Revision 19b58bab
Added by Remy Menard almost 12 years ago
ETa/EpcisPHI/src/main/webapp/WEB-INF/web.xml | ||
---|---|---|
<welcome-file-list>
|
||
<welcome-file>index.jsp</welcome-file>
|
||
</welcome-file-list>
|
||
|
||
<security-constraint>
|
||
<web-resource-collection>
|
||
<web-resource-name>EpcisPHiSecure</web-resource-name>
|
||
<url-pattern>/RootAccountAuth</url-pattern>
|
||
<http-method>GET</http-method>
|
||
<http-method>POST</http-method>
|
||
</web-resource-collection>
|
||
<auth-constraint>
|
||
<role-name>ephi_user</role-name>
|
||
</auth-constraint>
|
||
<user-data-constraint>
|
||
<transporting-guarantee>CONFIDENTIAL</transporting-guarantee>
|
||
</user-data-constraint>
|
||
</security-constraint>
|
||
<login-config>
|
||
<auth-method>CLIENT-CERT</auth-method>
|
||
</login-config>
|
||
<security-role>
|
||
<role-name>ephi_user</role-name>
|
||
</security-role>
|
||
|
||
</web-app>
|
Also available in: Unified diff
Version 1.9
- use TLS for secured links
- SigMa is now fully functionnal
- completed documention
- a lot of bugs fixed!
- signature creation from the canonical form of the event
- signature creation using ECDSA algorithm
- signature is correctly verified
- manage the extension identifying the owner of the event
- if no identity is provided, the identity of the certificate is used
- access to the web interface of policy management is made by
certificate
- if no identity is provided, the identity of the certificate is used
- create and use certificates for TLS
- configure Apache Tomcat for TLS
- show SigMa library (SigMa-Commons)