-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
Example organization AAI services: Terms of Use (ToU)
\ - A. Data Protection Sample Clause \ -\ - "The End User notes that personal data about the End User is compiled from generally \ - available sources and from communications received from the End User and other \ - Universities as well as from off-site sources. The policy relating to the use and procession \ - of such data is posted on the University website at [...]. Such data will be used, inter alia, \ - to authenticate and authorize the access to and use of various resources within \ - the University and on other sites ("Approved Uses"). The End User hereby consents to \ - the collection, processing, use and release of such data to the extent reasonably necessary \ - for the Approved Uses. Such consent includes, but is not limited to, the release \ - of personal data to other institutions by employing cookies and electronically exchanging, \ - caching and storing personal authorization attributes." \ -
\ - B. Limitation of Liability \ -\ - "To the extent permitted by the applicable law, the End User hereby waives all and any \ - claims for cost and damages, whether direct or indirect, incidental, or consequential(including, \ - inter alia, loss of use and lost profits), both in contract and in tort, arising from \ - the use or in any way related to the inter-organizational authentication and authorization \ - services which allow the End User to access certain resources of other organizations. \ - This waiver of claims shall be valid and effective in relation to all participants of \ - the inter-organizational authentication and authorization services including the AAI \ - Service Provider and its affiliates, officers, employees and agents." \ -
- -# Messages related to attribute release consent. - -idp.attribute-release.revoke = Clear prior granting of permission for release of your information to this service. - -idp.attribute-release.title = Information Release - -idp.attribute-release.attributesHeader = Information to be Provided to Service - -idp.attribute-release.serviceNameLabel = You are about to access the service: -idp.attribute-release.of = of -idp.attribute-release.serviceDescriptionLabel = Description as provided by this service: - -idp.attribute-release.informationURLLabel = Additional information about the service -idp.attribute-release.privacyStatementURLLabel = Data privacy information of the service - -idp.attribute-release.showDetails = show details - -idp.attribute-release.accept = Accept -idp.attribute-release.reject = Reject - -idp.attribute-release.confirmationQuestion = The information above would be shared with the service if you proceed. \ - Do you agree to release this information to the service every time you access it? - -idp.attribute-release.consentMethod = Select an information release consent duration: -idp.attribute-release.consentMethodRevoke = This setting can be revoked at any time with the checkbox on the login page. - -idp.attribute-release.doNotRememberConsent = Ask me again at next login -idp.attribute-release.doNotRememberConsentItem = I agree to send my information this time. - -idp.attribute-release.rememberConsent = Ask me again if information to be provided to this service changes -idp.attribute-release.rememberConsentItem = I agree that the same information will be sent automatically to this service in the future. - -idp.attribute-release.globalConsent = Do not ask me again -idp.attribute-release.globalConsentItem = I agree that all of my information will be released to any service. - - -# Title / Message mappings for error view - -# General strings -idp.title = Web Login Service -idp.title.suffix = Error -idp.logo = /images/dummylogo.png -idp.logo.alt-text = Replace or remove this logo -idp.message = An unidentified error occurred. -idp.footer = Insert your footer text here. - -idp.client-storage-read.title = Loading Session State... -idp.client-storage-write.title = Saving Session State... -idp.client-storage.no-js = Since your browser does not support JavaScript, \ - you must press the Continue button once to proceed. - -# Event to error key mappings - -AccessDenied = access -ContextCheckDenied = context-check-denied -EndpointResolutionFailed = endpoint -InvalidProfileConfiguration = relying-party -InvalidSecurityConfiguration = security-cfg -MessageAuthenticationError = security-msg -MessageReplay = stale -MessageExpired = stale -UnableToDecode = stale -AccountError = authn -AuthenticationException = authn -InvalidCredentials = authn -NoCredentials = authn -NoPotentialFlow = authn -RequestUnsupported = authn -SubjectCanonicalizationError = authn -InvalidAttributeContext = unexpected -InvalidAuthenticationContext = unexpected -InvalidSubjectContext = unexpected -InvalidSubjectCanonicalizationContext = unexpected -InvalidMessageContext = unexpected -InvalidMessageVersion = unexpected -InvalidProfileContext = unexpected -InvalidRelyingPartyContext = unexpected -InvalidRelyingPartyConfiguration = unexpected -MessageProcessingError = unexpected -UnableToEncode = unexpected -UnableToSign = unexpected -UnableToEncrypt = unexpected -AttributeReleaseRejected = no-release -TermsRejected = no-terms -RuntimeException = runtime-error - -# Exception to error key mappings - -FlowExecutionRestorationFailureException = stale - -# Error key to title and message mappings - -access.title = Access Denied -access.message = You do not have access to the requested resource. - -context-check-denied.title = Access Denied -context-check-denied.message = You are not eligible for the service requested. - -no-release.title = Release of Information Prevented -no-release.message = At your request, the release of your information has been blocked. If you wish to \ - change your decision, you may access the service again and approve the release in the \ - future. - -no-terms.title = Terms of Use Refused -no-terms.message = Having refused the mandatory Terms of Use, access to the service is not permitted. \ - If you wish to change your decision, you may access the service again and approve \ - the terms in the future. - -authn.title = Login Failed -authn.message = User login was not successful or could not meet the requirements of the requesting application. - -endpoint.title = Unable to Respond -endpoint.message = The login service was unable to identify a compatible way to respond to the requested \ - application. This is generally to due to a misconfiguration on the part of the application \ - and should be reported to the application's support team or owner. -relying-party.title = Unsupported Request -relying-party.message = The application you have accessed is not registered for use with this service. -security-cfg.title = Security Configuration Error -security-cfg.message = The login service and the requested application do not share a compatible \ - security configuration, and the request cannot be fulfilled. -security-msg.title = Message Security Error -security-msg.message = The request cannot be fulfilled because the message received does not meet the \ - security requirements of the login service. -stale.title = Stale Request -stale.message =You may be seeing this page because you used the Back button while browsing a \ - secure web site or application. Alternatively, you may have mistakenly bookmarked \ - the web login form instead of the actual web site you wanted to bookmark or used a \ - link created by somebody else who made the same mistake.
\ -\ -
Left unchecked, this can cause errors on some browsers or result in you returning to \ - the web site you tried to leave, so this page is presented instead.
-unexpected.title = Unexpected Error -unexpected.message = An unexpected error was encountered, usually reflecting a configuration or software error. -runtime-error.title = Uncaught Exception -runtime-error.message =A software error was encountered that prevents normal operation:
\ -
#if($exception)$encoder.encodeForHTML($exception.toString())#else$encoder.encodeForHTML($flowExecutionException.getCause().toString())#end
\ -
Please report this problem to your Help Desk or administrative staff. It has \ - also been logged for an administrator to review.
-error.title = Error -error.message = An error occurred: $eventId -root.title = Shibboleth IdP -root.message = No services are available at this location. -root.footer = Insert your footer text here. - diff --git a/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-read.vm b/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-read.vm deleted file mode 100644 index 1993c14..0000000 --- a/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-read.vm +++ /dev/null @@ -1,53 +0,0 @@ -## -## Velocity template to read from local storage. -## -## Velocity context will contain the following properties -## flowExecutionUrl - the form action location -## flowRequestContext - the Spring Web Flow RequestContext -## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl) -## profileRequestContext - root of context tree -## loadContext - context with details about the storage keys to load -## encoder - HTMLEncoder class -## request - HttpServletRequest -## response - HttpServletResponse -## environment - Spring Environment object for property resolution -#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service")) -#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-read.suffix", "Loading Session Information")) -## - - - - - -
-
-
-
diff --git a/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-write.vm b/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-write.vm
deleted file mode 100644
index 4b92d6b..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/client-storage/client-storage-write.vm
+++ /dev/null
@@ -1,53 +0,0 @@
-##
-## Velocity template to write to local storage.
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## saveContext - context with details about the storage data to save
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
-#set ($titleSuffix = $springMacroRequestContext.getMessage("idp.client-storage-write.suffix", "Saving Session Information..."))
-##
-
-
-
-
-
-
-
-
-
-
- $title - $titleSuffix
-
- $springMacroRequestContext.getMessage("idp.client-storage-read.text", "Loading login session information from the browser...")
-
-
- #parse( "client-storage/read.vm" )
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/duo.vm b/test-compose/idp/container_files/config/shib-idp/views/duo.vm
deleted file mode 100644
index cf4f96a..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/duo.vm
+++ /dev/null
@@ -1,83 +0,0 @@
-##
-## Velocity Template for Duo login view-state
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## authenticationContext - context with authentication request information
-## rpUIContext - the context with SP UI information from the metadata
-## canonicalUsername - name of user passed to Duo
-## duoHost - API hostname for Duo frame
-## duoRequest - signed Duo request message
-## duoScriptPath - path to Duo JavaScript source
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-
-
-
-
-
-
-
-
-
-
-
- $title - $titleSuffix
-
- $springMacroRequestContext.getMessage("idp.client-storage-write.text", "Saving login session information to the browser...")
-
-
- #parse( "client-storage/write.vm" )
-
-
-
-
diff --git a/test-compose/idp/container_files/config/shib-idp/views/error.vm b/test-compose/idp/container_files/config/shib-idp/views/error.vm
deleted file mode 100644
index c595175..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/error.vm
+++ /dev/null
@@ -1,72 +0,0 @@
-##
-## Velocity Template for error end-state
-##
-## Velocity context will contain the following properties
-## flowRequestContext - the Spring Web Flow RequestContext
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-#set ($title = $springMacroRequestContext.getMessage("idp.title", "Web Login Service"))
-#set ($defaultTitleSuffix = $springMacroRequestContext.getMessage("idp.title.suffix", "Error"))
-##
-#if ($flowRequestContext)
- ## This handles flow events, the most common case.
- #set ($eventId = $flowRequestContext.getCurrentEvent().getId())
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
- #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
- #if ($eventId == "AccessDenied" or $eventId == "ContextCheckDenied")
- $response.setStatus(403)
- #elseif ($eventId == "AttributeReleaseRejected" || $eventId == "TermsRejected")
- $response.setStatus(200)
- #elseif ($eventKey == "unexpected" || $eventKey == "runtime-error" || $eventKey == "error")
- $response.setStatus(500)
- #else
- $response.setStatus(400)
- #end
-#elseif ($exception)
- ## This handles exceptions that reach the Spring-MVC exception handler.
- #set ($eventId = $exception.getClass().getSimpleName())
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "error"))
- #set ($titleSuffix = $springMacroRequestContext.getMessage("${eventKey}.title", "$defaultTitleSuffix"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "$defaultTitleSuffix: $eventId"))
-#else
- ## This is a catch-all that theoretically shouldn't happen?
- #set ($titleSuffix = $defaultTitleSuffix)
- #set ($message = $springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred."))
-#end
-##
-
-
-
-
-
-
-
- #springMessage()
-
-
-
-
-
-
-
-
-
-
-
- #springMessageText("idp.login.duoRequired", "Authentication with Duo is required for the requested service.")
- - - - - - -- #springMessageText("idp.login.duoCancel", "Cancel this Request") -
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/intercept/attribute-release.vm b/test-compose/idp/container_files/config/shib-idp/views/intercept/attribute-release.vm
deleted file mode 100644
index 0b74551..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/intercept/attribute-release.vm
+++ /dev/null
@@ -1,158 +0,0 @@
-##
-## Velocity Template for DisplayAttributeReleasePage view-state
-##
-## Velocity context will contain the following properties :
-##
-## attributeReleaseContext - context holding consentable attributes
-## attributeReleaseFlowDescriptor - attribute consent flow descriptor
-## attributeDisplayNameFunction - function to display attribute name
-## consentContext - context representing the state of a consent flow
-## encoder - HTMLEncoder class
-## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl)
-## flowExecutionUrl - form action location
-## flowRequestContext - Spring Web Flow RequestContext
-## profileRequestContext - OpenSAML profile request context
-## request - HttpServletRequest
-## response - HttpServletResponse
-## rpUIContext - context with SP UI information from the metadata
-## environment - Spring Environment object for property resolution
-#set ($serviceName = $rpUIContext.serviceName)
-#set ($serviceDescription = $rpUIContext.serviceDescription)
-#set ($informationURL = $rpUIContext.informationURL)
-#set ($privacyStatementURL = $rpUIContext.privacyStatementURL)
-#set ($rpOrganizationLogo = $rpUIContext.getLogo())
-#set ($rpOrganizationName = $rpUIContext.organizationName)
-#set ($replaceDollarWithNewline = true)
-##
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- $title - $titleSuffix
-
- #evaluate($message)
-
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/intercept/terms-of-use.vm b/test-compose/idp/container_files/config/shib-idp/views/intercept/terms-of-use.vm
deleted file mode 100644
index 1bf12c7..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/intercept/terms-of-use.vm
+++ /dev/null
@@ -1,67 +0,0 @@
-##
-## Velocity Template for DisplayTermsOfUsePage view-state
-##
-## Velocity context will contain the following properties :
-##
-## encoder - HTMLEncoder class
-## flowExecutionKey - SWF execution key (this is built into the flowExecutionUrl)
-## flowExecutionUrl - form action location
-## flowRequestContext - Spring Web Flow RequestContext
-## request - HttpServletRequest
-## response - HttpServletResponse
-## rpUIContext - context with SP UI information from the metadata
-## termsOfUseId - terms of use ID to lookup message strings
-## environment - Spring Environment object for property resolution
-#set ($serviceName = $rpUIContext.serviceName)
-#set ($rpOrganizationLogo = $rpUIContext.getLogo())
-##
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- #springMessageText("idp.login.expiringSoon", "Your password will be expiring soon!")
-
-
- #springMessageText("idp.login.changePassword", "To create a new password now, go to") - #.
-#springMessageText("idp.login.proceedBegin", "Your login will proceed in 20 seconds or you may click") - #springMessageText("idp.login.proceedHere", "here") - #springMessageText("idp.login.proceedEnd", "to continue").
-
-
-
- #if ($rpOrganizationLogo)
- )
- #end
-
- #if ($rpOrganizationLogo)
-
-
-
diff --git a/test-compose/idp/container_files/config/shib-idp/views/login-error.vm b/test-compose/idp/container_files/config/shib-idp/views/login-error.vm
deleted file mode 100644
index 44676b3..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/login-error.vm
+++ /dev/null
@@ -1,24 +0,0 @@
-## Velocity Template for login error message production, included by login.vm
-##
-## authenticationErrorContext - context containing error data, if available
-##
-#if ($authenticationErrorContext && $authenticationErrorContext.getClassifiedErrors().size() > 0 && $authenticationErrorContext.getClassifiedErrors().iterator().next() != "ReselectFlow")
- ## This handles errors that are classified by the message maps in the authentication config.
- #set ($eventId = $authenticationErrorContext.getClassifiedErrors().iterator().next())
- #set ($eventKey = $springMacroRequestContext.getMessage("$eventId", "login"))
- #set ($message = $springMacroRequestContext.getMessage("${eventKey}.message", "Login Failure: $eventId"))
-#elseif ($authenticationErrorContext && $authenticationErrorContext.getExceptions().size() > 0)
- ## This handles login exceptions that are left unclassified.
- #set ($loginException = $authenticationErrorContext.getExceptions().get(0))
- #if ($loginException.getMessage())
- #set ($message = "Login Failure: $loginException.getMessage()")
- #else
- #set ($message = $loginException.toString())
- #end
-#end
-
-#if ($message)
-
-
- #end
- #springMessageText("${termsOfUseId}.title", "Terms of Use")
-
- #springMessageText("${termsOfUseId}.text", "Terms of Use Text...")
-
-
-
-
-
-
-
-
-
-
-
- $encoder.encodeForHTML($message)
-
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/logout-complete.vm b/test-compose/idp/container_files/config/shib-idp/views/logout-complete.vm
deleted file mode 100644
index d780252..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/logout-complete.vm
+++ /dev/null
@@ -1,59 +0,0 @@
-##
-## Velocity Template for logout flow's concluding view-state (no propagation)
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- #parse("login-error.vm")
-
-
-
- #*
- //
- // SP Description & Logo (optional)
- // These idpui lines will display added information (if available
- // in the metadata) about the Service Provider (SP) that requested
- // authentication. These idpui lines are "active" in this example
- // (not commented out) - this extra SP info will be displayed.
- // Remove or comment out these lines to stop the display of the
- // added SP information.
- //
- *#
- #set ($logo = $rpUIContext.getLogo())
- #if ($logo)
- )
- #end
- #set ($desc = $rpUIContext.getServiceDescription())
- #if ($desc)
- $encoder.encodeForHTML($desc)
- #end
-
-
-
-
- -
- #if ($passwordEnabled)
-
- › #springMessageText("idp.login.forgotPassword", "Forgot your password?") - #end -
- › #springMessageText("idp.login.needHelp", "Need Help?") -
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/logout-propagate.vm b/test-compose/idp/container_files/config/shib-idp/views/logout-propagate.vm
deleted file mode 100644
index 86b3fa1..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/logout-propagate.vm
+++ /dev/null
@@ -1,58 +0,0 @@
-##
-## Velocity Template for logout flow's concluding view-state (with propagation)
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## htmlEncoder - HTMLEncoder class
-## urlEncoder - urlEncoder class
-## codecUtil - CodecUtil class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-
-
-
-
-
-
-
-
-
-
-
-
-
- #if ( $profileRequestContext.getProfileId().contains("saml2/logout") )
-
- #end
-
-
-
-
-
-
-
- #springMessageText("idp.logout.local", "You elected not to log out of all the applications accessed during your session.")
-
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/logout.vm b/test-compose/idp/container_files/config/shib-idp/views/logout.vm
deleted file mode 100644
index 2342855..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/logout.vm
+++ /dev/null
@@ -1,91 +0,0 @@
-##
-## Velocity Template for logout flow's starting view-state
-##
-## Velocity context will contain the following properties
-## flowExecutionUrl - the form action location
-## flowRequestContext - the Spring Web Flow RequestContext
-## flowExecutionKey - the SWF execution key (this is built into the flowExecutionUrl)
-## profileRequestContext - root of context tree
-## logoutContext - context with SPSession details for logout operation
-## multiRPContext - context with RelyingPartyContexts and possibly SP UI information from the metadata
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-
-
-
-
-
- #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() )
-
- #end
-
-
-
-
-
-
-
-
-
-
-
-
-
- #springMessageText("idp.logout.attempt", "Attempting to log out of the following services:")
- #parse("logout/propagate.vm") -
-
-
-
-
\ No newline at end of file
diff --git a/test-compose/idp/container_files/config/shib-idp/views/spnego-unavailable.vm b/test-compose/idp/container_files/config/shib-idp/views/spnego-unavailable.vm
deleted file mode 100644
index 3673f02..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/spnego-unavailable.vm
+++ /dev/null
@@ -1,49 +0,0 @@
-##
-## Velocity Template for SPNEGO unauthorized page
-##
-## This is not a Spring Webflow view, but a special view internal to the
-## SPNEGO login flow, so it doesn't contain all of the usual SWF variables.
-##
-## Velocity context will contain the following properties
-## encoder - HTMLEncoder class
-## request - HttpServletRequest
-## response - HttpServletResponse
-## profileRequestContext - root of context tree
-## errorUrl - URL to call to indicate error and return back to the login flow
-##
-#set ($eventKey = $springMacroRequestContext.getMessage("SPNEGOUnavailable", "spnego-unavailable"))
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
- - #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() ) -
- - - -
-
-
- This page is displayed when a logout operation at the Identity Provider completes. This page is an example - and should be customized. It is not fully internationalized because the presentation will be a highly localized - decision, and we don't have a good suggestion for a default.
-- - #if ( $logoutContext and !$logoutContext.getSessionMap().isEmpty() ) -
#springMessageText("idp.logout.ask", "Would you like to attempt to log out of all services accessed during your session? Please select Yes or No to ensure the logout operation completes, or wait a few seconds for Yes.")
-- - - -
-
#springMessageText("idp.logout.contactServices", "If you proceed, the system will attempt to contact the following services:")
--
- #foreach ($sp in $logoutContext.getSessionMap().keySet())
- #set ($rpCtx = $multiRPContext.getRelyingPartyContextById($sp))
- #if ($rpCtx)
- #set ($rpUIContext = $rpCtx.getSubcontext("net.shibboleth.idp.ui.context.RelyingPartyUIContext"))
- #end
- #if ($rpUIContext and $rpUIContext.getServiceName())
-
- $encoder.encodeForHTML($rpUIContext.getServiceName()) - #else -
- $encoder.encodeForHTML($sp) - #end - #end -
#springMessageText("idp.logout.complete", "The logout operation is complete, and no other services appear to have been accessed during this session.")
- - - #end - -
-
-
-
diff --git a/test-compose/idp/container_files/config/shib-idp/views/user-prefs.js b/test-compose/idp/container_files/config/shib-idp/views/user-prefs.js
deleted file mode 100644
index ab994f9..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/user-prefs.js
+++ /dev/null
@@ -1,45 +0,0 @@
-"use strict";
-
-function createCookie(name, value, seconds) {
- var date = new Date();
- date.setTime(date.getTime() + (seconds * 1000));
- var expires = "; expires=" + date.toGMTString();
-
- var path = '$environment.getProperty("idp.cookie.path", $request.getContextPath())';
- if (path.length > 0)
- path = "; path=" + path;
- document.cookie = name + "=" + value + expires + path;
-}
-
-function eraseCookie(name) {
- createCookie(name, "", -31536000);
-}
-
-function readCookie(name) {
- var nameEQ = name + "=";
- var ca = document.cookie.split(';');
- for (var i = 0; i < ca.length; i++) {
- var c = ca[i];
- while (c.charAt(0) == ' ')
- c = c.substring(1, c.length);
- if (c.indexOf(nameEQ) == 0)
- return c.substring(nameEQ.length, c.length);
- }
- return null;
-}
-
-function load(id) {
- var checkbox = document.getElementById(id);
- if (checkbox != null) {
- var spnego = readCookie(checkbox.name);
- checkbox.checked = (spnego == "1");
- }
-}
-
-function check(checkbox) {
- if (checkbox.checked) {
- createCookie(checkbox.name, checkbox.value, $environment.getProperty("idp.cookie.maxAge","31536000"));
- } else {
- eraseCookie(checkbox.name);
- }
-}
diff --git a/test-compose/idp/container_files/config/shib-idp/views/user-prefs.vm b/test-compose/idp/container_files/config/shib-idp/views/user-prefs.vm
deleted file mode 100644
index 8de0503..0000000
--- a/test-compose/idp/container_files/config/shib-idp/views/user-prefs.vm
+++ /dev/null
@@ -1,60 +0,0 @@
-##
-## Velocity Template for user preferences view
-##
-## Velocity context will contain the following properties
-## request - HttpServletRequest
-## response - HttpServletResponse
-## environment - Spring Environment object for property resolution
-## custom - arbitrary object injected by deployer
-##
-
-
-
-
-
-
-
-
-
-
-
-
-
- #springMessageText("idp.title", "Web Login Sevice") - #springMessage("idp.title.suffix", "Error")
-
- #springMessageText("${eventKey}.message", "Your web browser doesn't support authentication with your desktop login credentials.")
-
-
-
-
-
-
-
diff --git a/test-compose/idp/container_files/credentials/shib-idp/inc-md-cert-mdq.pem b/test-compose/idp/container_files/credentials/shib-idp/inc-md-cert-mdq.pem
new file mode 100644
index 0000000..178dcf8
--- /dev/null
+++ b/test-compose/idp/container_files/credentials/shib-idp/inc-md-cert-mdq.pem
@@ -0,0 +1,28 @@
+-----BEGIN CERTIFICATE-----
+MIIEvjCCAyagAwIBAgIJANpi9/mkU/zoMA0GCSqGSIb3DQEBCwUAMHQxCzAJBgNV
+BAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRYwFAYDVQQK
+DA1JbnRlcm5ldDIuZWR1MREwDwYDVQQLDAhJbkNvbW1vbjEZMBcGA1UEAwwQbWRx
+LmluY29tbW9uLm9yZzAeFw0xODExMTMxNDI5NDNaFw0zODExMTAxNDI5NDNaMHQx
+CzAJBgNVBAYTAlVTMQswCQYDVQQIDAJNSTESMBAGA1UEBwwJQW5uIEFyYm9yMRYw
+FAYDVQQKDA1JbnRlcm5ldDIuZWR1MREwDwYDVQQLDAhJbkNvbW1vbjEZMBcGA1UE
+AwwQbWRxLmluY29tbW9uLm9yZzCCAaIwDQYJKoZIhvcNAQEBBQADggGPADCCAYoC
+ggGBAJ0+fUTzYVSP6ZOutOEhNdp3WPCPOYqnB4sQFz7IeGbFL1o0lZjx5Izm4Yho
+4wNDd0h486iSkHxNf5dDhCqgz7ZRSmbusOl98SYn70PrUQj/Nzs3w47dPg9Tpb/x
+y44PvNLS/rE56hPgCz/fbHoTTiJt5eosysa1ZebQ3LEyW3jGm+LGtLbdIfkynKVQ
+vpp1FVeCamzdeB3ZRICAvqTYQKE1JQDGlWrEsSW0VVEGNjfbzMzr/g4l8JRdMabQ
+Jig8tj3UIXnu7A2CKSMJSy3WZ3HX+85oHEbL+EV4PtpQz765c69tUIdNTJax9jQ2
+1c3wL0K27HE8jSRlrXImD50R3dXQBKH+iiynBWxRPdyMBa1YfK+zZEWPbLHshSTc
+9hkylQv3awmPR/+Plz5AtTpe5yss/Ifyp01wz1jt42R+6jDE+WbUjp5XDBCAjGEE
+0FPaYtxjZLkmNl367bdTN12OIn/ixPNH+Z/S/4skdBB9Gc4lb2fEBywJQY0OYNOd
+WOxmPwIDAQABo1MwUTAdBgNVHQ4EFgQUMHZuwMaYSJM5mlu3Wc4Ts5xq4/swHwYD
+VR0jBBgwFoAUMHZuwMaYSJM5mlu3Wc4Ts5xq4/swDwYDVR0TAQH/BAUwAwEB/zAN
+BgkqhkiG9w0BAQsFAAOCAYEAMr4wfLrSoPTzfpXtvL+2vrKBJNnRfuJpOYTbPKUc
+DOP2QfzRlczi7suYJvd5rLiRonq8rjyPUyM8gvTfbTps+JhJ6S9mS6dTBxOV1qPZ
+3Ab+XKmq8LUtguGRabKgJgmJH0+inR/wVoal7EVHcWXfij9AT8DZOXW88shc6grh
+jUaFZBu/2+q8c8ee0e4ip8B+CVEnCwDKI0d+nTcSmPvAE34CNa33F+QGpXawv5yv
+VvIpSaLAeFQhc/jKcnNHfy+Zi7JmSnKZiMvQCbWANQmDjHg7pGmBW9nyQcm6P2/B
+0AVcEj1YTpAR8Mbh1pUdIhoB+chaNnFEIZsXeRsdbbAFpxodInlJ7WekfuvSQ6sU
+EXpoyBGOeuuTmR1va8k3QeL8Wc4yNu/g5LwjmtvPrh2jBF8xujc4J6VzP8K2BjA4
+xk4LnXgjHOT93dBAJhVYJkykDHwyvHUvsBHoP6lfjrt5P8zunK2mdP/AZKik+Rdt
+1GGlErV2AyWShTOaDLW6NxdP
+-----END CERTIFICATE-----
diff --git a/test-compose/idp/container_files/credentials/shib-idp/secrets.properties b/test-compose/idp/container_files/credentials/shib-idp/secrets.properties
new file mode 100644
index 0000000..cfe7795
--- /dev/null
+++ b/test-compose/idp/container_files/credentials/shib-idp/secrets.properties
@@ -0,0 +1,13 @@
+# This is a reserved spot for most properties containing passwords or other secrets.
+# Created by install at 2020-02-06T17:19:55.442Z
+
+# Access to internal AES encryption key
+idp.sealer.storePassword = 90fa668e-ce0f-45e7-82f1-fa4bd0273b51
+idp.sealer.keyPassword = 90fa668e-ce0f-45e7-82f1-fa4bd0273b51
+
+# Default access to LDAP authn and attribute stores.
+idp.authn.LDAP.bindDNCredential = password
+idp.attribute.resolver.LDAP.bindDNCredential = %{idp.authn.LDAP.bindDNCredential:undefined}
+
+# Salt used to generate persistent/pairwise IDs, must be kept secret
+#idp.persistentId.salt = changethistosomethingrandom
diff --git a/tests/fulltest.sh b/tests/fulltest.sh
index 22b4a73..40d7d0a 100755
--- a/tests/fulltest.sh
+++ b/tests/fulltest.sh
@@ -6,8 +6,8 @@ echo "Launching fresh containers..."
./compose.sh &>/dev/null
popd &>/dev/null
-echo "Waiting 4 minutes while everything comes up..."
-sleep 240
+echo "Waiting 1 minute while everything comes up..."
+sleep 60
pushd tests &>/dev/null
rm -f ./lastpage.txt
diff --git a/tests/main.bats b/tests/main.bats
index 4fa64f1..e1a04f0 100644
--- a/tests/main.bats
+++ b/tests/main.bats
@@ -42,9 +42,9 @@ load ../common
./tests/checktomcatver.sh ${maintainer}/${imagename}
}
-@test "060 The version of the IdP is current" {
- ./tests/checkidpver.sh ${maintainer}/${imagename}
-}
+#@test "060 The version of the IdP is current" {
+# ./tests/checkidpver.sh ${maintainer}/${imagename}
+#}
@test "070 There are no known security vulnerabilities" {
./tests/clairscan.sh ${maintainer}/${imagename}:latest
diff --git a/tests/sptest.login b/tests/sptest.login
index 53a2277..7c78181 100644
--- a/tests/sptest.login
+++ b/tests/sptest.login
@@ -1,2 +1,3 @@
name=; domain=idp.example.edu; j_username=kwhite; j_password=password;
-
+name=shibboleth;
+name=form1; submit_value=Continue; domain=idp.example.edu;
-
-
-
-
-
-
-
-
-
-
- #springMessageText("idp.title", "Web Login Service") - #springMessageText("idp.userprefs.title.suffix", "Login Preferences")
-- #springMessage("idp.userprefs.info") -
-