Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

L'installation d' ESUP-SGC au sein de le la COMUE Normandie Université nécessite une configuration spécifique notamment au niveau des applications Desfire écrites sur la carte, du paramétrage CROUS et du contrôle d'acces.

Dans ce document on donne la structure des fichiers de configuration à titre d'exemple et sans les clés confidentielles.

Cest ce type d'installation qui a ainsi été réalisé dans les différents établissements de la COMUE Normandie Université.

Dans ce cadre, nous avons établi un document 'type' de 'qualification' que nbous partageons ici également : ESUP-SGC-Point-Controle-COMUE-NU.pdf 

Table of Contents

Versionning de la configuration

...

 

git add src/main/resources/META-INF/spring/applicationContext-custom.xml
git commit -m "config prod univ-ville-fr"

 

La modification du fichier applicationContext-custom.xml sera versionnée ce qui permet de conserver les traces de toutes les modifications (procédure à faire à chaque modification). De plus lors d'une mise à jour d'ESUP-SGC (git pull) la configuration ne sera pas écrasée.

...

Info

Suite à des modifications au niveau d'Esup-NFC-Tag-Server (possibilité de créer des applications vides, correction de l'application de mise à jour et optimisations) les TagUpdateRestWs sont supprimés. Il faut donc remplacer les références idp2sTagUpdateEsupSgc par idp2sTagWriteEsupSgc dans le bean desfireComueTagUpdateEsupSgc et remplacer la proprieté p:tagUpdateApi-ref par p:tagWriteApi-ref.

De plus un nouveau bean est à ajouter :

<bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagLastUpdateRestWs">
<property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/>
</bean>

Il permet de récupérer la date de dernier encodage de la carte en cours de mise à jour

Il faut aussi retirer l'attribut p:type au niveau de desfireKey et l'attribut p:keyVersionStart au niveau de desfireTag (ils ne sont plus utiles)

...

Code Block
languagexml
    <bean id="idp2sTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
		<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=access-control"/>
    </bean>

    <bean id="leocodeTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
		<property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=bu"/>
    </bean>
    
    <bean id="csnDomainTagWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagWriteRestWs">
	    <property name="idFromCsnUrlTemplate" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/idFromCsn?csn={0}&amp;appName=csn-domain"/>
    </bean>

    <bean id="dateLastUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.TagLastUpdateRestWs">
    	<property name="wsUrl" value="https://esup-sgc.univ-ville.fr/wsrest/nfc/lastUpdateFromCsn"/>
    </bean>
    
	<bean id="desfireComueTagEsupSgc" class="org.esupportail.nfctag.beans.DesfireTag" p:formatBeforeWrite="false" 
p:keyStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeStart="AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVersionFinish="01">    
 	<property name="applications">
		<util:list>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"
				p:desfireAppId="F585C0" p:amks="0B" p:nok="84">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1223" p:fileSize="1F0000" p:tagWriteApi-ref="leocodeTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
					</util:list>
				</property>
			</bean>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"
				p:desfireAppId="F585C1" p:amks="0B" p:nok="85">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="01" p:communicationSettings="03" p:accessRights="2444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagWriteApi-ref="idp2sTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>		
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>	
					</util:list>
				</property>
			</bean>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication" 
				p:desfireAppId="F585C2" p:amks="0B" p:nok="86">
				<property name="files">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="01" p:communicationSettings="03" p:accessRights="2FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="03" p:communicationSettings="03" p:accessRights="4FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="04" p:communicationSettings="03" p:accessRights="5FFF" p:tagWriteApi-ref="csnDomainTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="05" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
					</util:list>
				</property>
			</bean>
		</util:list>
	</property>
    </bean>

Configuration ESUP-SGC

src/main/resources/META-INF/spring/applicationContext-services.xml

Code Block
languagexml
   <!-- used <bean id="desfireAuthConfigComueWriteEsupSgc" class="org.esupportail.nfctag.service.api.impl.DesfireWriteConfig">
		<property name="desfireTag" ref="desfireComueTagEsupSgc" />
		<property name="description" value="Ecriture ESUP SGC"/for ldap search on /manager/ldapSearch - super-manager only -->
    </bean>
	<bean id="desfireComueTagUpdateEsupSgcldapPersonService" class="org.esupportail.nfctagsgc.beansservices.DesfireTagldap.LdapPersonService">
p:formatBeforeWrite="false" p:keyStart="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeStart="AES" p:keyFinish="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX" p:keyTypeFinish="AES" p:keyVersionFinish="02">
	   <property name="applicationsldapTemplate">
		<util:list>
			<bean class="org.esupportail.nfctag.beans.DesfireApplication"
				p:desfireAppId="F585C1" p:amks="0B" p:nok="85" p:updateDate="2016-03-01 12:00" p:tagLastUpdateRestWs-ref="dateLastUpdateEsupSgc">
				 ref="ldapTemplate"/>
        <property name="filesldapTemplates">
					<util:list> 						<bean class="org.esupportail.nfctag.beans.DesfireFile" 							p:fileNumber="00" p:communicationSettings="03" p:accessRights="1444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgc"/> 						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="01" p:communicationSettings="03" p:accessRights="2444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgc"/>
						<bean class="org.esupportail.nfctag.beans.DesfireFile"
							p:fileNumber="02" p:communicationSettings="03" p:accessRights="3444" p:fileSize="1F0000" p:tagUpdateApi-ref="idp2sTagWriteEsupSgc"/>
					</util:list>
				</property>
				<property name="keys">
					<util:list>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="00" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="01" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="02" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="03" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>		
						<bean class="org.esupportail.nfctag.beans.DesfireKey"
							p:keyNo="04" p:keyVer="01" p:key="XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX"/>	
					</util:list>
				</property>
			</bean>
		</util:list>
	</property>
    </bean>
 
    <bean id="desfireAuthConfigComueUpdateEsupSgc" class="org.esupportail.nfctag.service.api.impl.DesfireUpdateConfig">
		<property name="desfireTag" ref="desfireComueTagUpdateEsupSgc" />
		<property name="description" value="Mise à jour ESUP SGC"/>
    </bean>

Configuration ESUP-SGC

src/main/resources/META-INF/spring/applicationContext-services.xml

Code Block
languagexml
	<map>
        		<entry key="Ldap Université de Ville" value-ref="ldapTemplate"/>
        		<entry key="Ldap Comue" value-ref="comueLdapTemplate"/>
        	</map>
        </property>
   </bean>	
 
	<bean id="shibUserInfoService" class="org.esupportail.sgc.services.userinfos.ShibUserInfoService" p:order="1">
		<property name="sgcParam2requestHeader">
			<map>
				<entry key="email" value="mail"/>
				<entry key="firstname" value="givenname"/>
				<entry key="name" value="sn"/>
				<entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>
				<entry key="supannEtuId" value="supannEtuId"/>
				<entry key="supannEmpId" value="supannEmpId"/>
				<entry key="supannEtuEtape" value="supannEtuEtape"/>
				<entry key="supannEntiteAffectationPrincipale" value="supannEntiteAffectationPrincipale"/>
				<entry key="supannEtablissement" value="supannEtablissement"/>
				<entry key="supannCodeINE" value="supannCodeINE"/>
				<entry key="schacDateOfBirth" value="schacDateOfBirth"/>
				<entry key="recto2" value="givenname"/>
				<entry key="recto3" value="sn"/>
			</map>
		</property>	
	</bean>
	
	<bean id="ldapContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
		<property name="contextSource" ref="ldapContextSource" />
		<property name="dirContextValidator" ref="dirContextValidator"/>
		<property name="testWhileIdle" value="true"/>
		<property name="testOnBorrow" value="true"/>
	</bean>
   
	<bean id="dirContextValidator"
	 class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
	
	<bean id="ldapContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="url" value="ldap://ldap.univ-ville.fr" />
		<property name="base" value="dc=univ-ville,dc=fr" />
		<property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" />
		<property name="password" value="XXXXXXXX" />
	</bean>    
	
	<bean id="ldapTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="ldapContextSourcePool" />
	</bean>
	
	<bean id="ldapUserInfoService" class="org.esupportail.sgc.services.userinfos.LdapUserInfoService" p:order="2">
		<property name="eppnFilter" value=".*@univ-ville.fr"/>
		<property name="ldapTemplate" ref="ldapTemplate"/>
		<property name="sgcParam2ldapAttr">
			<map>
				<entry key="email" value="mail"/>
				<entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>
				<entry key="supannEtuId" value="supannEtuId"/>
				<entry key="supannEmpId" value="supannEmpId"/>
				<entry key="supannCodeINE" value="supannCodeINE"/>
				<entry key="supannEntiteAffectationPrincipale" value="supannEntiteAffectationPrincipale"/>
				<entry key="firstname" value="givenname"/>
				<entry key="name" value="sn"/>
				<entry key="schacDateOfBirth" value="schacDateOfBirth"/>
				<entry key="supannEtablissement" value="supannEtablissement"/>
				<entry key="supannRefId4ExternalCard" value="supannRefId"/>
				<entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/>
				<entry key="recto3" value="givenname"/>
				<entry key="recto2" value="sn"/>
				<entry key="schacExpiryDate" value="schacExpiryDate"/>
			</map>
		</property>	
	</bean>
	
	<bean id="groupService" class="org.esupportail.sgc.services.ldap.LdapGroupService">
		<property name="ldapTemplate" ref="ldapTemplate"/>
		<property name="groupSearchBase" value="ou=groups" />
		<property name="groupSearchFilter" value="member={0}"/>
		<property name="memberSearchBase" value="ou=people"/>
		<property name="memberSearchFilter" value="memberOf={0}"/>
	</bean>
	<!--
	Exemple de sqlUserInfoService. Recupécation des informations utilisateur via une requete SQL
	-->

	<bean class="org.apache.commons.dbcp.BasicDataSource" destroy-method="close" id="mysqlDataSource">
		<property name="driverClassName" value="com.mysql.jdbc.Driver"/>
		<property name="url" value="jdbc:mysql://mysql.univ-ville.fr:3306/database"/>
		<property name="username" value="admin"/>
		<property name="password" value="xxxxxxxx"/>
		<property name="testOnBorrow" value="true" />
		<property name="testOnReturn" value="true" />
		<property name="testWhileIdle" value="true" />
		<property name="timeBetweenEvictionRunsMillis" value="1800000" />
		<property name="numTestsPerEvictionRun" value="3" />
		<property name="minEvictableIdleTimeMillis" value="1800000" />
		<property name="validationQuery" value="SELECT version();" />
	</bean>
	
	<bean id="univvilleUserInfoService" class="org.esupportail.sgc.services.userinfos.SqlUserInfoService" p:order="3">
		<property name="eppnFilter" value=".*@univ-ville.fr"/>
		<property name="dataSource" ref="mysqlDataSource"/>
		<property name="sqlQuery" value="select ligneTitre as recto1,
			nom as recto2,
			prenom as recto3,
			dateNaissance as recto4,
			identifiant as recto5,
			ligneAnneeUniv as recto7,
			divers1 as verso1,
			divers2 as verso2,
			divers3 as verso3,
			divers4 as verso4,
			anneeUniv as verso5,
			typepopulationcrous as referenceStatut,
			indiceinm as indice,
			concat(replace(datefindroits,'-',''),'235959Z') as schacExpiryDate,
			leocode as secondaryId,
			adresseFilterLibelle as address
			from SgcLeoCarte where eppn=?"/>
	</bean>
	
	<!-- 
	On s'assure que eduPersonPrimaryAffiliation est conservé
	On fait également en sorte de toujours conserver une email, même si celui-ci n'est plus valide : le crous exige qu'un compte ait toujours un email de présent
	-->
	<bean id="spelUserInfoServiceEPPA" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="4">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="eduPersonPrimaryAffiliation" value="#userInfosInComputing['eduPersonPrimaryAffiliation'] == Null or #userInfosInComputing['eduPersonPrimaryAffiliation'] == '' ? 
							#user.eduPersonPrimaryAffiliation : #userInfosInComputing['eduPersonPrimaryAffiliation'] "/>
				<entry key="email" value="#userInfosInComputing['email'] != Null and #userInfosInComputing['email'] matches '.*@.*' ? #userInfosInComputing['email'] : #user.email"/>
			</map>
		</property>	
	</bean>
	
	<!-- 
	On calcule l'institute en fonction de l'eppn
	On calcule le userType en fonction de eduPersonPrimaryAffiliation
	On calcule le template de la carte en fonction de l'eppn
	-->
	<bean id="spelUserInfoService" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="5">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="institute" value=" 
					#user.eppn matches '.*@univ-ville.fr' ? 'Université de Ville' :
					#user.eppn matches '.*@univ-village.fr' ? 'Université du Village' :
					#user.eppn matches '.*@ecole-ville.fr' ? 'Ecolde de Ville' :
					#user.eppn matches '.*@comue.fr' ? 'COMUE' :
					'Extérieur'"/>
				<entry key="userType" value="!(#user.eppn matches '.*@univ-ville.fr') ? 'Ext' : 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'student' ? 'E' : 
					#userInfosInComputing['eduPersonPrimaryAffiliation'] == 'staff' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'teacher' or #userInfosInComputing['eduPersonPrimaryAffiliation'] == 'employee' ? 'P' : 'I'"/>
				<entry key="template" value="#user.eppn matches '.*@univ-ville.fr' ? 'univ-ville' : 'undefined'"/>
			</map>
		</property>	
	</bean>
	
	<!-- 
	Si recto1 et recot4 non trouvé (dans la Base de Données ici) on les calcule en fonction du userType et de schacDateOfBirth
	on reformatte recto7 : 2017/2018 -> 2017<br/>2018 - cf propriété recto7Replace donnée dans sgc.properties
	-->
	<bean id="spelUserInfoService2" class="org.esupportail.sgc.services.userinfos.SpelUserInfoService" p:order="6">
		<property name="sgcParam2spelExp">
			<map>
				<entry key="recto1" value="#userInfosInComputing['recto1'] != Null ? #userInfosInComputing['recto1'] : 
					#userInfosInComputing['userType']  == 'E' ? 'étudiant' : 
					#userInfosInComputing['userType'] == 'P' ? 'professionnelle' : 
					#userInfosInComputing['userType'] == 'I' ? 'invité' :  
					'extérieur'"/>
				<entry key="recto4" value="#userInfosInComputing['recto4'] != Null ? #userInfosInComputing['recto4'] : 
					#userInfosInComputing['schacDateOfBirth']  != Null ? 'Né le : ' + #dateUtils.schadDateOfBirthDay2FrenchDate(#userInfosInComputing['schacDateOfBirth']) : ''"/>
				<entry key="recto7" value="${recto7Replace}"/>
			</map>
		</property>	
	</bean>
 
	<!-- 
	requestFree à false pour les étudiants ayant une carte de moins de 3ans *par rapport au 6 juillet de l'année de demande de la carte*  
	les cartes avant le 29/06/2018 (anciennes leocartes) ne sont pas prises en compte
	-->
	<bean id="cardIdsServicerequestNotFreeUserInfoService" class="org.esupportail.sgc.services.cardiduserinfos.CardIdsService"SqlUserInfoService" p:order="8">
		<property name="cardIdServices"eppnFilter" value=".*@univ-ville.fr"/>
			<list>
				<bean <property name="dataSource" ref="dataSource"/>
		<property name="sqlQuery" value="select (not exists (select c.id from card as c, 
			user_account as u 
			where c.request_date > (select x from (SELECT to_date('06.07.' || date_part('year', current_timestamp)-2, 'DD.MM.YYYY') as x 
			union SELECT to_date('06.07.' || date_part('year', current_timestamp)-3, 'DD.MM.YYYY') as x) AS d 
			where current_timestamp-d.x > INTERVAL '2 year' order by x desc limit 1) 
			and c.eppn=u.eppn and u.edu_person_primary_affiliation='student' 	
			and c.request_date > '2018-05-28'		 
			and u.eppn = ?)) ::text as requestFree"/>
	</bean>
 
 
	
	<bean id="comueLdapContextSourcePool" class="org.esupportailspringframework.sgcldap.servicespool.cardidfactory.ComueNuAccessControlCardIdService">
					<!-- warning : access-control is a keyword for access-control services :
						PoolingContextSource">
      <property name="contextSource" ref="comueLdapContextSource" />
      <property name="dirContextValidator" ref="comueDirContextValidator"/>
      <property name="testWhileIdle" value="true"/>
      <property name="testOnBorrow" value="true"/>
   </bean>
   
   <bean id="comueDirContextValidator"
         class="org.springframework.ldap.pool.validation.DefaultDirContextValidator" />
	
    <bean id="comueLdapContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="url" value="ldaps://ldap.comue.fr" />
		<property name="base" value="dc=unr-runn,dc=fr" />
		<property name="userDn" value="cn=esup-sgc-univ-ville,ou=system,dc=comue,dc=fr" />
		<property name="password" value="XXXXXXXX" />
	</bean>    
	
	<bean id="comueLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="comueLdapContextSourcePool" />
	</bean>
	
	<bean id="comueLdapUserInfoService" class="org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control'
					 --userinfos.LdapUserInfoService" p:order="2">
		<property name="eppnFilter" value="^((?!@univ-ville\.fr).)*$"/>
		<property name="ldapTemplate" ref="comueLdapTemplate"/>
		<property name="sgcParam2ldapAttr">
			<map>
				<entry key="email" value="mail"/>
					<property name="appName" value="access-control<entry key="eduPersonPrimaryAffiliation" value="eduPersonPrimaryAffiliation"/>
				<entry key="firstname" value="givenname"/>
				<entry key="name" value="sn"/>
				<entry key="schacDateOfBirth" value="schacDateOfBirth"/>
					<property name="idCounterBegin<entry key="supannEtablissement" value="supannEtablissement"/>
				<entry key="supannRefId4ExternalCard" value="XXXXXXXXXXXXXXXXsupannRefId"/>
					<property name="postgresqlSequence<entry key="jpegPhoto4ExternalCard" value="jpegPhoto"/>
				<entry key="recto3" value="card_sequencegivenname"/>
				</bean><entry key="recto2" value="sn"/>
				<entry key="schacExpiryDate" value="schacExpiryDate"/>
			</map>
		</property>	
	</bean>
 
	<bean id="comueSpelUserInfoService" class="org.esupportail.sgc.services.cardiduserinfos.ComueNuBuCardIdService"SpelUserInfoService" p:order="4">
		<property name="eppnFilter" value="^((?!@univ-ville\.fr).)*$"/>
			<property name="appNamesgcParam2spelExp">
			<map>
				<entry key="secondaryId" value="bu${leocodeReplace}"/>
				<entry key="access-control4ExternalCard" value="${accesscontrolReplace}"/>
                <entry key="csn4ExternalCard" value="${csnReplace}"/>
			</map>
		</property>	
	</bean>
	
	
	<bean id="cardIdsService" class="org.esupportail.sgc.services.cardid.CardIdsService">
		<property name="cardIdServices">
			<list>
				<bean class="org.esupportail.sgc.services.cardid.CnousCardIdServiceComueNuAccessControlCardIdService">
					<!-- warning : access-control is a keyword for access-control services :
						org.esupportail.sgc.services.ac.AccessControlService.AC_APP_NAME = 'access-control'
					 -->
					<property name="appName" value="crousaccess-control"/>
					<property name="idCounterBegin" value="XXXXXXXXXXXXXXXXXXXXXXXX"/>
					<property name="postgresqlSequence" value="crous_smart_card_sequence"/>
				</bean>
				<bean class="org.esupportail.sgc.services.cardid.ComueNuBuCardIdService">
					<property name="crousEncodeEnabledappName" value="falsebu"/>
				</bean>
                <bean class="org.esupportail.sgc.services.cardid.CsnDomainCardIdService">
                    <property name="appName" value="csn-domain"/>
                </bean>
			</list>
		</property>
	</bean>
	
	<bean id="esupNfcTagService" class="org.esupportail.sgc.services.EsupNfcTagService">
		<property name="restTemplate" ref="restTemplate"/>
		<property name="webUrl" value="https://esup-nfc-tag.univ-ville.fr"/>
		<property name="applicationName" value="Ecriture SGC"/>	
		<property name="location" value="Encodage ESUP SGC"/>
	</bean>
	
	<bean id="ldapAdminContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
		<property name="contextSource" ref="ldapAdminContextSource" />
		<property name="dirContextValidator" ref="dirContextValidator"/>
		<property name="testWhileIdle" value="true"/>
		<property name="testOnBorrow" value="true"/>
	</bean>
	
	<bean id="ldapAdminContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="url" value="ldap://ldap.univ-ville.fr" />
		<property name="base" value="dc=univ-ville,dc=fr" />
		<property name="userDn" value="cn=admin,dc=univ-ville,dc=fr" />
		<property name="password" value="XXXXXXXX" />
	</bean>    
	
	<bean id="ldapAdminTemplate" class="org.springframework.ldap.core.LdapTemplate">
		<constructor-arg ref="ldapAdminContextSourcePool" />
	</bean>
	
	<bean id="ldapValidateService" class="org.esupportail.sgc.services.ldap.LdapValidateService">
		<property name="ldapTemplate" ref="ldapAdminTemplate"/>
		<property name="peopleSearchFilter" value="(eduPersonPrincipalName={0})"/>
		<property name="ldapCardIdsMappingMultiValues">
			<map>
				<entry key="swissEduPersonCardUID">
					<list>
						<value>%reverse_csn%@ISO15693</value>
					</list>
				</entry>
				<entry key="supannRefId">
					<list>
						<value>{ISO15693}%csn%</value>
						<value>{LEOCARTE:ACCESS-CONTROL}%access-control%</value>
					</list>
				</entry>
			</map>
		</property>
             <!-- 
		<property name="ldapCardIdsMappingValue">
			<map>
				<entry key="jpegPhoto" value="%photo%"/>
			</map>
	        </property>
 			-->
	</bean>
	
	<bean id="adContextSourcePool" class="org.springframework.ldap.pool.factory.PoolingContextSource">
		<property name="contextSource" ref="adContextSource" />
		<property name="dirContextValidator" ref="dirContextValidator"/>
		<property name="testWhileIdle" value="true"/>
		<property name="testOnBorrow" value="true"/>
	</bean>
	 
	<bean id="adContextSource"
		class="org.springframework.ldap.core.support.LdapContextSource">
		<property name="url" value="ldaps://ad.univ-ville.fr:636" />
		<property name="base" value="DC=ur,DC=univ-ville,DC=fr"/>
		<property name="pooled" value="true" />
		<property name="userDn"	value="cn=Administrateur,cn=users,dc=ur,dc=univ-ville,dc=fr"/>
		<property name="password" value="XXXXXXXX" />
	</bean>
	
	<bean id="adLdapTemplate" class="org.springframework.ldap.core.LdapTemplate">  
		<constructor-arg ref="adContextSourcePool" />
		<property name="ignorePartialResultException" value="true"/>
	</bean>
	<bean id="adValidateService" class="org.esupportail.sgc.services.ldap.LdapValidateService">
		<property name="ldapTemplate" ref="adLdapTemplate"/>
		<property name="peopleSearchFilter" value="(&amp;(objectClass=person)(cn={1}))"/>
		<property name="ldapCardIdsMappingValue">
			<map>
				<entry key="pager">
					<value>%csn%</value>
				</entry>
			</map>
		</property>
	</bean>
	<bean id="ipService" class="org.esupportail.sgc.services.IpService">
	    <property name="maps">
			<bean class="org.springframework.beans.factory.config.PropertiesFactoryBean">
				<property name="location" value="classpath:ip.properties"/>
			</bean>
		</property>
	</bean>
	<bean class="org.springframework.mail.javamail.JavaMailSenderImpl" id="mailSender">
		<property name="host" value="${email.host}"/>
		<property name="protocol" value="${email.protocol}"/>
	</bean>
    
	<bean id="emailService" class="org.esupportail.sgc.services.EmailService">
		<property name="mailSender" ref="mailSender"/>
		<property name="isEnabled" value="true"/>
	</bean>


	<bean id="papercutValidateService" class="org.esupportail.sgc.services.papercut.PapercutService">
		<property name="authToken" value="tokenPapercutUnivVille" />
		<property name="server" value="papercut.univ-ville.fr" />
		<property name="scheme" value="https" />
		<property name="port" value="443" />
		<property name="accountName" value="" />
		<property name="papercutUidFromEppnRegex" value="([^@]*)@.*"/>
	</bean>
	
	<bean id="comueRefSiRestValidateService" class="org.esupportail.sgc.services.AsyncRestValidateService">
		<property name="use4ExternalCard" value="true"/>
		<property name="delay" value="10000"/>
	    <property name="restTemplate" ref="comueRefSiRestTemplate"/>
	    <property name="validateRestUrl" value="https://referentiel.comue.fr/maj/%s"/>
	    <property name="invalidateRestUrl" value="https://referentiel.comue.fr/maj/%s"/>
	</bean>
	
	<bean id="comueRefSiRestTemplate" class="org.esupportail.sgc.tools.RestTemplateClientCertBuilder">
        <property name="certFile" value="classpath:META-INF/security/certif-esup-sgc.p12"/>
        <property name="password" value="passwordducertif"/>
    </bean>

src/main/resources/META-INF/spring/sgc.properties

...

Code Block
recto7Replace=#userInfosInComputing['recto7'] != Null ? #userInfosInComputing['recto7'].replaceAll('/','<br/>') : ''
accesscontrolReplace=#userInfosInComputing['supannRefId4ExternalCard'] != Null ? #userInfosInComputing['supannRefId4ExternalCard'].replaceFirst('^.*\\{LEOCARTE:ACCESS-CONTROL\\}([^;]*).*$', '$1') : ''           
csnReplace=#userInfosInComputing['supannRefId4ExternalCard'] != Null ? #userInfosInComputing['supannRefId4ExternalCard'].replaceFirst('^.*\\{ISO15693\\}([^;]*).*$', '$1') : ''                          
leocodeReplace=#userInfosInComputing['supannRefId4ExternalCard'] != Null ? #userInfosInComputing['supannRefId4ExternalCard'].replaceFirst('^.*\\{LEOCODE\\}([^;]*).*$', '$1') : ''   

src/main/resources/META-INF/spring/applicationContext-crous.xml

...

Code Block
languagexml
<bean id="accessControlService" class="org.esupportail.sgc.services.ac.AccessControlService">
	<property name="use4ExternalCard" value="true"/>
</bean>
<!-- majP2S 	
tous les jours à 8H30
<task:scheduled-tasks>
<task:scheduled ref="csvExportP2sService" method="export2P2S" cron="0 30 08 * * *"/>
</task:scheduled-tasks>
--> 
<bean class="org.esupportail.sgc.services.ac.CsvExportP2sService"/>
  	
<bean class="org.esupportail.sgc.services.ac.CsvExportSynchronicService"/>
  	
<bean class="org.esupportail.sgc.services.ac.CsvExportTilService"/>

<bean id="p2sVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">                                                                                                                       
	<property name="uri" value="smb://p2s.univ-ville.fr/import-P2S/" />                                                                                                                                     
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-P2S" />
	<property name="password" value="XXXXXXXX" />                                                                                                                                                                 	
</bean>       
                                                                                                                                                                                                                 
<bean id="synchronicVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
	<property name="uri" value="smb://synchronic.univ-ville.fr/import-synchronic/" />
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-SYNCHRONIC" />
	<property name="password" value="XXXXXXXX" />
</bean>                                                                                                                                                                                                       
                                                                                                                                                                                                         
<bean id="tilVfsAccessService" class="org.esupportail.sgc.services.fs.CifsAccessService">
	<property name="uri" value="smb://til.univ-ville.fr/import-til/" />
	<property name="domain" value="univ-ville" />
	<property name="username" value="import-TIL" />
	<property name="password" value="XXXXXXXX" />
</bean>