.esupportail.sgc.services.papercut.PapercutService">
		<property name="authToken" value="tokenPapercutUnivVille" />
		<property name="server" value="papercut.univ-ville.fr" />
		<property name="scheme" value="https" />
		<property name="port" value="443" />
		<property name="accountName" value="" />
		<property name="papercutUidFromEppnRegex" value="([^@]*)@.*"/>
	</bean>
	
	<bean id="comueRefSiRestValidateService" class="org.esupportail.sgc.services.AsyncRestValidateService">
		<property name="use4ExternalCard" value="true"/>
		<property name="delay" value="10000"/>
	    <property name="restTemplate" ref="comueRefSiRestTemplate"/>
	    <property name="validateRestUrl" value="https://referentiel.comue.fr/maj/%s"/>
	    <property name="invalidateRestUrl" value="https://referentiel.comue.fr/maj/%s"/>
	</bean>
	
	<bean id="comueRefSiRestTemplate" class="org.esupportail.sgc.tools.RestTemplateClientCertBuilder">
        <property name="certFile" value="classpath:META-INF/security/certif-esup-sgc.p12"/>
        <property name="password" value="passwordducertif"/>
    </bean>

src/main/resources/META-INF/spring/sgc.properties

Si cette règle (valeur/propriété recto7Replace) est déportée dans un fichier de properties c'est pour pouvoir utiliser les caractères (réservés en XML) < et > 

Bloc de code
recto7Replace=#userInfosInComputing['recto7'] != Null ? #userInfosInComputing['recto7'].replaceAll('/','<br/>') : ''
accesscontrolReplace=#userInfosInComputing['supannRefId4ExternalCard'] != Null ? #userInfosInComputing['supannRefId4ExternalCard'].replaceFirst('^.*\\{LEOCARTE:ACCESS-CONTROL\\}([^;]*).*$', '$1') : ''           
csnReplace=#userInfosInComputing['supannRefId4ExternalCard'] != Null ? #userInfosInComputing['supannRefId4ExternalCard'].replaceFirst('^.*\\{ISO15693\\}([^;]*).*$', '$1') : ''                          
leocodeReplace=#userInfosInComputing['supannRefId4ExternalCard
Bloc de code
recto7Replace=#userInfosInComputing['recto7'] != Null ? #userInfosInComputing['recto7supannRefId4ExternalCard'].replaceAllreplaceFirst('/^.*\\{LEOCODE\\}([^;]*).*$', '<br/>$1') : ''

src/main/resources/META-INF/spring/applicationContext-crous.xml

...

Bloc de code
languagexml
<bean id="accessControlService" class="org.esupportail.sgc.services.ac.AccessControlService">
	<property name="use4ExternalCard" value="true"/>
</bean>
<!-- majP2S  tous les jours à 8H30
<task:scheduled-tasks>
<task:scheduled ref="csvExportP2sService" method="export2P2S" cron="0 30 08 * * *"/>
</task:scheduled-tasks>
--> 	
<bean class="org.esupportail.sgc.services.ac.CsvExportP2sService"/>
  	
<bean class="org.esupportail.sgc.services.ac.CsvExportSynchronicService"/>
  	
<bean class="org.esupportail.sgc.services.ac.CsvExportTilService"/>

<bean id="p2sVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">                                                                                                                       
	<property name="uri" value="smb://p2s.univ-ville.fr/import-P2S/" />                                                                                                                                     
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-P2S" />
	<property name="password" value="XXXXXXXX" />                                                                                                                                                                 	
</bean>       
                                                                                                                                                                                                                 
<bean id="synchronicVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
	<property name="uri" value="smb://synchronic.univ-ville.fr/import-synchronic/" />
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-SYNCHRONIC" />
	<property name="password" value="XXXXXXXX" />
</bean>                                                                                                                                                                                                       
                                                                                                                                                                                                         
<bean id="tilVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
	<property name="uri" value="smb://til.univ-ville.fr/import-til/" />
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-TIL" />
	<property name="password" value="XXXXXXXX" />
</bean>

...