common EGIZ code-style refactoring

112 files changed, 6539 insertions, 6652 deletions

diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVP2SProfileCoreSpringResourceProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVP2SProfileCoreSpringResourceProvider.java
deleted file mode 100644
index c72db697..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVP2SProfileCoreSpringResourceProvider.java
+++ /dev/null
@@ -1,54 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2;
-
-import org.springframework.core.io.ClassPathResource;
-import org.springframework.core.io.Resource;
-
-import at.gv.egiz.components.spring.api.SpringResourceProvider;
-
-public class PVP2SProfileCoreSpringResourceProvider implements SpringResourceProvider {
-
-	@Override
-	public String getName() {
-		return "EAAF PVP2 S-Profile Core SpringResourceProvider";
-	}
-
-	@Override
-	public String[] getPackagesToScan() {
-		// TODO Auto-generated method stub
-		return null;
-	}
-
-	@Override
-	public Resource[] getResourcesToLoad() {
-		ClassPathResource sl20AuthConfig = new ClassPathResource("/eaaf_pvp.beans.xml", PVP2SProfileCoreSpringResourceProvider.class);					
-		
-		return new Resource[] {sl20AuthConfig};
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPConstants.java
deleted file mode 100644
index 3b57a7e3..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPConstants.java
+++ /dev/null
@@ -1,139 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.xml.encryption.EncryptionConstants;
-import org.opensaml.xml.signature.SignatureConstants;
-
-import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-
-public interface PVPConstants extends PVPAttributeDefinitions {
-
-	public static final String DEFAULT_SIGNING_METHODE = SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256;
-	public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256;
-	public static final String DEFAULT_SYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256;
-	public static final String DEFAULT_ASYM_ENCRYPTION_METHODE = EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP;
-	
-	public static final String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category";
-	public static final String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken";
-	public static final String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken";
-	
-	@Deprecated
-	public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/";
-	
-	public static final String REDIRECT = "Redirect";
-	public static final String POST = "Post";
-	public static final String SOAP = "Soap";
-	public static final String METADATA = "Metadata";
-	public static final String ATTRIBUTEQUERY = "AttributeQuery";
-	public static final String SINGLELOGOUT = "SingleLogOut";
-	
-	/**  
-	 * 
-	 * Get required PVP attributes for egovtoken
-	 * First : PVP attribute name (OID) 
-	 * Second: FriendlyName
-	 * Third: Required
-	 * 
-	 */
-	public static final List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES = 
-			Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
-				private static final long serialVersionUID = 1L;
-				{	
-					//currently supported attributes
-					add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
-					add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
-					
-					//currently not supported attributes
-					add(Trible.newInstance(USERID_NAME, USERID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(GID_NAME, GID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(PARTICIPANT_ID_NAME, PARTICIPANT_ID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(OU_GV_OU_ID_NAME, OU_GV_OU_ID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(OU_NAME, OU_FRIENDLY_NAME, false));
-					add(Trible.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false));
-					
-					
-				}
-			});
-	
-	/** 
-	 * 
-	 * Get required PVP attributes for citizenToken
-	 * First : PVP attribute name (OID) 
-	 * Second: FriendlyName
-	 * Third: Required
-	 * 
-	 */
-	public static final List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES = 
-			Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
-				private static final long serialVersionUID = 1L;
-				{	
-					//required attributes - eIDAS minimal-data set
-					add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
-					add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
-					add(Trible.newInstance(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
-					add(Trible.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true));
-					add(Trible.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true));
-					
-					
-					//not required attributes
-					add(Trible.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME, EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, false));
-					add(Trible.newInstance(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
-					add(Trible.newInstance(EID_SECTOR_FOR_IDENTIFIER_NAME, EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_TYPE_OID_NAME, MANDATE_TYPE_OID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_NAME, MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_NAT_PER_GIVEN_NAME_NAME, MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_NAT_PER_FAMILY_NAME_NAME, MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_NAT_PER_BIRTHDATE_NAME, MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_LEG_PER_FULL_NAME_NAME, MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME, false));
-					add(Trible.newInstance(MANDATE_REFERENCE_VALUE_NAME, MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
-					
-					
-										
-				}
-			});
-	
-	//constants for requested SAML2 attribtes by using own namespace
-    public static final String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions";
-    public static final String EIDAT10_PREFIX = "eid";
-    
-	public static final QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE =
-            new QName(EIDAT10_SAML_NS, "AttributeValue", EIDAT10_PREFIX);
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPEventConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPEventConstants.java
deleted file mode 100644
index d1f619bf..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PVPEventConstants.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2;
-
-public class PVPEventConstants {
-
-	//TODO!!!
-	public static final int AUTHPROTOCOL_PVP_METADATA = 3100;
-	public static final int AUTHPROTOCOL_PVP_REQUEST_AUTHREQUEST = 3101;
-	public static final int AUTHPROTOCOL_PVP_RESPONSE_ASSERTION = 3105;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java
new file mode 100644
index 00000000..c0482c9d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/Pvp2SProfileCoreSpringResourceProvider.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+public class Pvp2SProfileCoreSpringResourceProvider implements SpringResourceProvider {
+
+  @Override
+  public String getName() {
+    return "EAAF PVP2 S-Profile Core SpringResourceProvider";
+  }
+
+  @Override
+  public String[] getPackagesToScan() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+
+  @Override
+  public Resource[] getResourcesToLoad() {
+    final ClassPathResource sl20AuthConfig =
+        new ClassPathResource("/eaaf_pvp.beans.xml", Pvp2SProfileCoreSpringResourceProvider.class);
+
+    return new Resource[] {sl20AuthConfig};
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
new file mode 100644
index 00000000..e8d42e80
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpConstants.java
@@ -0,0 +1,138 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import javax.xml.namespace.QName;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import org.opensaml.xml.encryption.EncryptionConstants;
+import org.opensaml.xml.signature.SignatureConstants;
+
+public interface PvpConstants extends PVPAttributeDefinitions {
+
+  public static final String DEFAULT_SIGNING_METHODE =
+      SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256;
+  public static final String DEFAULT_DIGESTMETHODE = SignatureConstants.ALGO_ID_DIGEST_SHA256;
+  public static final String DEFAULT_SYM_ENCRYPTION_METHODE =
+      EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256;
+  public static final String DEFAULT_ASYM_ENCRYPTION_METHODE =
+      EncryptionConstants.ALGO_ID_KEYTRANSPORT_RSAOAEP;
+
+  public static final String ENTITY_CATEGORY_ATTRIBITE = "http://macedir.org/entity-category";
+  public static final String EGOVTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/egovtoken";
+  public static final String CITIZENTOKEN = "http://www.ref.gv.at/ns/names/agiz/pvp/citizentoken";
+
+  @Deprecated
+  public static final String STORK_ATTRIBUTE_PREFIX = "http://www.stork.gov.eu/";
+
+  public static final String REDIRECT = "Redirect";
+  public static final String POST = "Post";
+  public static final String SOAP = "Soap";
+  public static final String METADATA = "Metadata";
+  public static final String ATTRIBUTEQUERY = "AttributeQuery";
+  public static final String SINGLELOGOUT = "SingleLogOut";
+
+  /**
+   * Get required PVP attributes for egovtoken First : PVP attribute name (OID) Second: FriendlyName
+   * Third: Required.
+   *
+   */
+  public static final List<Trible<String, String, Boolean>> EGOVTOKEN_PVP_ATTRIBUTES =
+      Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+        private static final long serialVersionUID = 1L;
+        {
+          // currently supported attributes
+          add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+          add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+
+          // currently not supported attributes
+          add(Trible.newInstance(USERID_NAME, USERID_FRIENDLY_NAME, false));
+          add(Trible.newInstance(GID_NAME, GID_FRIENDLY_NAME, false));
+          add(Trible.newInstance(PARTICIPANT_ID_NAME, PARTICIPANT_ID_FRIENDLY_NAME, false));
+          add(Trible.newInstance(OU_GV_OU_ID_NAME, OU_GV_OU_ID_FRIENDLY_NAME, false));
+          add(Trible.newInstance(OU_NAME, OU_FRIENDLY_NAME, false));
+          add(Trible.newInstance(SECCLASS_NAME, SECCLASS_FRIENDLY_NAME, false));
+
+
+        }
+      });
+
+  /**
+   * Get required PVP attributes for citizenToken First : PVP attribute name (OID) Second:
+   * FriendlyName Third: Required.
+   *
+   */
+  public static final List<Trible<String, String, Boolean>> CITIZENTOKEN_PVP_ATTRIBUTES =
+      Collections.unmodifiableList(new ArrayList<Trible<String, String, Boolean>>() {
+        private static final long serialVersionUID = 1L;
+        {
+          // required attributes - eIDAS minimal-data set
+          add(Trible.newInstance(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
+          add(Trible.newInstance(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
+          add(Trible.newInstance(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
+          add(Trible.newInstance(BIRTHDATE_NAME, BIRTHDATE_FRIENDLY_NAME, true));
+          add(Trible.newInstance(BPK_NAME, BPK_FRIENDLY_NAME, true));
+
+
+          // not required attributes
+          add(Trible.newInstance(EID_CITIZEN_EIDAS_QAA_LEVEL_NAME,
+              EID_CITIZEN_EIDAS_QAA_LEVEL_FRIENDLY_NAME, false));
+          add(Trible.newInstance(EID_ISSUING_NATION_NAME, EID_ISSUING_NATION_FRIENDLY_NAME, false));
+          add(Trible.newInstance(EID_SECTOR_FOR_IDENTIFIER_NAME,
+              EID_SECTOR_FOR_IDENTIFIER_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_TYPE_NAME, MANDATE_TYPE_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_TYPE_OID_NAME, MANDATE_TYPE_OID_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_NAME,
+              MANDATE_LEG_PER_SOURCE_PIN_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+              MANDATE_LEG_PER_SOURCE_PIN_TYPE_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_NAT_PER_BPK_NAME, MANDATE_NAT_PER_BPK_FRIENDLY_NAME,
+              false));
+          add(Trible.newInstance(MANDATE_NAT_PER_GIVEN_NAME_NAME,
+              MANDATE_NAT_PER_GIVEN_NAME_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_NAT_PER_FAMILY_NAME_NAME,
+              MANDATE_NAT_PER_FAMILY_NAME_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_NAT_PER_BIRTHDATE_NAME,
+              MANDATE_NAT_PER_BIRTHDATE_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_LEG_PER_FULL_NAME_NAME,
+              MANDATE_LEG_PER_FULL_NAME_FRIENDLY_NAME, false));
+          add(Trible.newInstance(MANDATE_PROF_REP_OID_NAME, MANDATE_PROF_REP_OID_FRIENDLY_NAME,
+              false));
+          add(Trible.newInstance(MANDATE_PROF_REP_DESC_NAME, MANDATE_PROF_REP_DESC_FRIENDLY_NAME,
+              false));
+          add(Trible.newInstance(MANDATE_REFERENCE_VALUE_NAME,
+              MANDATE_REFERENCE_VALUE_FRIENDLY_NAME, false));
+
+
+
+        }
+      });
+
+  // constants for requested SAML2 attribtes by using own namespace
+  public static final String EIDAT10_SAML_NS = "http://eid.gv.at/eID/attributes/saml-extensions";
+  public static final String EIDAT10_PREFIX = "eid";
+
+  public static final QName EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE =
+      new QName(EIDAT10_SAML_NS, "AttributeValue", EIDAT10_PREFIX);
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpEventConstants.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpEventConstants.java
new file mode 100644
index 00000000..41b64470
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/PvpEventConstants.java
@@ -0,0 +1,29 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2;
+
+public class PvpEventConstants {
+
+  // TODO!!!
+  public static final int AUTHPROTOCOL_PVP_METADATA = 3100;
+  public static final int AUTHPROTOCOL_PVP_REQUEST_AUTHREQUEST = 3101;
+  public static final int AUTHPROTOCOL_PVP_RESPONSE_ASSERTION = 3105;
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPVP2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPVP2BasicConfiguration.java
deleted file mode 100644
index 48b0efc5..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPVP2BasicConfiguration.java
+++ /dev/null
@@ -1,50 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api;
-
-import java.util.List;
-
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-
-public interface IPVP2BasicConfiguration {
-	
-	public String getIDPEntityId(String authURL) throws EAAFException;
-
-	public String getIDPSSOPostService(String authURL) throws EAAFException;
-
-	public String getIDPSSORedirectService(String authURL) throws EAAFException;
-
-	public Object getIDPSSOSOAPService(String extractAuthURLFromRequest) throws EAAFException;
-
-	public List<ContactPerson> getIDPContacts() throws EAAFException;
-
-	public Organization getIDPOrganisation() throws EAAFException;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java
new file mode 100644
index 00000000..39c0baff
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/IPvo2BasicConfiguration.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api;
+
+import java.util.List;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
+
+public interface IPvo2BasicConfiguration {
+
+  String getIdpEntityId(String authUrl) throws EaafException;
+
+  String getIdpSsoPostService(String authUrl) throws EaafException;
+
+  String getIdpSsoRedirectService(String authUrl) throws EaafException;
+
+  Object getIspSsoSoapService(String extractAuthUrlFromRequest) throws EaafException;
+
+  List<ContactPerson> getIdpContacts() throws EaafException;
+
+  Organization getIdpOrganisation() throws EaafException;
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
index 3b264b6d..27a6532b 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IDecoder.java
@@ -1,49 +1,40 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.api.binding;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
 import org.opensaml.common.binding.decoding.URIComparator;
 import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.ws.message.decoder.MessageDecodingException;
 import org.opensaml.xml.security.SecurityException;
 
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2Exception;
-
 
 public interface IDecoder {
-	public InboundMessageInterface decode(HttpServletRequest req, 
-			HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator)
-					throws MessageDecodingException, SecurityException, PVP2Exception;
-		
-	public boolean handleDecode(String action, HttpServletRequest req);
-	
-	public String getSAML2BindingName();
+  public InboundMessageInterface decode(HttpServletRequest req, HttpServletResponse resp,
+      MetadataProvider metadataProvider, boolean isSpEndPoint, URIComparator comparator)
+      throws MessageDecodingException, SecurityException, Pvp2Exception;
+
+  public boolean handleDecode(String action, HttpServletRequest req);
+
+  public String getSaml2BindingName();
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
index ec400e7a..9d8b0105 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/binding/IEncoder.java
@@ -1,75 +1,70 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.api.binding;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
 
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2Exception;
-
 public interface IEncoder {
-	
-	/**
-	 * 
-	 * @param req The http request
-	 * @param resp The http response
-	 * @param request The SAML2 request object
-	 * @param targetLocation URL, where the request should be transmit
-	 * @param relayState token for session handling
-	 * @param credentials Credential to sign the request object
-	 * @param pendingReq Internal MOA-ID request object that contains session-state informations but never null
-	 * @throws MessageEncodingException
-	 * @throws SecurityException
-	 * @throws PVP2Exception
-	 */
-	public void encodeRequest(HttpServletRequest req, 
-			HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq) 
-					throws MessageEncodingException, SecurityException, PVP2Exception;
-	
-	/**
-	 * Encoder SAML Response
-	 * @param req The http request
-	 * @param resp The http response
-	 * @param response The SAML2 repsonse object
-	 * @param targetLocation URL, where the request should be transmit
-	 * @param relayState token for session handling
-	 * @param credentials Credential to sign the response object
-	 * @param pendingReq Internal MOA-ID request object that contains session-state informations but never null
-	 * @throws MessageEncodingException
-	 * @throws SecurityException
-	 */
-	public void encodeRespone(HttpServletRequest req, 
-			HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq) 
-					throws MessageEncodingException, SecurityException, PVP2Exception;
+
+  /**
+   * SAML2 Request encoder.
+   *
+   * @param req The http request
+   * @param resp The http response
+   * @param request The SAML2 request object
+   * @param targetLocation URL, where the request should be transmit
+   * @param relayState token for session handling
+   * @param credentials Credential to sign the request object
+   * @param pendingReq Internal MOA-ID request object that contains session-state informations but
+   *        never null
+   * @throws MessageEncodingException In case of an error
+   * @throws SecurityException  In case of an error
+   * @throws Pvp2Exception  In case of an error
+   */
+  void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
+      RequestAbstractType request, String targetLocation, String relayState, Credential credentials,
+      IRequest pendingReq) throws MessageEncodingException, SecurityException, Pvp2Exception;
+
+  /**
+   * Encoder SAML Response.
+   *
+   * @param req The http request
+   * @param resp The http response
+   * @param response The SAML2 repsonse object
+   * @param targetLocation URL, where the request should be transmit
+   * @param relayState token for session handling
+   * @param credentials Credential to sign the response object
+   * @param pendingReq Internal MOA-ID request object that contains session-state informations but
+   *        never null
+   * @throws MessageEncodingException  In case of an error
+   * @throws SecurityException  In case of an error
+   */
+  void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
+      StatusResponseType response, String targetLocation, String relayState, Credential credentials,
+      IRequest pendingReq) throws MessageEncodingException, SecurityException, Pvp2Exception;
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/message/InboundMessageInterface.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/message/InboundMessageInterface.java
index 416672a1..e5b253a2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/message/InboundMessageInterface.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/message/InboundMessageInterface.java
@@ -1,42 +1,34 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.api.message;
 
 import org.w3c.dom.Element;
 
-/**
- * @author tlenz
- *
- */
 public interface InboundMessageInterface {
-	
-	public String getRelayState();
-	public String getEntityID();
-	public boolean isVerified();
-	public Element getInboundMessage();
-	
+
+  String getRelayState();
+
+  String getEntityID();
+
+  boolean isVerified();
+
+  Element getInboundMessage();
+
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataBuilderConfiguration.java
deleted file mode 100644
index c041ec72..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataBuilderConfiguration.java
+++ /dev/null
@@ -1,243 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
-
-import java.util.Collection;
-import java.util.List;
-
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.Organization;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.xml.security.credential.Credential;
-
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-
-/**
- * @author tlenz
- * 
- */
-public interface IPVPMetadataBuilderConfiguration {
-
-	
-	/**
-	 * Defines a unique name for this PVP Service-provider, which is used for logging
-	 * 
-	 * @return
-	 */
-	public String getSPNameForLogging();
-	
-	/**
-	 * Set metadata valid area
-	 * 
-	 * @return valid until in hours [h]
-	 */
-	public int getMetadataValidUntil();
-	
-	/**
-	 * Build a SAML2 Entities element as metadata root element
-	 * 
-	 * @return true, if the metadata should start with entities element 
-	 */
-	public boolean buildEntitiesDescriptorAsRootElement();
-	
-	/**
-	 * 
-	 * 
-	 * @return true, if an IDP SSO-descriptor element should be generated 
-	 */
-	public boolean buildIDPSSODescriptor();
-	
-	/**
-	 * 
-	 * 
-	 * @return true, if an SP SSO-descriptor element should be generated 
-	 */
-	public boolean buildSPSSODescriptor();
-	
-	/**
-	 * Set the PVP entityID for this SAML2 metadata.
-	 * The entityID must be an URL and must be start with the public-URL prefix of the server
-	 * 
-	 * @return PVP entityID postfix as String
-	 */
-	public String getEntityID();
-	
-	/**
-	 * Set a friendlyName for this PVP entity
-	 * 
-	 * @return 
-	 */
-	public String getEntityFriendlyName();
-	
-	/**
-	 * Set the contact information for this metadata entity
-	 * 
-	 * @return
-	 */
-	public List<ContactPerson> getContactPersonInformation();
-	
-	/**
-	 * Set organisation information for this metadata entity
-	 * 
-	 * @return
-	 */
-	public Organization getOrgansiationInformation();
-	
-
-	/**
-	 * Set the credential for metadata signing
-	 * 
-	 * @return
-	 * @throws CredentialsNotAvailableException 
-	 */
-	public Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException;
-	
-	/**
-	 * Set the credential for request/response signing
-	 * IDP metadata: this credential is used for SAML2 response signing
-	 * SP metadata: this credential is used for SAML2 response signing
-	 * 
-	 * @return
-	 * @throws CredentialsNotAvailableException 
-	 */
-	public Credential getRequestorResponseSigningCredentials() throws CredentialsNotAvailableException;
-	
-	/**
-	 * Set the credential for response encryption
-	 * 
-	 * @return
-	 * @throws CredentialsNotAvailableException 
-	 */
-	public Credential getEncryptionCredentials() throws CredentialsNotAvailableException;
-	
-	/**
-	 * Set the IDP Post-Binding URL for WebSSO 
-	 * 
-	 * @return
-	 */
-	public String getIDPWebSSOPostBindingURL();
-	
-	/**
-	 * Set the IDP Redirect-Binding URL for WebSSO 
-	 * 
-	 * @return
-	 */
-	public String getIDPWebSSORedirectBindingURL();
-	
-	/**
-	 * Set the IDP Post-Binding URL for Single LogOut 
-	 * 
-	 * @return
-	 */
-	public String getIDPSLOPostBindingURL();
-	
-	/**
-	 * Set the IDP Redirect-Binding URL for Single LogOut 
-	 * 
-	 * @return
-	 */
-	public String getIDPSLORedirectBindingURL();
-	
-	/**
-	 * Set the SP Post-Binding URL for for the Assertion-Consumer Service
-	 * 
-	 * @return
-	 */
-	public String getSPAssertionConsumerServicePostBindingURL();
-	
-	/**
-	 * Set the SP Redirect-Binding URL for the Assertion-Consumer Service 
-	 * 
-	 * @return
-	 */
-	public String getSPAssertionConsumerServiceRedirectBindingURL();
-	
-	/**
-	 * Set the SP Post-Binding URL for Single LogOut 
-	 * 
-	 * @return
-	 */
-	public String getSPSLOPostBindingURL();
-	
-	/**
-	 * Set the SP Redirect-Binding URL for Single LogOut 
-	 * 
-	 * @return
-	 */
-	public String getSPSLORedirectBindingURL();
-	
-	/**
-	 * Set the SP SOAP-Binding URL for Single LogOut 
-	 * 
-	 * @return
-	 */
-	public String getSPSLOSOAPBindingURL();
-	
-	
-	/**
-	 * Set all SAML2 attributes which could be provided by this IDP
-	 * 
-	 * @return
-	 */
-	public List<Attribute> getIDPPossibleAttributes();
-	
-	/**
-	 * Set all nameID types which could be provided by this IDP
-	 * 
-	 * @return a List of SAML2 nameID types
-	 */
-	public List<String> getIDPPossibleNameITTypes();
-	
-	/**
-	 * Set all SAML2 attributes which are required by the SP
-	 * 
-	 * @return
-	 */
-	public Collection<RequestedAttribute> getSPRequiredAttributes();
-	
-	/**
-	 * Set all nameID types which allowed from the SP
-	 * 
-	 * @return a List of SAML2 nameID types
-	 */
-	public List<String> getSPAllowedNameITTypes();
-	
-	/**
-	 * Set the 'wantAssertionSigned' attribute in SP metadata
-	 * 
-	 * @return
-	 */
-	public boolean wantAssertionSigned();
-	
-	/**
-	 * Set the 'wantAuthnRequestSigned' attribute
-	 * 
-	 * @return
-	 */
-	public boolean wantAuthnRequestSigned();
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataConfigurationFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataConfigurationFactory.java
deleted file mode 100644
index be36a878..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataConfigurationFactory.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
-
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
-
-public interface IPVPMetadataConfigurationFactory {
-	
-	public IPVPMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authURL, AbstractCredentialProvider pvpIDPCredentials);
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataProvider.java
deleted file mode 100644
index f5c6a35a..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPVPMetadataProvider.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
-
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.RoleDescriptor;
-import org.opensaml.saml2.metadata.provider.MetadataFilter;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.saml2.metadata.provider.MetadataProviderException;
-import org.opensaml.xml.XMLObject;
-
-public interface IPVPMetadataProvider extends MetadataProvider {
-
-	boolean requireValidMetadata();
-
-	void setRequireValidMetadata(boolean requireValidMetadata);
-
-	MetadataFilter getMetadataFilter();
-
-	void setMetadataFilter(MetadataFilter newFilter) throws MetadataProviderException;
-
-	XMLObject getMetadata() throws MetadataProviderException;
-
-	EntitiesDescriptor getEntitiesDescriptor(String entitiesID) throws MetadataProviderException;
-
-	EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException;
-
-	List<RoleDescriptor> getRole(String entityID, QName roleName) throws MetadataProviderException;
-
-	RoleDescriptor getRole(String entityID, QName roleName, String supportedProtocol) throws MetadataProviderException;
-
-}
\ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
new file mode 100644
index 00000000..f06a1684
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataBuilderConfiguration.java
@@ -0,0 +1,236 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
+
+import java.util.Collection;
+import java.util.List;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.Organization;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.opensaml.xml.security.credential.Credential;
+
+/**
+ * PVP Metadata builder configuration.
+ *
+ * @author tlenz
+ *
+ */
+public interface IPvpMetadataBuilderConfiguration {
+
+
+  /**
+   * Defines a unique name for this PVP Service-provider, which is used for logging.
+   *
+   * @return
+   */
+  String getSpNameForLogging();
+
+  /**
+   * Set metadata valid area.
+   *
+   * @return valid until in hours [h]
+   */
+  int getMetadataValidUntil();
+
+  /**
+   * Build a SAML2 Entities element as metadata root element.
+   *
+   * @return true, if the metadata should start with entities element
+   */
+  boolean buildEntitiesDescriptorAsRootElement();
+
+  /**
+   * Build an IDP SSO Descriptor.
+   *
+   * @return true, if an IDP SSO-descriptor element should be generated
+   */
+  boolean buildIdpSsoDescriptor();
+
+  /**
+   * Build a SP Descriptor.
+   *
+   * @return true, if an SP SSO-descriptor element should be generated
+   */
+  boolean buildSpSsoDescriptor();
+
+  /**
+   * Set the PVP entityID for this SAML2 metadata. The entityID must be an URL and must be start
+   * with the public-URL prefix of the server.
+   *
+   * @return PVP entityID postfix as String
+   */
+  String getEntityID();
+
+  /**
+   * Set a friendlyName for this PVP entity.
+   *
+   * @return
+   */
+  String getEntityFriendlyName();
+
+  /**
+   * Set the contact information for this metadata entity.
+   *
+   * @return
+   */
+  List<ContactPerson> getContactPersonInformation();
+
+  /**
+   * Set organisation information for this metadata entity.
+   *
+   * @return
+   */
+  Organization getOrgansiationInformation();
+
+
+  /**
+   * Set the credential for metadata signing.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException In case of an error
+   */
+  Credential getMetadataSigningCredentials() throws CredentialsNotAvailableException;
+
+  /**
+   * Set the credential for request/response signing IDP metadata: this credential is used for SAML2
+   * response signing SP metadata: this credential is used for SAML2 response signing.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException  In case of an error
+   */
+  Credential getRequestorResponseSigningCredentials()
+      throws CredentialsNotAvailableException;
+
+  /**
+   * Set the credential for response encryption.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException  In case of an error
+   */
+  Credential getEncryptionCredentials() throws CredentialsNotAvailableException;
+
+  /**
+   * Set the IDP Post-Binding URL for WebSSO.
+   *
+   * @return
+   */
+  String getIdpWebSsoPostBindingUrl();
+
+  /**
+   * Set the IDP Redirect-Binding URL for WebSSO.
+   *
+   * @return
+   */
+  String getIdpWebSsoRedirectBindingUrl();
+
+  /**
+   * Set the IDP Post-Binding URL for Single LogOut.
+   *
+   * @return
+   */
+  String getIdpSloPostBindingUrl();
+
+  /**
+   * Set the IDP Redirect-Binding URL for Single LogOut.
+   *
+   * @return
+   */
+  String getIdpSloRedirectBindingUrl();
+
+  /**
+   * Set the SP Post-Binding URL for for the Assertion-Consumer Service.
+   *
+   * @return
+   */
+  String getSpAssertionConsumerServicePostBindingUrl();
+
+  /**
+   * Set the SP Redirect-Binding URL for the Assertion-Consumer Service.
+   *
+   * @return
+   */
+  String getSpAssertionConsumerServiceRedirectBindingUrl();
+
+  /**
+   * Set the SP Post-Binding URL for Single LogOut.
+   *
+   * @return
+   */
+  String getSpSloPostBindingUrl();
+
+  /**
+   * Set the SP Redirect-Binding URL for Single LogOut.
+   *
+   * @return
+   */
+  String getSpSloRedirectBindingUrl();
+
+  /**
+   * Set the SP SOAP-Binding URL for Single LogOut.
+   *
+   * @return
+   */
+  String getSpSloSoapBindingUrl();
+
+
+  /**
+   * Set all SAML2 attributes which could be provided by this IDP.
+   *
+   * @return
+   */
+  List<Attribute> getIdpPossibleAttributes();
+
+  /**
+   * Set all nameID types which could be provided by this IDP.
+   *
+   * @return a List of SAML2 nameID types
+   */
+  List<String> getIdpPossibleNameIdTypes();
+
+  /**
+   * Set all SAML2 attributes which are required by the SP.
+   *
+   * @return
+   */
+  Collection<RequestedAttribute> getSpRequiredAttributes();
+
+  /**
+   * Set all nameID types which allowed from the SP.
+   *
+   * @return a List of SAML2 nameID types
+   */
+  List<String> getSpAllowedNameIdTypes();
+
+  /**
+   * Set the 'wantAssertionSigned' attribute in SP metadata.
+   *
+   * @return
+   */
+  boolean wantAssertionSigned();
+
+  /**
+   * Set the 'wantAuthnRequestSigned' attribute.
+   *
+   * @return
+   */
+  boolean wantAuthnRequestSigned();
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java
new file mode 100644
index 00000000..4207d860
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataConfigurationFactory.java
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
+
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+
+public interface IPvpMetadataConfigurationFactory {
+
+
+  IPvpMetadataBuilderConfiguration generateMetadataBuilderConfiguration(String authUrl,
+      AbstractCredentialProvider pvpIdpCredentials);
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java
new file mode 100644
index 00000000..bc90ff3f
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IPvpMetadataProvider.java
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.XMLObject;
+
+public interface IPvpMetadataProvider extends MetadataProvider {
+
+  @Override
+  boolean requireValidMetadata();
+
+  @Override
+  void setRequireValidMetadata(boolean requireValidMetadata);
+
+  @Override
+  MetadataFilter getMetadataFilter();
+
+  @Override
+  void setMetadataFilter(MetadataFilter newFilter) throws MetadataProviderException;
+
+  @Override
+  XMLObject getMetadata() throws MetadataProviderException;
+
+  @Override
+  EntitiesDescriptor getEntitiesDescriptor(String entitiesID) throws MetadataProviderException;
+
+  @Override
+  EntityDescriptor getEntityDescriptor(String entityID) throws MetadataProviderException;
+
+  @Override
+  List<RoleDescriptor> getRole(String entityID, QName roleName) throws MetadataProviderException;
+
+  @Override
+  RoleDescriptor getRole(String entityID, QName roleName, String supportedProtocol)
+      throws MetadataProviderException;
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
index 2f9e5fea..74ee74de 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/metadata/IRefreshableMetadataProvider.java
@@ -1,42 +1,37 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.api.metadata;
 
 /**
+ * Metadata provider that supports dynamic refreshing on external events.
+ *
  * @author tlenz
  *
  */
 public interface IRefreshableMetadataProvider {
 
-	/**
-	 * Refresh a entity or load a entity in a metadata provider 
-	 * 
-	 * @param entityID
-	 * @return true, if refresh is success, otherwise false
-	 */
-	public boolean refreshMetadataProvider(String entityID);
+  /**
+   * Refresh a entity or load a entity in a metadata provider.
+   *
+   * @param entityID EntityId
+   * @return true, if refresh is success, otherwise false
+   */
+  public boolean refreshMetadataProvider(String entityID);
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttribute.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttribute.java
deleted file mode 100644
index 0501a990..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttribute.java
+++ /dev/null
@@ -1,154 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.reqattr;
-
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.common.SAMLObject;
-import org.opensaml.xml.AttributeExtensibleXMLObject;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSBooleanValue;
-
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-
-public interface EAAFRequestedAttribute extends SAMLObject, AttributeExtensibleXMLObject , org.opensaml.saml2.metadata.RequestedAttribute{
-
-    /** Element local name. */
-    String DEF_LOCAL_NAME = "RequestedAttribute";
-
-    /** Local name of the XSI type. */
-    String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType";
-
-    
-	 /** Default element name. */
-    QName DEFAULT_ELEMENT_NAME = new QName(PVPConstants.EIDAT10_SAML_NS, DEF_LOCAL_NAME,
-    		PVPConstants.EIDAT10_PREFIX);
-
-    /** QName of the XSI type. */
-    QName TYPE_NAME = new QName(PVPConstants.EIDAT10_SAML_NS, TYPE_LOCAL_NAME,
-    		PVPConstants.EIDAT10_PREFIX);
-	
-	
-
-    /** NAME_ATTRIB_NAME attribute name. */
-    String NAME_ATTRIB_NAME = "Name";
-
-    /** NAME_FORMAT_ATTRIB_NAME attribute name. */
-    String NAME_FORMAT_ATTR = "NameFormat";
-
-    /** IS_REQUIRED_ATTRIB_NAME attribute name. */
-    String IS_REQUIRED_ATTR = "isRequired";
-
-    /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */
-    String FRIENDLY_NAME_ATT = "FriendlyName";
-
-    /** Unspecified attribute format ID. */
-    String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
-
-    /** URI reference attribute format ID. */
-    String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
-
-    /** Basic attribute format ID. */
-    String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
-
-    /**
-     * Gets the name.
-     *
-     * @return the name
-     */
-    String getName();
-
-    /**
-     * Sets the name.
-     *
-     * @param name the new name
-     */
-    void setName(String name);
-
-    /**
-     * Gets the name format.
-     *
-     * @return the name format
-     */
-    String getNameFormat();
-
-    /**
-     * Sets the name format.
-     *
-     * @param nameFormat the new name format
-     */
-    void setNameFormat(String nameFormat);
-
-    /**
-     * Gets the friendly name.
-     *
-     * @return the friendly name
-     */
-    String getFriendlyName();
-
-    /**
-     * Sets the friendly name.
-     *
-     * @param friendlyName the new friendly name
-     */
-    void setFriendlyName(String friendlyName);
-
-/*    *//**
-     * Gets the checks if is required.
-     *
-     * @return the checks if is required
-     *//*
-    String isRequired();*/
-
-    /**
-     * Gets the checks if is required xs boolean.
-     *
-     * @return the checks if is required xs boolean
-     */
-    String getIsRequiredXSBoolean();
-
-    /**
-     * Sets the checks if is required.
-     *
-     * @param newIsRequired the new checks if is required
-     */
-    void setIsRequired(String newIsRequired);
-
-    /**
-     * Gets the attribute values.
-     *
-     * @return the attribute values
-     */
-    List<XMLObject> getAttributeValues();
-
-    XSBooleanValue isRequiredXSBoolean();
-
-    void setIsRequired(Boolean aBoolean);
-
-    void setIsRequired(XSBooleanValue xsBooleanValue);
-    
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttributes.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttributes.java
deleted file mode 100644
index 768d5c36..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EAAFRequestedAttributes.java
+++ /dev/null
@@ -1,56 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.reqattr;
-
-import java.util.List;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.common.SAMLObject;
-
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-
-public interface EAAFRequestedAttributes extends SAMLObject {
-    /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
-    String DEF_LOCAL_NAME = "RequestedAttributes";
-
-    /** Default element name. */
-    QName DEFAULT_ELEMENT_NAME = new QName(PVPConstants.EIDAT10_SAML_NS, DEF_LOCAL_NAME,
-    		PVPConstants.EIDAT10_PREFIX);
-
-    /** Local name of the XSI type. */
-    String TYPE_LOCAL_NAME = "RequestedAttributesType";
-
-    /** QName of the XSI type. */
-    QName TYPE_NAME = new QName(PVPConstants.EIDAT10_SAML_NS, TYPE_LOCAL_NAME,
-    		PVPConstants.EIDAT10_PREFIX);
-
-    /**
-     * Gets the attributes.
-     *
-     * @return the attributes
-     */
-    List<EAAFRequestedAttribute> getAttributes();
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java
new file mode 100644
index 00000000..f44a545d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttribute.java
@@ -0,0 +1,150 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.reqattr;
+
+import java.util.List;
+import javax.xml.namespace.QName;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import org.opensaml.common.SAMLObject;
+import org.opensaml.xml.AttributeExtensibleXMLObject;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSBooleanValue;
+
+public interface EaafRequestedAttribute extends SAMLObject, AttributeExtensibleXMLObject,
+    org.opensaml.saml2.metadata.RequestedAttribute {
+
+  /** Element local name. */
+  String DEF_LOCAL_NAME = "RequestedAttribute";
+
+  /** Local name of the XSI type. */
+  String TYPE_LOCAL_NAME = "RequestedAttributeAbstractType";
+
+
+  /** Default element name. */
+  QName DEFAULT_ELEMENT_NAME =
+      new QName(PvpConstants.EIDAT10_SAML_NS, DEF_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX);
+
+  /** QName of the XSI type. */
+  QName TYPE_NAME =
+      new QName(PvpConstants.EIDAT10_SAML_NS, TYPE_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX);
+
+
+
+  /** NAME_ATTRIB_NAME attribute name. */
+  String NAME_ATTRIB_NAME = "Name";
+
+  /** NAME_FORMAT_ATTRIB_NAME attribute name. */
+  String NAME_FORMAT_ATTR = "NameFormat";
+
+  /** IS_REQUIRED_ATTRIB_NAME attribute name. */
+  String IS_REQUIRED_ATTR = "isRequired";
+
+  /** FRIENDLY_NAME_ATTRIB_NAME attribute name. */
+  String FRIENDLY_NAME_ATT = "FriendlyName";
+
+  /** Unspecified attribute format ID. */
+  String UNSPECIFIED = "urn:oasis:names:tc:SAML:2.0:attrname-format:unspecified";
+
+  /** URI reference attribute format ID. */
+  String URI_REFERENCE = "urn:oasis:names:tc:SAML:2.0:attrname-format:uri";
+
+  /** Basic attribute format ID. */
+  String BASIC = "urn:oasis:names:tc:SAML:2.0:attrname-format:basic";
+
+  /**
+   * Gets the name.
+   *
+   * @return the name
+   */
+  @Override
+  String getName();
+
+  /**
+   * Sets the name.
+   *
+   * @param name the new name
+   */
+  @Override
+  void setName(String name);
+
+  /**
+   * Gets the name format.
+   *
+   * @return the name format
+   */
+  @Override
+  String getNameFormat();
+
+  /**
+   * Sets the name format.
+   *
+   * @param nameFormat the new name format
+   */
+  @Override
+  void setNameFormat(String nameFormat);
+
+  /**
+   * Gets the friendly name.
+   *
+   * @return the friendly name
+   */
+  @Override
+  String getFriendlyName();
+
+  /**
+   * Sets the friendly name.
+   *
+   * @param friendlyName the new friendly name
+   */
+  @Override
+  void setFriendlyName(String friendlyName);
+
+  /**
+   * Gets the checks if is required xs boolean.
+   *
+   * @return the checks if is required xs boolean
+   */
+  String getIsRequiredXsBoolean();
+
+  @Override
+  void setIsRequired(Boolean aboolean);
+
+  @Override
+  void setIsRequired(XSBooleanValue xsBooleanValue);
+
+  /**
+   * Sets the checks if is required.
+   *
+   * @param newIsRequired the new checks if is required
+   */
+  void setIsRequired(String newIsRequired);
+
+  /**
+   * Gets the attribute values.
+   *
+   * @return the attribute values
+   */
+  @Override
+  List<XMLObject> getAttributeValues();
+
+  @Override
+  XSBooleanValue isRequiredXSBoolean();
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java
new file mode 100644
index 00000000..98f118b0
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/reqattr/EaafRequestedAttributes.java
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.reqattr;
+
+import java.util.List;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.SAMLObject;
+
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+
+public interface EaafRequestedAttributes extends SAMLObject {
+  /** The Constant DEFAULT_ELEMENT_LOCAL_NAME. */
+  String DEF_LOCAL_NAME = "RequestedAttributes";
+
+  /** Default element name. */
+  QName DEFAULT_ELEMENT_NAME =
+      new QName(PvpConstants.EIDAT10_SAML_NS, DEF_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX);
+
+  /** Local name of the XSI type. */
+  String TYPE_LOCAL_NAME = "RequestedAttributesType";
+
+  /** QName of the XSI type. */
+  QName TYPE_NAME =
+      new QName(PvpConstants.EIDAT10_SAML_NS, TYPE_LOCAL_NAME, PvpConstants.EIDAT10_PREFIX);
+
+  /**
+   * Gets the attributes.
+   *
+   * @return the attributes
+   */
+  List<EaafRequestedAttribute> getAttributes();
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java
index 439543fe..41dcd3b9 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/IAuthnRequestValidator.java
@@ -1,39 +1,33 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.api.validation;
 
 import javax.servlet.http.HttpServletRequest;
-
-import org.opensaml.saml2.core.AuthnRequest;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
 
 public interface IAuthnRequestValidator {
 
-	void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException;
+  void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq,
+      SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException;
 
-}
\ No newline at end of file
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISAMLValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISAMLValidator.java
deleted file mode 100644
index 4b8ddea6..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISAMLValidator.java
+++ /dev/null
@@ -1,35 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.api.validation;
-
-import org.opensaml.saml2.core.RequestAbstractType;
-
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-
-public interface ISAMLValidator {
-	public void validateRequest(RequestAbstractType request) throws EAAFException;
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java
new file mode 100644
index 00000000..3cbe59da
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/api/validation/ISamlValidator.java
@@ -0,0 +1,28 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.api.validation;
+
+import org.opensaml.saml2.core.RequestAbstractType;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+
+public interface ISamlValidator {
+  void validateRequest(RequestAbstractType request) throws EaafException;
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java
index 189dc91e..82fb2c79 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/AttributQueryException.java
@@ -1,48 +1,35 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
-/**
- * @author tlenz
- *
- */
-public class AttributQueryException extends PVP2Exception {
+public class AttributQueryException extends Pvp2Exception {
+
+
+  private static final long serialVersionUID = -4302422507173728748L;
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -4302422507173728748L;
+  public AttributQueryException(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+  }
 
-	public AttributQueryException(String messageId, Object[] parameters) {
-		super(messageId, parameters);
-	}
-	
-	public AttributQueryException(String messageId, Object[] parameters, Throwable e) {
-		super(messageId, parameters, e);
-	}
+  public AttributQueryException(final String messageId, final Object[] parameters, final Throwable e) {
+    super(messageId, parameters, e);
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
index d966e4a1..97971d3a 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/BindingNotSupportedException.java
@@ -1,45 +1,38 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
 import org.opensaml.saml2.core.StatusCode;
 
-public class BindingNotSupportedException extends PVP2Exception {
+public class BindingNotSupportedException extends Pvp2Exception {
+
+  private static final long serialVersionUID = -7227603941387879360L;
+
+  public BindingNotSupportedException(final String binding) {
+    super("pvp2.11", new Object[] {binding});
+    this.statusCodeValue = StatusCode.UNSUPPORTED_BINDING_URI;
+  }
+
+
+
 
-	public BindingNotSupportedException(String binding) {
-		super("pvp2.11", new Object[] {binding});
-		this.statusCodeValue = StatusCode.UNSUPPORTED_BINDING_URI;
-	}
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -7227603941387879360L;
 
-	
-	
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java
index e079cdef..ae64e134 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/CredentialsNotAvailableException.java
@@ -1,48 +1,40 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+
+public class CredentialsNotAvailableException extends EaafException {
+
+  private static final long serialVersionUID = -2564476345552842599L;
+
+  public CredentialsNotAvailableException(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+  }
+
+  public CredentialsNotAvailableException(final String messageId, final Object[] parameters,
+      final Throwable e) {
+    super(messageId, parameters, e);
+  }
 
-public class CredentialsNotAvailableException extends EAAFException {
 
-	public CredentialsNotAvailableException(String messageId,
-			Object[] parameters) {
-		super(messageId, parameters);
-	}
 
-	public CredentialsNotAvailableException(String messageId,
-			Object[] parameters, Throwable e) {
-		super(messageId, parameters, e);
-	}
-	
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -2564476345552842599L;
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
index 6bcddf8a..8ca373c4 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidDateFormatException.java
@@ -1,43 +1,35 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
 import org.opensaml.saml2.core.StatusCode;
 
-public class InvalidDateFormatException extends PVP2Exception {
+public class InvalidDateFormatException extends Pvp2Exception {
+
+  private static final long serialVersionUID = -6867976890237846085L;
+
+  public InvalidDateFormatException() {
+    super("pvp2.02", null);
+    this.statusCodeValue = StatusCode.REQUESTER_URI;
+  }
 
-	public InvalidDateFormatException() {
-		super("pvp2.02", null);
-		this.statusCodeValue = StatusCode.REQUESTER_URI;
-	}
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -6867976890237846085L;
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPVPRequestException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPVPRequestException.java
deleted file mode 100644
index 1d79ae2e..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPVPRequestException.java
+++ /dev/null
@@ -1,40 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-public class InvalidPVPRequestException extends PVP2Exception {
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1L;
-
-	public InvalidPVPRequestException(String messageId, Object[] parameters) {
-		super(messageId, parameters);
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPvpRequestException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPvpRequestException.java
new file mode 100644
index 00000000..e13731d6
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/InvalidPvpRequestException.java
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+public class InvalidPvpRequestException extends Pvp2Exception {
+
+  private static final long serialVersionUID = 1L;
+
+  public InvalidPvpRequestException(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIDFormatNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIDFormatNotSupportedException.java
deleted file mode 100644
index a5ff811d..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIDFormatNotSupportedException.java
+++ /dev/null
@@ -1,46 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-import org.opensaml.saml2.core.StatusCode;
-
-import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
-
-public class NameIDFormatNotSupportedException extends AuthnRequestValidatorException {
-
-	public NameIDFormatNotSupportedException(String nameIDFormat) {
-		super("pvp2.12", new Object[] {nameIDFormat});
-		statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI;
-
-	}
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -2270762519437873336L;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java
new file mode 100644
index 00000000..b43db603
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NameIdFormatNotSupportedException.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import org.opensaml.saml2.core.StatusCode;
+
+public class NameIdFormatNotSupportedException extends AuthnRequestValidatorException {
+
+  private static final long serialVersionUID = -2270762519437873336L;
+
+  /**
+   * Invalid nameIdFormat in SAML2 request.
+   *
+   * @param nameIdFormat requested NameIdFormat
+   */
+  public NameIdFormatNotSupportedException(final String nameIdFormat) {
+    super("pvp2.12", new Object[] {nameIdFormat});
+    statusCodeValue = StatusCode.INVALID_NAMEID_POLICY_URI;
+
+  }
+
+
+
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
index e600a1c7..f22d2d17 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/NoMetadataInformationException.java
@@ -1,43 +1,36 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
 import org.opensaml.saml2.core.StatusCode;
 
-public class NoMetadataInformationException extends PVP2Exception {
+public class NoMetadataInformationException extends Pvp2Exception {
+
+  private static final long serialVersionUID = -4608068445208032193L;
+
+  public NoMetadataInformationException() {
+    super("pvp2.15", null);
+    this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL_URI;
+  }
+
 
-	public NoMetadataInformationException() {
-		super("pvp2.15", null);
-		this.statusCodeValue = StatusCode.UNKNOWN_PRINCIPAL_URI;
-	}
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -4608068445208032193L;
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2Exception.java
deleted file mode 100644
index cfe4ca9d..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2Exception.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-import org.opensaml.saml2.core.StatusCode;
-
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-
-public abstract class PVP2Exception extends EAAFException {
-	//TODO:!!!!!
-	
-	protected String statusCodeValue = StatusCode.RESPONDER_URI;
-	protected String statusMessageValue = null;
-	
-	public PVP2Exception(String messageId, Object[] parameters,
-			Throwable wrapped) {
-		super(messageId, parameters,  wrapped);
-		this.statusMessageValue = this.getMessage();
-	}
-
-	public PVP2Exception(String messageId, Object[] parameters) {
-		super(messageId, parameters);
-		this.statusMessageValue = this.getMessage();
-	}
-	
-	
-	public String getStatusCodeValue() {
-		return (this.statusCodeValue);
-	}
-	
-	public String getStatusMessageValue() {
-		return (this.statusMessageValue);
-	}
-	
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 7669537952484421069L;
-
-	
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2MetadataException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2MetadataException.java
deleted file mode 100644
index 379fe19f..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/PVP2MetadataException.java
+++ /dev/null
@@ -1,41 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-public class PVP2MetadataException extends PVP2Exception {
-
-	private static final long serialVersionUID = 1L;
-
-	public PVP2MetadataException(String messageId, Object[] parameters) {
-		super(messageId, parameters);
-	}
-	
-	public PVP2MetadataException(String messageId, Object[] parameters, Throwable wrapped) {
-		super(messageId, parameters, wrapped);
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
new file mode 100644
index 00000000..93980a73
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2Exception.java
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import org.opensaml.saml2.core.StatusCode;
+
+public abstract class Pvp2Exception extends EaafException {
+  private static final long serialVersionUID = 7669537952484421069L;
+
+  protected String statusCodeValue = StatusCode.RESPONDER_URI;
+  protected String statusMessageValue = null;
+
+  public Pvp2Exception(final String messageId, final Object[] parameters, final Throwable wrapped) {
+    super(messageId, parameters, wrapped);
+    this.statusMessageValue = this.getMessage();
+  }
+
+  public Pvp2Exception(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+    this.statusMessageValue = this.getMessage();
+  }
+
+
+  public String getStatusCodeValue() {
+    return (this.statusCodeValue);
+  }
+
+  public String getStatusMessageValue() {
+    return (this.statusMessageValue);
+  }
+
+
+
+
+
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java
new file mode 100644
index 00000000..ab0e8871
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/Pvp2MetadataException.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+public class Pvp2MetadataException extends Pvp2Exception {
+
+  private static final long serialVersionUID = 1L;
+
+  public Pvp2MetadataException(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+  }
+
+  public Pvp2MetadataException(final String messageId, final Object[] parameters, final Throwable wrapped) {
+    super(messageId, parameters, wrapped);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotAllowedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotAllowedException.java
deleted file mode 100644
index a8012d85..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotAllowedException.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-import org.opensaml.saml2.core.StatusCode;
-
-
-public class QAANotAllowedException extends PVP2Exception {
-
-	public QAANotAllowedException(String qaa_auth, String qaa_request, String mode) {
-		super("pvp2.17", new Object[] {qaa_auth, qaa_request, mode});
-		this.statusCodeValue = StatusCode.REQUESTER_URI;
-	}
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -3964192953884089323L;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotSupportedException.java
deleted file mode 100644
index 0b53ae23..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QAANotSupportedException.java
+++ /dev/null
@@ -1,44 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-import org.opensaml.saml2.core.StatusCode;
-
-
-public class QAANotSupportedException extends PVP2Exception {
-
-	public QAANotSupportedException(String qaa) {
-		super("pvp2.05", new Object[] {qaa});
-		this.statusCodeValue = StatusCode.REQUESTER_URI;
-	}
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = -3964192953884089323L;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java
new file mode 100644
index 00000000..9edba3f2
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotAllowedException.java
@@ -0,0 +1,33 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+import org.opensaml.saml2.core.StatusCode;
+
+
+public class QaaNotAllowedException extends Pvp2Exception {
+
+  private static final long serialVersionUID = -3964192953884089323L;
+
+  public QaaNotAllowedException(final String qaaAuth, final String qaaRequest, final String mode) {
+    super("pvp2.17", new Object[] {qaaAuth, qaaRequest, mode});
+    this.statusCodeValue = StatusCode.REQUESTER_URI;
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java
new file mode 100644
index 00000000..dc48508d
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/QaaNotSupportedException.java
@@ -0,0 +1,37 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+import org.opensaml.saml2.core.StatusCode;
+
+
+public class QaaNotSupportedException extends Pvp2Exception {
+
+  private static final long serialVersionUID = -3964192953884089323L;
+
+  public QaaNotSupportedException(final String qaa) {
+    super("pvp2.05", new Object[] {qaa});
+    this.statusCodeValue = StatusCode.REQUESTER_URI;
+  }
+
+
+
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SAMLMetadataSignatureException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SAMLMetadataSignatureException.java
deleted file mode 100644
index 9e35871d..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SAMLMetadataSignatureException.java
+++ /dev/null
@@ -1,48 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.exception;
-
-import org.opensaml.saml2.core.StatusCode;
-
-public class SAMLMetadataSignatureException extends PVP2Exception {
-
-	public SAMLMetadataSignatureException() {
-		super("pvp2.25", null);
-		this.statusCodeValue = StatusCode.REQUESTER_URI;
-	}
-	
-	public SAMLMetadataSignatureException(Throwable e) {
-		super("pvp2.25", null, e);
-		this.statusCodeValue = StatusCode.REQUESTER_URI;
-	}
-
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1L;
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java
new file mode 100644
index 00000000..ede310f0
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SamlMetadataSignatureException.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.exception;
+
+import org.opensaml.saml2.core.StatusCode;
+
+public class SamlMetadataSignatureException extends Pvp2Exception {
+  private static final long serialVersionUID = 1L;
+
+  public SamlMetadataSignatureException() {
+    super("pvp2.25", null);
+    this.statusCodeValue = StatusCode.REQUESTER_URI;
+  }
+
+  public SamlMetadataSignatureException(final Throwable e) {
+    super("pvp2.25", null, e);
+    this.statusCodeValue = StatusCode.REQUESTER_URI;
+  }
+
+
+
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java
index f9adbf6d..39cf148b 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SchemaValidationException.java
@@ -1,56 +1,35 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
-/**
- * @author tlenz
- *
- */
-public class SchemaValidationException extends PVP2Exception {
+public class SchemaValidationException extends Pvp2Exception {
+
+  private static final long serialVersionUID = 1L;
+
 
-	/**
-	 * 
-	 */
-	private static final long serialVersionUID = 1L;
+  public SchemaValidationException(final String messageId, final Object[] parameters) {
+    super(messageId, parameters);
+  }
 
-	/**
-	 * @param messageId
-	 * @param parameters
-	 */
-	public SchemaValidationException(String messageId, Object[] parameters) {
-		super(messageId, parameters);
-	}
-	
-	/**
-	 * @param messageId
-	 * @param parameters
-	 */
-	public SchemaValidationException(String messageId, Object[] parameters, Throwable e) {
-		super(messageId, parameters, e);
-	}
+  public SchemaValidationException(final String messageId, final Object[] parameters, final Throwable e) {
+    super(messageId, parameters, e);
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
index 1f1f46e5..410686f6 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/exception/SignatureValidationException.java
@@ -1,62 +1,43 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.exception;
 
 import org.opensaml.saml2.metadata.provider.FilterException;
 
-/**
- * @author tlenz
- *
- */
 public class SignatureValidationException extends FilterException {
 
-	/**
-	 * @param string
-	 */
-	public SignatureValidationException(String string) {
-		super(string);
-		
-	}
-
-	/**
-	 * @param e
-	 */
-	public SignatureValidationException(Exception e) {
-		super(e);
-	}
-
-	/**
-	 * @param string
-	 * @param object
-	 */
-	public SignatureValidationException(String string, Exception e) {
-		super(string, e);
-	}
-
-	private static final long serialVersionUID = 1L;
+  private static final long serialVersionUID = 1L;
+
+  public SignatureValidationException(final String string) {
+    super(string);
+
+  }
+
+  public SignatureValidationException(final Exception e) {
+    super(e);
+  }
+
+  public SignatureValidationException(final String string, final Exception e) {
+    super(string, e);
+  }
+
+
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
index 79578788..0933f0a2 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/PostBinding.java
@@ -1,34 +1,43 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfigurationFactory;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HttpPostEncoderWithOwnTemplate;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpSignedRequestPolicyRule;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -57,186 +66,174 @@ import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.gui.IGUIBuilderConfigurationFactory;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.impl.gui.velocity.VelocityProvider;
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.HTTPPostEncoderWithOwnTemplate;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PVPSignedRequestPolicyRule;
-
 @Service("PVPPOSTBinding")
 public class PostBinding implements IDecoder, IEncoder {
-	private static final Logger log = LoggerFactory.getLogger(PostBinding.class);
-	
-	@Autowired(required=true) IConfiguration authConfig;	
-	@Autowired(required=true) IVelocityGuiFormBuilder guiBuilder;
-	@Autowired(required=true) IGUIBuilderConfigurationFactory guiConfigFactory;
-	
-	@Override
-	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)	
-			throws MessageEncodingException, SecurityException {
-	
-		try {
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			
-			//initialize POST binding encoder with template decoration
-			final IVelocityGUIBuilderConfiguration guiConfig = guiConfigFactory.getSPSpecificSAML2PostConfiguration(
-							pendingReq, 
-							"pvp_postbinding_template.html", 							
-							authConfig.getConfigurationRootDirectory());
-			
-			final HTTPPostEncoderWithOwnTemplate encoder = new HTTPPostEncoderWithOwnTemplate(guiConfig, guiBuilder,
-					VelocityProvider.getClassPathVelocityEngine());	
-			
-			//set OpenSAML2 process parameter into binding context dao
-			final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					resp, true);
-			final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-			final SingleSignOnService service = new SingleSignOnServiceBuilder().buildObject();
-			service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
-			service.setLocation(targetLocation);;
-		
-			context.setOutboundSAMLMessageSigningCredential(credentials);
-			context.setPeerEntityEndpoint(service);
-			context.setOutboundSAMLMessage(request);
-			context.setOutboundMessageTransport(responseAdapter);
-			context.setRelayState(relayState);
-
-			encoder.encode(context);
-			
-		} catch (final Exception e) {
-			log.warn("Can not encode SAML2 request", e);
-			throw new SecurityException(e);
-			
-		}
-	} 
-
-	@Override
-	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
-			throws MessageEncodingException, SecurityException {
-
-		try {
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			
-			log.debug("create SAML POSTBinding response");
-			
-			//initialize POST binding encoder with template decoration
-			final IVelocityGUIBuilderConfiguration guiConfig = guiConfigFactory.getSPSpecificSAML2PostConfiguration(
-							pendingReq, 
-							"pvp_postbinding_template.html",  
-							authConfig.getConfigurationRootDirectory());								
-			final HTTPPostEncoderWithOwnTemplate encoder = new HTTPPostEncoderWithOwnTemplate(guiConfig, guiBuilder,
-					VelocityProvider.getClassPathVelocityEngine());	
-			
-			//set OpenSAML2 process parameter into binding context dao			
-			final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					resp, true);
-			final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-			final SingleSignOnService service = new SingleSignOnServiceBuilder()
-					.buildObject();
-			service.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-			service.setLocation(targetLocation);
-			context.setOutboundSAMLMessageSigningCredential(credentials);			
-			context.setPeerEntityEndpoint(service);
-			// context.setOutboundMessage(authReq);
-			context.setOutboundSAMLMessage(response);
-			context.setOutboundMessageTransport(responseAdapter);
-			context.setRelayState(relayState);
-
-			encoder.encode(context);
-
-		} catch (final Exception e) {
-			log.warn("Can not encode SAML2 response", e);
-			throw new SecurityException(e);
-			
-		} 
-	}
-
-	@Override
-	public InboundMessageInterface decode(HttpServletRequest req,
-			HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException,
-			SecurityException {
-
-		final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
-		final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
-		//set metadata descriptor type
-		if (isSPEndPoint) {
-			messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-			decode.setURIComparator(comparator);
-			
-		} else {
-			messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-			decode.setURIComparator(comparator);
-		}
-							
-		messageContext.setMetadataProvider(metadataProvider);
-		
-		//set security policy context
-		final BasicSecurityPolicy policy = new BasicSecurityPolicy();
-		policy.getPolicyRules().add( 
-				new PVPSignedRequestPolicyRule(metadataProvider,
-						TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider),
-						messageContext.getPeerEntityRole()));		
-		final SecurityPolicyResolver secResolver = new StaticSecurityPolicyResolver(policy);
-		messageContext.setSecurityPolicyResolver(secResolver);
-		
-		decode.decode(messageContext);
-		
-		InboundMessage msg = null;		
-		if (messageContext.getInboundMessage() instanceof RequestAbstractType) {			
-			final RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
-					.getInboundMessage();			
-			msg = new PVPSProfileRequest(inboundMessage, getSAML2BindingName());
-			msg.setEntityID(inboundMessage.getIssuer().getValue());
-			
-		} else if (messageContext.getInboundMessage() instanceof StatusResponseType){
-			final StatusResponseType inboundMessage = (StatusResponseType) messageContext.getInboundMessage();
-			msg = new PVPSProfileResponse(inboundMessage);
-			msg.setEntityID(inboundMessage.getIssuer().getValue());
-			
-		} else
-			//create empty container if request type is unknown
-			msg = new InboundMessage();
-				
-		if (messageContext.getPeerEntityMetadata() != null)
-			msg.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
-		
-		else {
-			if (StringUtils.isEmpty(msg.getEntityID()))
-				log.info("No Metadata found for OA with EntityID " + messageContext.getInboundMessageIssuer());
-		}
-				
-
-		msg.setVerified(true);
-		msg.setRelayState(messageContext.getRelayState());
-		
-		return msg;
-	}
-
-	@Override
-	public boolean handleDecode(String action, HttpServletRequest req) {
-		return (req.getMethod().equals("POST") && action.equals(PVPConstants.POST));
-	}
-	
-	@Override
-	public String getSAML2BindingName() {
-		return SAMLConstants.SAML2_POST_BINDING_URI;
-	}
+  private static final Logger log = LoggerFactory.getLogger(PostBinding.class);
+
+  @Autowired(required = true)
+  IConfiguration authConfig;
+  @Autowired(required = true)
+  IVelocityGuiFormBuilder guiBuilder;
+  @Autowired(required = true)
+  IGuiBuilderConfigurationFactory guiConfigFactory;
+
+  @Override
+  public void encodeRequest(final HttpServletRequest req, final HttpServletResponse resp,
+      final RequestAbstractType request, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException {
+
+    try {
+      // load default PVP security configurations
+      EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+      // initialize POST binding encoder with template decoration
+      final IVelocityGuiBuilderConfiguration guiConfig =
+          guiConfigFactory.getSpSpecificSaml2PostConfiguration(pendingReq,
+              "pvp_postbinding_template.html", authConfig.getConfigurationRootDirectory());
+
+      final HttpPostEncoderWithOwnTemplate encoder = new HttpPostEncoderWithOwnTemplate(guiConfig,
+          guiBuilder, VelocityProvider.getClassPathVelocityEngine());
+
+      // set OpenSAML2 process parameter into binding context dao
+      final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(resp, true);
+      final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+          new BasicSAMLMessageContext<>();
+      final SingleSignOnService service = new SingleSignOnServiceBuilder().buildObject();
+      service.setBinding("urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST");
+      service.setLocation(targetLocation);
+
+      context.setOutboundSAMLMessageSigningCredential(credentials);
+      context.setPeerEntityEndpoint(service);
+      context.setOutboundSAMLMessage(request);
+      context.setOutboundMessageTransport(responseAdapter);
+      context.setRelayState(relayState);
+
+      encoder.encode(context);
+
+    } catch (final Exception e) {
+      log.warn("Can not encode SAML2 request", e);
+      throw new SecurityException(e);
+
+    }
+  }
+
+  @Override
+  public void encodeRespone(final HttpServletRequest req, final HttpServletResponse resp,
+      final StatusResponseType response, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException {
+
+    try {
+      // load default PVP security configurations
+      EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+      log.debug("create SAML POSTBinding response");
+
+      // initialize POST binding encoder with template decoration
+      final IVelocityGuiBuilderConfiguration guiConfig =
+          guiConfigFactory.getSpSpecificSaml2PostConfiguration(pendingReq,
+              "pvp_postbinding_template.html", authConfig.getConfigurationRootDirectory());
+      final HttpPostEncoderWithOwnTemplate encoder = new HttpPostEncoderWithOwnTemplate(guiConfig,
+          guiBuilder, VelocityProvider.getClassPathVelocityEngine());
+
+      // set OpenSAML2 process parameter into binding context dao
+      final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(resp, true);
+      final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+          new BasicSAMLMessageContext<>();
+      final SingleSignOnService service = new SingleSignOnServiceBuilder().buildObject();
+      service.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+      service.setLocation(targetLocation);
+      context.setOutboundSAMLMessageSigningCredential(credentials);
+      context.setPeerEntityEndpoint(service);
+      // context.setOutboundMessage(authReq);
+      context.setOutboundSAMLMessage(response);
+      context.setOutboundMessageTransport(responseAdapter);
+      context.setRelayState(relayState);
+
+      encoder.encode(context);
+
+    } catch (final Exception e) {
+      log.warn("Can not encode SAML2 response", e);
+      throw new SecurityException(e);
+
+    }
+  }
+
+  @Override
+  public InboundMessageInterface decode(final HttpServletRequest req,
+      final HttpServletResponse resp, final MetadataProvider metadataProvider,
+      final boolean isSpEndPoint, final URIComparator comparator)
+      throws MessageDecodingException, SecurityException {
+
+    final HTTPPostDecoder decode = new HTTPPostDecoder(new BasicParserPool());
+    final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+        new BasicSAMLMessageContext<>();
+    messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+    // set metadata descriptor type
+    if (isSpEndPoint) {
+      messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+      decode.setURIComparator(comparator);
+
+    } else {
+      messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+      decode.setURIComparator(comparator);
+    }
+
+    messageContext.setMetadataProvider(metadataProvider);
+
+    // set security policy context
+    final BasicSecurityPolicy policy = new BasicSecurityPolicy();
+    policy.getPolicyRules()
+        .add(new PvpSignedRequestPolicyRule(metadataProvider,
+            TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider),
+            messageContext.getPeerEntityRole()));
+    final SecurityPolicyResolver secResolver = new StaticSecurityPolicyResolver(policy);
+    messageContext.setSecurityPolicyResolver(secResolver);
+
+    decode.decode(messageContext);
+
+    InboundMessage msg = null;
+    if (messageContext.getInboundMessage() instanceof RequestAbstractType) {
+      final RequestAbstractType inboundMessage =
+          (RequestAbstractType) messageContext.getInboundMessage();
+      msg = new PvpSProfileRequest(inboundMessage, getSaml2BindingName());
+      msg.setEntityID(inboundMessage.getIssuer().getValue());
+
+    } else if (messageContext.getInboundMessage() instanceof StatusResponseType) {
+      final StatusResponseType inboundMessage =
+          (StatusResponseType) messageContext.getInboundMessage();
+      msg = new PvpSProfileResponse(inboundMessage);
+      msg.setEntityID(inboundMessage.getIssuer().getValue());
+
+    } else {
+      // create empty container if request type is unknown
+      msg = new InboundMessage();
+    }
+
+    if (messageContext.getPeerEntityMetadata() != null) {
+      msg.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+    } else {
+      if (StringUtils.isEmpty(msg.getEntityID())) {
+        log.info(
+            "No Metadata found for OA with EntityID " + messageContext.getInboundMessageIssuer());
+      }
+    }
+
+
+    msg.setVerified(true);
+    msg.setRelayState(messageContext.getRelayState());
+
+    return msg;
+  }
+
+  @Override
+  public boolean handleDecode(final String action, final HttpServletRequest req) {
+    return (req.getMethod().equals("POST") && action.equals(PvpConstants.POST));
+  }
+
+  @Override
+  public String getSaml2BindingName() {
+    return SAMLConstants.SAML2_POST_BINDING_URI;
+  }
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
index ca9b3d98..4e548d57 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/RedirectBinding.java
@@ -1,34 +1,38 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
+import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PvpAuthRequestSignedRole;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -58,182 +62,179 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileResponse;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
-import at.gv.egiz.eaaf.modules.pvp2.impl.validation.TrustEngineFactory;
-import at.gv.egiz.eaaf.modules.pvp2.impl.verification.PVPAuthRequestSignedRole;
-
 @Service("PVPRedirectBinding")
 public class RedirectBinding implements IDecoder, IEncoder {
-	
-	private static final Logger log = LoggerFactory.getLogger(RedirectBinding.class);
-	
-	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
-			throws MessageEncodingException, SecurityException {
-		
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			
-			log.debug("create SAML RedirectBinding response");
-			
-			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
-			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					resp, true);
-			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-			SingleSignOnService service = new SingleSignOnServiceBuilder()
-					.buildObject();
-			service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			service.setLocation(targetLocation);
-			context.setOutboundSAMLMessageSigningCredential(credentials);
-			context.setPeerEntityEndpoint(service);
-			context.setOutboundSAMLMessage(request);
-			context.setOutboundMessageTransport(responseAdapter);
-			context.setRelayState(relayState);
-
-			encoder.encode(context);
-	}
-
-	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation, String relayState, 
-			Credential credentials, IRequest pendingReq) throws MessageEncodingException, SecurityException {
-		
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			
-			log.debug("create SAML RedirectBinding response");
-			
-			HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
-			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					resp, true);
-			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-			SingleSignOnService service = new SingleSignOnServiceBuilder()
-					.buildObject();
-			service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			service.setLocation(targetLocation);
-			context.setOutboundSAMLMessageSigningCredential(credentials);
-			context.setPeerEntityEndpoint(service);
-			context.setOutboundSAMLMessage(response);
-			context.setOutboundMessageTransport(responseAdapter);
-			context.setRelayState(relayState);
-			
-			encoder.encode(context);
-			
-	}
-
-	public InboundMessageInterface decode(HttpServletRequest req,
-			HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException,
-			SecurityException {
-
-		HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(
-				new BasicParserPool());
-		
-		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(req));
-		
-		//set metadata descriptor type
-		if (isSPEndPoint) {
-			messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-			decode.setURIComparator(comparator);
-			
-		} else {
-			messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-			decode.setURIComparator(comparator);
-		}
-							
-		messageContext.setMetadataProvider(metadataProvider);
-				
-		SAML2HTTPRedirectDeflateSignatureRule signatureRule = new SAML2HTTPRedirectDeflateSignatureRule(
-				TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
-		PVPAuthRequestSignedRole signedRole = new PVPAuthRequestSignedRole();
-		BasicSecurityPolicy policy = new BasicSecurityPolicy(); 
-		policy.getPolicyRules().add(signedRole);
-		policy.getPolicyRules().add(signatureRule);		
-		SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
-				policy);		
-		messageContext.setSecurityPolicyResolver(resolver);
-		
-		//set metadata descriptor type
-		if (isSPEndPoint)
-			messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		else
-			messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		
-		try {		
-			decode.decode(messageContext);		
-
-			//check signature
-			signatureRule.evaluate(messageContext);
-			
-		} catch (SecurityException e) {
-			if (StringUtils.isEmpty(messageContext.getInboundMessageIssuer())) {
-				throw e;
-			
-			}
-			
-			if (metadataProvider instanceof IRefreshableMetadataProvider) {
-				log.debug("PVP2X message validation FAILED. Reload metadata for entityID: " + messageContext.getInboundMessageIssuer());
-				if (!((IRefreshableMetadataProvider) metadataProvider).refreshMetadataProvider(messageContext.getInboundMessageIssuer()))
-					throw e;
-				
-				else {
-					log.trace("PVP2X metadata reload finished. Check validate message again.");
-					decode.decode(messageContext);		
-
-					//check signature
-					signatureRule.evaluate(messageContext);					
-										
-				}
-				log.trace("Second PVP2X message validation finished");
-				
-			} else {
-				throw e;
-				
-			}
-		}		
-					
-		InboundMessage msg = null;
-		if (messageContext.getInboundMessage() instanceof RequestAbstractType) {			
-			RequestAbstractType inboundMessage = (RequestAbstractType) messageContext
-					.getInboundMessage();			
-			msg = new PVPSProfileRequest(inboundMessage, getSAML2BindingName());
-			
-			
-		} else if (messageContext.getInboundMessage() instanceof StatusResponseType){
-			StatusResponseType inboundMessage = (StatusResponseType) messageContext.getInboundMessage();			
-			msg = new PVPSProfileResponse(inboundMessage);
-			
-		} else 
-			//create empty container if request type is unknown
-			msg = new InboundMessage();
-
-		if (messageContext.getPeerEntityMetadata() != null)
-			msg.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
-		
-		else
-			log.info("No Metadata found for OA with EntityID " + messageContext.getInboundMessageIssuer());
-		
-		msg.setVerified(true);
-		msg.setRelayState(messageContext.getRelayState());
-		
-		return msg;
-	}
-
-	public boolean handleDecode(String action, HttpServletRequest req) {
-		return ((action.equals(PVPConstants.REDIRECT) || action.equals(PVPConstants.SINGLELOGOUT)) 
-				&& req.getMethod().equals("GET"));
-	}
-	
-	public String getSAML2BindingName() {
-		return SAMLConstants.SAML2_REDIRECT_BINDING_URI;
-	}
+
+  private static final Logger log = LoggerFactory.getLogger(RedirectBinding.class);
+
+  @Override
+  public void encodeRequest(final HttpServletRequest req, final HttpServletResponse resp,
+      final RequestAbstractType request, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException {
+
+    // load default PVP security configurations
+    EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+    log.debug("create SAML RedirectBinding response");
+
+    final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
+    final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(resp, true);
+    final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+        new BasicSAMLMessageContext<>();
+    final SingleSignOnService service = new SingleSignOnServiceBuilder().buildObject();
+    service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+    service.setLocation(targetLocation);
+    context.setOutboundSAMLMessageSigningCredential(credentials);
+    context.setPeerEntityEndpoint(service);
+    context.setOutboundSAMLMessage(request);
+    context.setOutboundMessageTransport(responseAdapter);
+    context.setRelayState(relayState);
+
+    encoder.encode(context);
+  }
+
+  @Override
+  public void encodeRespone(final HttpServletRequest req, final HttpServletResponse resp,
+      final StatusResponseType response, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException {
+
+    // load default PVP security configurations
+    EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+    log.debug("create SAML RedirectBinding response");
+
+    final HTTPRedirectDeflateEncoder encoder = new HTTPRedirectDeflateEncoder();
+    final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(resp, true);
+    final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+        new BasicSAMLMessageContext<>();
+    final SingleSignOnService service = new SingleSignOnServiceBuilder().buildObject();
+    service.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+    service.setLocation(targetLocation);
+    context.setOutboundSAMLMessageSigningCredential(credentials);
+    context.setPeerEntityEndpoint(service);
+    context.setOutboundSAMLMessage(response);
+    context.setOutboundMessageTransport(responseAdapter);
+    context.setRelayState(relayState);
+
+    encoder.encode(context);
+
+  }
+
+  @Override
+  public InboundMessageInterface decode(final HttpServletRequest req,
+      final HttpServletResponse resp, final MetadataProvider metadataProvider,
+      final boolean isSpEndPoint, final URIComparator comparator)
+      throws MessageDecodingException, SecurityException {
+
+    final HTTPRedirectDeflateDecoder decode = new HTTPRedirectDeflateDecoder(new BasicParserPool());
+
+    final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+        new BasicSAMLMessageContext<>();
+    messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+
+    // set metadata descriptor type
+    if (isSpEndPoint) {
+      messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+      decode.setURIComparator(comparator);
+
+    } else {
+      messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+      decode.setURIComparator(comparator);
+    }
+
+    messageContext.setMetadataProvider(metadataProvider);
+
+    final SAML2HTTPRedirectDeflateSignatureRule signatureRule =
+        new SAML2HTTPRedirectDeflateSignatureRule(
+            TrustEngineFactory.getSignatureKnownKeysTrustEngine(metadataProvider));
+    final PvpAuthRequestSignedRole signedRole = new PvpAuthRequestSignedRole();
+    final BasicSecurityPolicy policy = new BasicSecurityPolicy();
+    policy.getPolicyRules().add(signedRole);
+    policy.getPolicyRules().add(signatureRule);
+    final SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(policy);
+    messageContext.setSecurityPolicyResolver(resolver);
+
+    // set metadata descriptor type
+    if (isSpEndPoint) {
+      messageContext.setPeerEntityRole(IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+    } else {
+      messageContext.setPeerEntityRole(SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+    }
+
+    try {
+      decode.decode(messageContext);
+
+      // check signature
+      signatureRule.evaluate(messageContext);
+
+    } catch (final SecurityException e) {
+      if (StringUtils.isEmpty(messageContext.getInboundMessageIssuer())) {
+        throw e;
+
+      }
+
+      if (metadataProvider instanceof IRefreshableMetadataProvider) {
+        log.debug("PVP2X message validation FAILED. Reload metadata for entityID: "
+            + messageContext.getInboundMessageIssuer());
+        if (!((IRefreshableMetadataProvider) metadataProvider)
+            .refreshMetadataProvider(messageContext.getInboundMessageIssuer())) {
+          throw e;
+        } else {
+          log.trace("PVP2X metadata reload finished. Check validate message again.");
+          decode.decode(messageContext);
+
+          // check signature
+          signatureRule.evaluate(messageContext);
+
+        }
+        log.trace("Second PVP2X message validation finished");
+
+      } else {
+        throw e;
+
+      }
+    }
+
+    InboundMessage msg = null;
+    if (messageContext.getInboundMessage() instanceof RequestAbstractType) {
+      final RequestAbstractType inboundMessage =
+          (RequestAbstractType) messageContext.getInboundMessage();
+      msg = new PvpSProfileRequest(inboundMessage, getSaml2BindingName());
+
+
+    } else if (messageContext.getInboundMessage() instanceof StatusResponseType) {
+      final StatusResponseType inboundMessage =
+          (StatusResponseType) messageContext.getInboundMessage();
+      msg = new PvpSProfileResponse(inboundMessage);
+
+    } else {
+      // create empty container if request type is unknown
+      msg = new InboundMessage();
+    }
+
+    if (messageContext.getPeerEntityMetadata() != null) {
+      msg.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+    } else {
+      log.info(
+          "No Metadata found for OA with EntityID " + messageContext.getInboundMessageIssuer());
+    }
+
+    msg.setVerified(true);
+    msg.setRelayState(messageContext.getRelayState());
+
+    return msg;
+  }
+
+  @Override
+  public boolean handleDecode(final String action, final HttpServletRequest req) {
+    return ((action.equals(PvpConstants.REDIRECT) || action.equals(PvpConstants.SINGLELOGOUT))
+        && req.getMethod().equals("GET"));
+  }
+
+  @Override
+  public String getSaml2BindingName() {
+    return SAMLConstants.SAML2_REDIRECT_BINDING_URI;
+  }
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
index c70060ad..79a88487 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/binding/SoapBinding.java
@@ -1,36 +1,36 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.binding;
 
 import java.util.List;
-
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
-
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.exception.AttributQueryException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
@@ -56,117 +56,112 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
 
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.binding.IEncoder;
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.exception.AttributQueryException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
-
 @Service("PVPSOAPBinding")
 public class SoapBinding implements IDecoder, IEncoder {
 
-	private static final Logger log = LoggerFactory.getLogger(SoapBinding.class);
-	public InboundMessageInterface decode(HttpServletRequest req,
-			HttpServletResponse resp, MetadataProvider metadataProvider, boolean isSPEndPoint, URIComparator comparator) throws MessageDecodingException,
-			SecurityException, PVP2Exception {
-		HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
-		BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext = 
-				new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-		messageContext
-				.setInboundMessageTransport(new HttpServletRequestAdapter(
-						req));		
-		messageContext.setMetadataProvider(metadataProvider);
-
-		//TODO: update in a futher version: 
-		//      requires a special SignedSOAPRequestPolicyRole because 
-		//		messageContext.getInboundMessage() is not directly signed
-		
-		//set security context
-//		BasicSecurityPolicy policy = new BasicSecurityPolicy();
-//		policy.getPolicyRules().add(
-//				new MOAPVPSignedRequestPolicyRule(
-//						TrustEngineFactory.getSignatureKnownKeysTrustEngine(),
-//						SPSSODescriptor.DEFAULT_ELEMENT_NAME));		
-//		SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
-//				policy);			
-//		messageContext.setSecurityPolicyResolver(resolver);
-		
-		//decode message
-		soapDecoder.decode(messageContext);
-		
-		Envelope inboundMessage = (Envelope) messageContext
-				.getInboundMessage();
-		
-		if (inboundMessage.getBody() != null) {		
-			List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
-		
-			if (!xmlElemList.isEmpty()) {
-				SignableXMLObject attrReq = (SignableXMLObject) xmlElemList.get(0);			
-				PVPSProfileRequest request = new PVPSProfileRequest(attrReq, getSAML2BindingName());				
-				
-				if (messageContext.getPeerEntityMetadata() != null)
-					request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
-				
-				else if (attrReq instanceof RequestAbstractType) {
-					RequestAbstractType attributeRequest = (RequestAbstractType) attrReq;
-					try {						
-						if (StringUtils.isNotEmpty(attributeRequest.getIssuer().getValue()) && 
-								metadataProvider.getRole(
-										attributeRequest.getIssuer().getValue(), 
-										SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null)
-							request.setEntityID(attributeRequest.getIssuer().getValue());
-						
-					} catch (Exception e) {
-						log.warn("No Metadata found with EntityID " + attributeRequest.getIssuer().getValue());
-					}					
-				} 
-				
-				request.setVerified(false);			
-				return request;
-						
-			} 
-		}  
-		
-		log.error("Receive empty PVP 2.1 attributequery request.");
-		throw new AttributQueryException("Receive empty PVP 2.1 attributequery request.", null);
-	} 
-
-	public boolean handleDecode(String action, HttpServletRequest req) {
-		return (req.getMethod().equals("POST") && 
-				(action.equals(PVPConstants.SOAP) || action.equals(PVPConstants.ATTRIBUTEQUERY)));
-	}
-
-	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
-			throws MessageEncodingException, SecurityException, PVP2Exception {
-		
-	}
-
-	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
-			throws MessageEncodingException, SecurityException, PVP2Exception {
-			
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			
-			HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
-			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
-					resp, true);
-			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
-			context.setOutboundSAMLMessageSigningCredential(credentials);
-			context.setOutboundSAMLMessage(response);
-			context.setOutboundMessageTransport(responseAdapter);
-			
-			encoder.encode(context);
-			
-	}
-	
-	public String getSAML2BindingName() {
-		return SAMLConstants.SAML2_SOAP11_BINDING_URI;
-	}
+  private static final Logger log = LoggerFactory.getLogger(SoapBinding.class);
+
+  @Override
+  public InboundMessageInterface decode(final HttpServletRequest req,
+      final HttpServletResponse resp, final MetadataProvider metadataProvider,
+      final boolean isSpEndPoint, final URIComparator comparator)
+      throws MessageDecodingException, SecurityException, Pvp2Exception {
+    final HTTPSOAP11Decoder soapDecoder = new HTTPSOAP11Decoder(new BasicParserPool());
+    final BasicSAMLMessageContext<SAMLObject, ?, ?> messageContext =
+        new BasicSAMLMessageContext<>();
+    messageContext.setInboundMessageTransport(new HttpServletRequestAdapter(req));
+    messageContext.setMetadataProvider(metadataProvider);
+
+    // TODO: update in a futher version:
+    // requires a special SignedSOAPRequestPolicyRole because
+    // messageContext.getInboundMessage() is not directly signed
+
+    // set security context
+    // BasicSecurityPolicy policy = new BasicSecurityPolicy();
+    // policy.getPolicyRules().add(
+    // new MOAPVPSignedRequestPolicyRule(
+    // TrustEngineFactory.getSignatureKnownKeysTrustEngine(),
+    // SPSSODescriptor.DEFAULT_ELEMENT_NAME));
+    // SecurityPolicyResolver resolver = new StaticSecurityPolicyResolver(
+    // policy);
+    // messageContext.setSecurityPolicyResolver(resolver);
+
+    // decode message
+    soapDecoder.decode(messageContext);
+
+    final Envelope inboundMessage = (Envelope) messageContext.getInboundMessage();
+
+    if (inboundMessage.getBody() != null) {
+      final List<XMLObject> xmlElemList = inboundMessage.getBody().getUnknownXMLObjects();
+
+      if (!xmlElemList.isEmpty()) {
+        final SignableXMLObject attrReq = (SignableXMLObject) xmlElemList.get(0);
+        final PvpSProfileRequest request = new PvpSProfileRequest(attrReq, getSaml2BindingName());
+
+        if (messageContext.getPeerEntityMetadata() != null) {
+          request.setEntityID(messageContext.getPeerEntityMetadata().getEntityID());
+        } else if (attrReq instanceof RequestAbstractType) {
+          final RequestAbstractType attributeRequest = (RequestAbstractType) attrReq;
+          try {
+            if (StringUtils.isNotEmpty(attributeRequest.getIssuer().getValue())
+                && metadataProvider.getRole(attributeRequest.getIssuer().getValue(),
+                    SPSSODescriptor.DEFAULT_ELEMENT_NAME) != null) {
+              request.setEntityID(attributeRequest.getIssuer().getValue());
+            }
+
+          } catch (final Exception e) {
+            log.warn("No Metadata found with EntityID " + attributeRequest.getIssuer().getValue());
+          }
+        }
+
+        request.setVerified(false);
+        return request;
+
+      }
+    }
+
+    log.error("Receive empty PVP 2.1 attributequery request.");
+    throw new AttributQueryException("Receive empty PVP 2.1 attributequery request.", null);
+  }
+
+  @Override
+  public boolean handleDecode(final String action, final HttpServletRequest req) {
+    return (req.getMethod().equals("POST")
+        && (action.equals(PvpConstants.SOAP) || action.equals(PvpConstants.ATTRIBUTEQUERY)));
+  }
+
+  @Override
+  public void encodeRequest(final HttpServletRequest req, final HttpServletResponse resp,
+      final RequestAbstractType request, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException, Pvp2Exception {
+
+  }
+
+  @Override
+  public void encodeRespone(final HttpServletRequest req, final HttpServletResponse resp,
+      final StatusResponseType response, final String targetLocation, final String relayState,
+      final Credential credentials, final IRequest pendingReq)
+      throws MessageEncodingException, SecurityException, Pvp2Exception {
+
+    // load default PVP security configurations
+    EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+    final HTTPSOAP11Encoder encoder = new HTTPSOAP11Encoder();
+    final HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(resp, true);
+    final BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context =
+        new BasicSAMLMessageContext<>();
+    context.setOutboundSAMLMessageSigningCredential(credentials);
+    context.setOutboundSAMLMessage(response);
+    context.setOutboundMessageTransport(responseAdapter);
+
+    encoder.encode(context);
+
+  }
+
+  @Override
+  public String getSaml2BindingName() {
+    return SAMLConstants.SAML2_SOAP11_BINDING_URI;
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
index c38b04bd..9765f520 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/CitizenTokenBuilder.java
@@ -1,31 +1,25 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
 
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeValue;
 import org.opensaml.xml.Configuration;
@@ -35,87 +29,118 @@ import org.opensaml.xml.schema.XSString;
 import org.opensaml.xml.schema.impl.XSIntegerBuilder;
 import org.opensaml.xml.schema.impl.XSStringBuilder;
 
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
-
+/**
+ * Build all attributes from PVP2 citizen-token.
+ *
+ * @author tlenz
+ *
+ */
 public class CitizenTokenBuilder {
 
-	public static XMLObject buildAttributeStringValue(String value) {
-		XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
-		XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
-		stringValue.setValue(value);
-		return stringValue;
-	} 
-	
-	public static XMLObject buildAttributeIntegerValue(int value) {
-		XSIntegerBuilder integerBuilder = (XSIntegerBuilder) Configuration.getBuilderFactory().getBuilder(XSInteger.TYPE_NAME);
-		XSInteger integerValue = integerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
-		integerValue.setValue(value);
-		return integerValue;
-	}
-	
-	public static Attribute buildStringAttribute(String friendlyName, 
-			String name, String value) {
-		Attribute attribute = 
-				SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.getAttributeValues().add(buildAttributeStringValue(value));
-		return attribute;
-	}
-	
-	public static Attribute buildIntegerAttribute(String friendlyName, 
-			String name, int value) {
-		Attribute attribute = 
-				SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.getAttributeValues().add(buildAttributeIntegerValue(value));
-		return attribute;
-	}
-	
-	public static Attribute buildPVPVersion(String value) {
-		return buildStringAttribute("PVP-VERSION",
-				"urn:oid:1.2.40.0.10.2.1.1.261.10", value);
-	}
-	
-	public static Attribute buildSecClass(int value) {
-		return buildIntegerAttribute("SECCLASS",
-				"", value);
-	}
-	
-	public static Attribute buildPrincipalName(String value) {
-		return buildStringAttribute("PRINCIPAL-NAME",
-				"urn:oid:1.2.40.0.10.2.1.1.261.20", value);
-	}
-	
-	public static Attribute buildGivenName(String value) {
-		return buildStringAttribute("GIVEN-NAME",
-				"urn:oid:2.5.4.42", value);
-	}
-	
-	public static Attribute buildBirthday(String value) {
-		return buildStringAttribute("BIRTHDATE",
-				"urn:oid:1.2.40.0.10.2.1.1.55", value);
-	}
-	
-	public static Attribute buildBPK(String value) {
-		return buildStringAttribute("BPK",
-				"urn:oid:1.2.40.0.10.2.1.1.149", value);
-	}
-	
-	public static Attribute buildEID_CITIZEN_QAALEVEL(int value) {
-		return buildIntegerAttribute("EID-CITIZEN-QAA-LEVEL",
-				"urn:oid:1.2.40.0.10.2.1.1.261.94", value);
-	}
-	
-	public static Attribute buildEID_ISSUING_NATION(String value) {
-		return buildStringAttribute("EID-ISSUING-NATION",
-				"urn:oid:1.2.40.0.10.2.1.1.261.32", value);
-	}
-	
-	public static Attribute buildEID_SECTOR_FOR_IDENTIFIER(String value) {
-		return buildStringAttribute("EID-SECTOR-FOR-IDENTIFIER",
-				"urn:oid:1.2.40.0.10.2.1.1.261.34", value);
-	}
-	
+  /**
+   * Build simple attribute.
+   *
+   * @param value Attributevalue
+   * @return XML attribute
+   */
+  public static XMLObject buildAttributeStringValue(final String value) {
+    final XSStringBuilder stringBuilder =
+        (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
+    final XSString stringValue =
+        stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+    stringValue.setValue(value);
+    return stringValue;
+  }
+
+  /**
+   * Build simple attribute.
+   *
+   * @param value Attributevalue
+   * @return XML attribute
+   */
+  public static XMLObject buildAttributeIntegerValue(final int value) {
+    final XSIntegerBuilder integerBuilder =
+        (XSIntegerBuilder) Configuration.getBuilderFactory().getBuilder(XSInteger.TYPE_NAME);
+    final XSInteger integerValue =
+        integerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
+    integerValue.setValue(value);
+    return integerValue;
+  }
+
+  /**
+   * Build simple attribute.
+   *
+   * @param friendlyName attribute friendly-name
+   * @param value Attributevalue
+   * @return XML attribute
+   */
+  public static Attribute buildStringAttribute(final String friendlyName, final String name,
+      final String value) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.getAttributeValues().add(buildAttributeStringValue(value));
+    return attribute;
+  }
+
+  /**
+   * Build simple attribute.
+   *
+   * @param friendlyName attribute friendly-name
+   * @param value Attributevalue
+   * @return XML attribute
+   */
+  public static Attribute buildIntegerAttribute(final String friendlyName, final String name,
+      final int value) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.getAttributeValues().add(buildAttributeIntegerValue(value));
+    return attribute;
+  }
+
+  /**
+   * Build PVP version attribute.
+   *
+   * @param value PVP Version
+   * @return SAML2 Attribute
+   */
+  public static Attribute buildPvpVersion(final String value) {
+    return buildStringAttribute("PVP-VERSION", "urn:oid:1.2.40.0.10.2.1.1.261.10", value);
+  }
+
+  public static Attribute buildSecClass(final int value) {
+    return buildIntegerAttribute("SECCLASS", "", value);
+  }
+
+  public static Attribute buildPrincipalName(final String value) {
+    return buildStringAttribute("PRINCIPAL-NAME", "urn:oid:1.2.40.0.10.2.1.1.261.20", value);
+  }
+
+  public static Attribute buildGivenName(final String value) {
+    return buildStringAttribute("GIVEN-NAME", "urn:oid:2.5.4.42", value);
+  }
+
+  public static Attribute buildBirthday(final String value) {
+    return buildStringAttribute("BIRTHDATE", "urn:oid:1.2.40.0.10.2.1.1.55", value);
+  }
+
+  public static Attribute buildBpk(final String value) {
+    return buildStringAttribute("BPK", "urn:oid:1.2.40.0.10.2.1.1.149", value);
+  }
+
+  public static Attribute buildEid_Citizen_QaaLevel(final int value) {
+    return buildIntegerAttribute("EID-CITIZEN-QAA-LEVEL", "urn:oid:1.2.40.0.10.2.1.1.261.94",
+        value);
+  }
+
+  public static Attribute buildEid_Issuing_Nation(final String value) {
+    return buildStringAttribute("EID-ISSUING-NATION", "urn:oid:1.2.40.0.10.2.1.1.261.32", value);
+  }
+
+  public static Attribute buildEid_Sector_For_Identifier(final String value) {
+    return buildStringAttribute("EID-SECTOR-FOR-IDENTIFIER", "urn:oid:1.2.40.0.10.2.1.1.261.34",
+        value);
+  }
+
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPAttributeBuilder.java
deleted file mode 100644
index 0d9e38e0..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPAttributeBuilder.java
+++ /dev/null
@@ -1,221 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.ServiceLoader;
-
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
-import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
-import at.gv.egiz.eaaf.core.api.idp.IAuthData;
-import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
-import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
-import at.gv.egiz.eaaf.core.exceptions.InvalidDateFormatAttributeException;
-import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
-import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
-import at.gv.egiz.eaaf.modules.pvp2.exception.InvalidDateFormatException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2Exception;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
-
-public class PVPAttributeBuilder {
-	
-	private static final Logger log = LoggerFactory.getLogger(PVPAttributeBuilder.class);
-	
-	private static IAttributeGenerator<Attribute> generator = new SamlAttributeGenerator();	
-	private static HashMap<String, IAttributeBuilder> builders;
-	
-	private static ServiceLoader<IAttributeBuilder> attributBuilderLoader = 
-			ServiceLoader.load(IAttributeBuilder.class);
-	
-	private static void addBuilder(IAttributeBuilder builder) {
-		builders.put(builder.getName(), builder);
-	}
-	 
-	static {
-		builders = new HashMap<String, IAttributeBuilder>();
-		
-		log.info("Loading protocol attribut-builder modules:");
-		if (attributBuilderLoader != null ) {		
-			Iterator<IAttributeBuilder> moduleLoaderInterator = attributBuilderLoader.iterator();
-			while (moduleLoaderInterator.hasNext()) {
-				try {
-					IAttributeBuilder modul = moduleLoaderInterator.next();
-					log.info("Loading attribut-builder Modul Information: " + modul.getName());
-					addBuilder(modul);
-					
-				} catch(Throwable e) {
-					log.error("Check configuration! " + "Some attribute-builder modul" + 
-							" is not a valid IAttributeBuilder", e);
-				}	
-			}
-		}
-		
-		log.info("Loading attribute-builder modules done");
-				
-	}
-	
-	
-	/**
-	 * Get a specific attribute builder
-	 * 
-	 * @param name Attribute-builder friendly name
-	 * 
-	 * @return Attribute-builder with this name or null if builder does not exists
-	 */
-	public static IAttributeBuilder getAttributeBuilder(String name) {
-		return builders.get(name);
-		
-	}
-	
-	public static Attribute buildAttribute(String name, ISPConfiguration  oaParam,
-			IAuthData authData) throws PVP2Exception, AttributeBuilderException {
-		if (builders.containsKey(name)) {
-			try {
-				return builders.get(name).build(oaParam, authData, generator);
-			}
-			catch (AttributeBuilderException e) {
-				if (e instanceof UnavailableAttributeException) {
-					throw e;
-					
-				} else if (e instanceof InvalidDateFormatAttributeException) {
-					throw new InvalidDateFormatException();
-										 
-				} else {
-					throw new UnavailableAttributeException(name);
-					
-				}
-			}
-		}
-		return null;
-	}
-	
-	public static Attribute buildEmptyAttribute(String name) {
-		if (builders.containsKey(name)) {
-			return builders.get(name).buildEmpty(generator);
-		}
-		return null;
-	}
-
-	public static Attribute buildAttribute(String name, String value) {
-		if (builders.containsKey(name)) {
-			return builders.get(name).buildEmpty(generator);
-		}
-		return null;
-	}
-	
-	
-	/**
-	 * Return all attributes that has a {@link PVPMETADATA} annotation
-	 * 
-	 * @return
-	 */
-	public static List<Attribute> buildSupportedEmptyAttributes() {
-		List<Attribute> attributes = new ArrayList<Attribute>();
-		Iterator<IAttributeBuilder> builderIt = builders.values().iterator();
-		while (builderIt.hasNext()) {
-			IAttributeBuilder builder = builderIt.next();
-			if (builder.getClass().isAnnotationPresent(PVPMETADATA.class)) {
-				Attribute emptyAttribute = builder.buildEmpty(generator);
-				if (emptyAttribute != null) {
-					attributes.add(emptyAttribute);
-				}
-				
-			} else {
-				log.trace(builder.getName() + "is no PVP Metadata attribute");
-				
-			}
-		}
-		return attributes;
-	}
-	
-	public static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) {
-		RequestedAttribute attribute = SAML2Utils.createSAMLObject(RequestedAttribute.class);
-		attribute.setIsRequired(required);
-		attribute.setName(name);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setNameFormat(Attribute.URI_REFERENCE);
-		return attribute;
-	}
-	
-	/**
-	 * Build a set of PVP Response-Attributes
-	 * <br><br>
-	 * <b>INFO:</b> If a specific attribute can not be build, a info is logged, but no execpetion is thrown.
-	 * Therefore, the return List must not include all requested attributes.    
-	 * 
-	 * @param authData AuthenticationData <code>IAuthData</code> which is used to build the attribute values, but never <code>null</code>
-	 * @param reqAttributenName List of PVP attribute names which are requested, but never <code>null</code>
-	 * @return List of PVP attributes, but never <code>null</code>
-	 */
-	public static List<Attribute> buildSetOfResponseAttributes(IAuthData authData, 
-			Collection<String> reqAttributenName) {
-		List<Attribute> attrList = new ArrayList<Attribute>();
-		if (reqAttributenName != null) {		
-			Iterator<String> it = reqAttributenName.iterator();
-			while (it.hasNext()) {
-				String reqAttributName = it.next();
-				try {
-					Attribute attr = PVPAttributeBuilder.buildAttribute(
-							reqAttributName, null, authData);
-					if (attr == null) {
-						log.info(
-								"Attribute generation failed! for "
-										+ reqAttributName);
-					
-					} else {
-						attrList.add(attr);
-					
-					}
-									
-				} catch (PVP2Exception e) {
-					log.info(
-							"Attribute generation failed! for "
-									+ reqAttributName);
-				
-				} catch (Exception e) {
-					log.warn(
-							"General Attribute generation failed! for "
-									+ reqAttributName, e);
-				
-				}
-			}
-		}
-		
-		return attrList;
-	}
-	
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPMetadataBuilder.java
deleted file mode 100644
index 61c6006b..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PVPMetadataBuilder.java
+++ /dev/null
@@ -1,450 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
-
-import java.io.IOException;
-import java.io.StringWriter;
-import java.util.Collection;
-import java.util.List;
-
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.Transformer;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.TransformerFactory;
-import javax.xml.transform.TransformerFactoryConfigurationError;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.transform.stream.StreamResult;
-
-import org.apache.commons.httpclient.auth.CredentialsNotAvailableException;
-import org.apache.commons.lang3.StringUtils;
-import org.joda.time.DateTime;
-import org.opensaml.Configuration;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.metadata.AssertionConsumerService;
-import org.opensaml.saml2.metadata.AttributeConsumingService;
-import org.opensaml.saml2.metadata.ContactPerson;
-import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.IDPSSODescriptor;
-import org.opensaml.saml2.metadata.KeyDescriptor;
-import org.opensaml.saml2.metadata.LocalizedString;
-import org.opensaml.saml2.metadata.NameIDFormat;
-import org.opensaml.saml2.metadata.Organization;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.saml2.metadata.RoleDescriptor;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.ServiceName;
-import org.opensaml.saml2.metadata.SingleLogoutService;
-import org.opensaml.saml2.metadata.SingleSignOnService;
-import org.opensaml.xml.io.Marshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.security.SecurityException;
-import org.opensaml.xml.security.SecurityHelper;
-import org.opensaml.xml.security.credential.Credential;
-import org.opensaml.xml.security.credential.UsageType;
-import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
-import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
-import org.opensaml.xml.signature.Signature;
-import org.opensaml.xml.signature.SignatureException;
-import org.opensaml.xml.signature.Signer;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.stereotype.Service;
-import org.w3c.dom.Document;
-
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPVPMetadataBuilderConfiguration;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
-
-/**
- * @author tlenz
- *
- */
-
-@Service("PVPMetadataBuilder")
-public class PVPMetadataBuilder {
- 
-	private static final Logger log = LoggerFactory.getLogger(PVPMetadataBuilder.class);
-	
-	X509KeyInfoGeneratorFactory keyInfoFactory = null;
-	
-	/**
-	 * 
-	 */
-	public PVPMetadataBuilder() {
-		keyInfoFactory = new X509KeyInfoGeneratorFactory();
-		keyInfoFactory.setEmitEntityIDAsKeyName(true);
-		keyInfoFactory.setEmitEntityCertificate(true);
-		
-	}
-	
-	
-	/**
-	 * 
-	 * Build PVP 2.1 conform SAML2 metadata
-	 * 
-	 * @param config 
-	 * 				PVPMetadataBuilder configuration
-	 * 
-	 * @return PVP metadata as XML String
-	 * @throws SecurityException 
-	 * @throws ConfigurationException 
-	 * @throws CredentialsNotAvailableException 
-	 * @throws TransformerFactoryConfigurationError 
-	 * @throws MarshallingException 
-	 * @throws TransformerException 
-	 * @throws ParserConfigurationException  
-	 * @throws IOException 
-	 * @throws SignatureException 
-	 */
-	public String buildPVPMetadata(IPVPMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, EAAFException, SecurityException, TransformerFactoryConfigurationError, MarshallingException, TransformerException, ParserConfigurationException, IOException, SignatureException {				
-		DateTime date = new DateTime();
-		EntityDescriptor entityDescriptor = SAML2Utils
-				.createSAMLObject(EntityDescriptor.class);
-		
-		//set entityID
-		entityDescriptor.setEntityID(config.getEntityID());		
-								
-		//set contact and organisation information
-		List<ContactPerson> contactPersons = config.getContactPersonInformation();
-		if (contactPersons != null)
-			entityDescriptor.getContactPersons().addAll(contactPersons);
-		
-		Organization organisation = config.getOrgansiationInformation();
-		if (organisation != null)
-			entityDescriptor.setOrganization(organisation);
-
-		//set IDP metadata
-		if (config.buildIDPSSODescriptor()) {
-			RoleDescriptor idpSSODesc = generateIDPMetadata(config);
-			if (idpSSODesc != null)
-				entityDescriptor.getRoleDescriptors().add(idpSSODesc);
-						
-		}
-		
-		//set SP metadata for interfederation
-		if (config.buildSPSSODescriptor()) {
-			RoleDescriptor spSSODesc = generateSPMetadata(config);
-			if (spSSODesc != null)
-				entityDescriptor.getRoleDescriptors().add(spSSODesc);
-		
-		}
-
-		//set metadata signature parameters
-		Credential metadataSignCred = config.getMetadataSigningCredentials();		
-		Signature signature = AbstractCredentialProvider.getIDPSignature(metadataSignCred);
-		SecurityHelper.prepareSignatureParams(signature, metadataSignCred, null, null);
-				
-		//initialize XML document builder
-		DocumentBuilder builder;
-		DocumentBuilderFactory factory = DocumentBuilderFactory
-				.newInstance();
-
-		builder = factory.newDocumentBuilder();
-		Document document = builder.newDocument();
-		
-
-		//build entities descriptor
-		if (config.buildEntitiesDescriptorAsRootElement()) {
-			EntitiesDescriptor entitiesDescriptor = 
-					SAML2Utils.createSAMLObject(EntitiesDescriptor.class);					
-			entitiesDescriptor.setName(config.getEntityFriendlyName());
-			entitiesDescriptor.setID(SAML2Utils.getSecureIdentifier());							
-			entitiesDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil()));			
-			entitiesDescriptor.getEntityDescriptors().add(entityDescriptor);
-			
-			//load default PVP security configurations
-			EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-			entitiesDescriptor.setSignature(signature);
-			
-			
-			//marshall document
-			Marshaller out = Configuration.getMarshallerFactory()
-					.getMarshaller(entitiesDescriptor);
-			out.marshall(entitiesDescriptor, document);
-						
-		} else {
-			entityDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil()));
-			entityDescriptor.setID(SAML2Utils.getSecureIdentifier());
-			
-			entityDescriptor.setSignature(signature);
-			
-			
-			
-			//marshall document
-			Marshaller out = Configuration.getMarshallerFactory()
-					.getMarshaller(entityDescriptor);
-			out.marshall(entityDescriptor, document);
-			
-		}
-		
-		//sign metadata
-		Signer.signObject(signature);
-
-		//transform metadata object to XML string
-		Transformer transformer = TransformerFactory.newInstance()
-				.newTransformer();
-
-		StringWriter sw = new StringWriter();
-		StreamResult sr = new StreamResult(sw);
-		DOMSource source = new DOMSource(document);
-		transformer.transform(source, sr);
-		sw.close();
-
-		return sw.toString();
-	}
-	
-	
-	private RoleDescriptor generateSPMetadata(IPVPMetadataBuilderConfiguration config) throws CredentialsNotAvailableException, SecurityException, EAAFException {		
-		SPSSODescriptor spSSODescriptor = SAML2Utils.createSAMLObject(SPSSODescriptor.class);
-		spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
-		spSSODescriptor.setAuthnRequestsSigned(config.wantAuthnRequestSigned());
-		spSSODescriptor.setWantAssertionsSigned(config.wantAssertionSigned());
-	
-		KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-		
-		//Set AuthRequest Signing certificate
-		Credential authcredential = config.getRequestorResponseSigningCredentials();
-		if (authcredential == null) {
-			log.warn("SP Metadata generation FAILED! --> Builder has NO request signing-credential. ");			
-			return null;
-						
-		} else {			
-			KeyDescriptor signKeyDescriptor = SAML2Utils
-					.createSAMLObject(KeyDescriptor.class);
-			signKeyDescriptor.setUse(UsageType.SIGNING);
-			signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));	
-			spSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-			
-		}
-		
-		//Set assertion encryption credentials		
-		Credential authEncCredential = config.getEncryptionCredentials();			
-
-		if (authEncCredential != null) {
-			KeyDescriptor encryKeyDescriptor = SAML2Utils
-					.createSAMLObject(KeyDescriptor.class);
-			encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
-			encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));	
-			spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
-			
-		} else {
-			log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
-			
-		}
-
-		//check nameID formates
-		if (config.getSPAllowedNameITTypes() == null || config.getSPAllowedNameITTypes().size() == 0) {
-			log.warn("SP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. ");
-			return null;
-			
-		} else {
-			for (String format : config.getSPAllowedNameITTypes()) {
-				NameIDFormat nameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
-				nameIDFormat.setFormat(format);		
-				spSSODescriptor.getNameIDFormats().add(nameIDFormat);
-						 	
-			}			
-		}
-		
-
-		//add POST-Binding assertion consumer services
-		if (StringUtils.isNotEmpty(config.getSPAssertionConsumerServicePostBindingURL())) {
-			AssertionConsumerService postassertionConsumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class);		
-			postassertionConsumerService.setIndex(0);
-			postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-			postassertionConsumerService.setLocation(config.getSPAssertionConsumerServicePostBindingURL());	
-			postassertionConsumerService.setIsDefault(true);
-			spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
-			
-		}
-		
-		//add POST-Binding assertion consumer services
-		if (StringUtils.isNotEmpty(config.getSPAssertionConsumerServiceRedirectBindingURL())) {
-			AssertionConsumerService redirectassertionConsumerService = SAML2Utils.createSAMLObject(AssertionConsumerService.class);		
-			redirectassertionConsumerService.setIndex(1);
-			redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			redirectassertionConsumerService.setLocation(config.getSPAssertionConsumerServiceRedirectBindingURL());
-			spSSODescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService);
-			
-		}
-		
-		//validate WebSSO endpoints
-		if (spSSODescriptor.getAssertionConsumerServices().size() == 0) {
-			log.warn("SP Metadata generation FAILED! --> NO SAML2 AssertionConsumerService endpoint found. ");
-			return null;
-			
-		}
-		
-		//add POST-Binding SLO descriptor
-		if (StringUtils.isNotEmpty(config.getSPSLOPostBindingURL())) {
-			SingleLogoutService postSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class);			
-			postSLOService.setLocation(config.getSPSLOPostBindingURL());
-			postSLOService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-			spSSODescriptor.getSingleLogoutServices().add(postSLOService);
-			
-		}
-		
-		//add POST-Binding SLO descriptor
-		if (StringUtils.isNotEmpty(config.getSPSLORedirectBindingURL())) {
-			SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class);			
-			redirectSLOService.setLocation(config.getSPSLORedirectBindingURL());
-			redirectSLOService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			spSSODescriptor.getSingleLogoutServices().add(redirectSLOService);
-			
-		}
-		
-		//add POST-Binding SLO descriptor
-		if (StringUtils.isNotEmpty(config.getSPSLOSOAPBindingURL())) {
-			SingleLogoutService soapSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class);			
-			soapSLOService.setLocation(config.getSPSLOSOAPBindingURL());
-			soapSLOService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
-			spSSODescriptor.getSingleLogoutServices().add(soapSLOService);
-			
-		}
-		
-		
-		//add required attributes
-		Collection<RequestedAttribute> reqSPAttr = config.getSPRequiredAttributes();
-		AttributeConsumingService attributeService = SAML2Utils.createSAMLObject(AttributeConsumingService.class);		
-			
-		attributeService.setIndex(0);
-		attributeService.setIsDefault(true);
-		ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
-		serviceName.setName(new LocalizedString("Default Service", "en"));
-		attributeService.getNames().add(serviceName);
-
-		if (reqSPAttr != null && reqSPAttr.size() > 0) {
-			log.debug("Add " + reqSPAttr.size() + " attributes to SP metadata");
-			attributeService.getRequestAttributes().addAll(reqSPAttr);
-			
-		} else {
-			log.debug("SP metadata contains NO requested attributes.");
-			
-		}
-			
-		spSSODescriptor.getAttributeConsumingServices().add(attributeService);
-						
-		return spSSODescriptor;
-	}
-	
-	private IDPSSODescriptor generateIDPMetadata(IPVPMetadataBuilderConfiguration config) throws EAAFException, CredentialsNotAvailableException, SecurityException {					
-		//check response signing credential
-		Credential responseSignCred = config.getRequestorResponseSigningCredentials();
-		if (responseSignCred == null) {
-			log.warn("IDP Metadata generation FAILED! --> Builder has NO Response signing credential. ");			
-			return null;
-			
-		}
-
-		//check nameID formates
-		if (config.getIDPPossibleNameITTypes() == null || config.getIDPPossibleNameITTypes().size() == 0) {
-			log.warn("IDP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. ");
-			return null;
-			
-		}
-				
-		// build SAML2 IDP-SSO descriptor element
-		IDPSSODescriptor idpSSODescriptor = SAML2Utils
-				.createSAMLObject(IDPSSODescriptor.class);
-
-		idpSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
-
-		//set ass default value, because PVP 2.x specification defines this feature as MUST
-		idpSSODescriptor.setWantAuthnRequestsSigned(config.wantAuthnRequestSigned());			
-		
-		// add WebSSO descriptor for POST-Binding
-		if (StringUtils.isNotEmpty(config.getIDPWebSSOPostBindingURL())) {
-			SingleSignOnService postSingleSignOnService = SAML2Utils.createSAMLObject(SingleSignOnService.class);
-			postSingleSignOnService.setLocation(config.getIDPWebSSOPostBindingURL());
-			postSingleSignOnService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-			idpSSODescriptor.getSingleSignOnServices().add(postSingleSignOnService);
-						
-		}
-		
-		// add WebSSO descriptor for Redirect-Binding
-		if (StringUtils.isNotEmpty(config.getIDPWebSSORedirectBindingURL())) {
-			SingleSignOnService postSingleSignOnService = SAML2Utils.createSAMLObject(SingleSignOnService.class);
-			postSingleSignOnService.setLocation(config.getIDPWebSSORedirectBindingURL());
-			postSingleSignOnService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			idpSSODescriptor.getSingleSignOnServices().add(postSingleSignOnService);
-						
-		}
-		
-		//add Single LogOut POST-Binding endpoing
-		if (StringUtils.isNotEmpty(config.getIDPSLOPostBindingURL())) {
-			SingleLogoutService postSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class);			
-			postSLOService.setLocation(config.getIDPSLOPostBindingURL());
-			postSLOService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
-			idpSSODescriptor.getSingleLogoutServices().add(postSLOService);
-			
-		}
-		
-		//add Single LogOut Redirect-Binding endpoing
-		if (StringUtils.isNotEmpty(config.getIDPSLORedirectBindingURL())) {
-			SingleLogoutService redirectSLOService = SAML2Utils.createSAMLObject(SingleLogoutService.class);			
-			redirectSLOService.setLocation(config.getIDPSLORedirectBindingURL());
-			redirectSLOService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
-			idpSSODescriptor.getSingleLogoutServices().add(redirectSLOService);
-			
-		}
-		
-		//validate WebSSO endpoints
-		if (idpSSODescriptor.getSingleSignOnServices().size() == 0) {
-			log.warn("IDP Metadata generation FAILED! --> NO SAML2 SingleSignOnService endpoint found. ");
-			return null;
-			
-		}
-				
-		//set assertion signing key
-		KeyDescriptor signKeyDescriptor = SAML2Utils
-				.createSAMLObject(KeyDescriptor.class);
-		signKeyDescriptor.setUse(UsageType.SIGNING);
-		KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
-		signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(config.getRequestorResponseSigningCredentials()));
-		idpSSODescriptor.getKeyDescriptors().add(signKeyDescriptor);
-
-		//set IDP attribute set
-		idpSSODescriptor.getAttributes().addAll(config.getIDPPossibleAttributes());
-			
-		//set providable nameID formats
-		for (String format : config.getIDPPossibleNameITTypes()) {
-			NameIDFormat nameIDFormat = SAML2Utils.createSAMLObject(NameIDFormat.class);
-			nameIDFormat.setFormat(format);		
-			idpSSODescriptor.getNameIDFormats().add(nameIDFormat);
-						
-		}
-			
-		return idpSSODescriptor;
-		
-	}
-		
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java
new file mode 100644
index 00000000..73ba73c7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpAttributeBuilder.java
@@ -0,0 +1,244 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.ServiceLoader;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IspConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.InvalidDateFormatAttributeException;
+import at.gv.egiz.eaaf.core.exceptions.UnavailableAttributeException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PvpMetadata;
+import at.gv.egiz.eaaf.modules.pvp2.exception.InvalidDateFormatException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2Exception;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class PvpAttributeBuilder {
+
+  private static final Logger log = LoggerFactory.getLogger(PvpAttributeBuilder.class);
+
+  private static IAttributeGenerator<Attribute> generator = new SamlAttributeGenerator();
+  private static HashMap<String, IAttributeBuilder> builders;
+
+  private static ServiceLoader<IAttributeBuilder> attributBuilderLoader =
+      ServiceLoader.load(IAttributeBuilder.class);
+
+  private static void addBuilder(final IAttributeBuilder builder) {
+    builders.put(builder.getName(), builder);
+  }
+
+  static {
+    builders = new HashMap<>();
+
+    log.info("Loading protocol attribut-builder modules:");
+    if (attributBuilderLoader != null) {
+      final Iterator<IAttributeBuilder> moduleLoaderInterator = attributBuilderLoader.iterator();
+      while (moduleLoaderInterator.hasNext()) {
+        try {
+          final IAttributeBuilder modul = moduleLoaderInterator.next();
+          log.info("Loading attribut-builder Modul Information: " + modul.getName());
+          addBuilder(modul);
+
+        } catch (final Throwable e) {
+          log.error("Check configuration! " + "Some attribute-builder modul"
+              + " is not a valid IAttributeBuilder", e);
+        }
+      }
+    }
+
+    log.info("Loading attribute-builder modules done");
+
+  }
+
+
+  /**
+   * Get a specific attribute builder.
+   *
+   * @param name Attribute-builder friendly name
+   *
+   * @return Attribute-builder with this name or null if builder does not exists
+   */
+  public static IAttributeBuilder getAttributeBuilder(final String name) {
+    return builders.get(name);
+
+  }
+
+  /**
+   * Build an SAML2 attribute.
+   *
+   * @param name attribute name
+   * @param value attribute value
+   * @return SAML2 attribute
+   */
+  public static Attribute buildAttribute(final String name, final String value) {
+    log.warn("Attribute value: {} is NOT injected", value);
+
+    if (builders.containsKey(name)) {
+      return builders.get(name).buildEmpty(generator);
+    }
+    return null;
+  }
+
+  /**
+   * Build a SAML2 attribute.
+   *
+   * @param name attribute name
+   * @param oaParam Service-Provider configuration
+   * @param authData serice-provider specific authentication data
+   * @return SAML2 attribute
+   * @throws Pvp2Exception In case of a general error
+   * @throws AttributeBuilderException In case of an attribute builder error
+   */
+  public static Attribute buildAttribute(final String name, final IspConfiguration oaParam,
+      final IAuthData authData) throws Pvp2Exception, AttributeBuilderException {
+    if (builders.containsKey(name)) {
+      try {
+        return builders.get(name).build(oaParam, authData, generator);
+      } catch (final AttributeBuilderException e) {
+        if (e instanceof UnavailableAttributeException) {
+          throw e;
+
+        } else if (e instanceof InvalidDateFormatAttributeException) {
+          throw new InvalidDateFormatException();
+
+        } else {
+          throw new UnavailableAttributeException(name);
+
+        }
+      }
+    }
+    return null;
+  }
+
+  /**
+   * Build an empty attribute.
+   *
+   * @param name attributename
+   * @return SAML2 attribute
+   */
+  public static Attribute buildEmptyAttribute(final String name) {
+    if (builders.containsKey(name)) {
+      return builders.get(name).buildEmpty(generator);
+    }
+    return null;
+  }
+
+
+
+
+
+  /**
+   * Return all attributes that has a {@link PvpMetadata} annotation.
+   *
+   * @return
+   */
+  public static List<Attribute> buildSupportedEmptyAttributes() {
+    final List<Attribute> attributes = new ArrayList<>();
+    final Iterator<IAttributeBuilder> builderIt = builders.values().iterator();
+    while (builderIt.hasNext()) {
+      final IAttributeBuilder builder = builderIt.next();
+      if (builder.getClass().isAnnotationPresent(PvpMetadata.class)) {
+        final Attribute emptyAttribute = builder.buildEmpty(generator);
+        if (emptyAttribute != null) {
+          attributes.add(emptyAttribute);
+        }
+
+      } else {
+        log.trace(builder.getName() + "is no PVP Metadata attribute");
+
+      }
+    }
+    return attributes;
+  }
+
+  /**
+   * Build a requested attribute.
+   *
+   * @param name attribute name
+   * @param friendlyName attribute friendlyname
+   * @param required is attribute mandatory
+   * @return SAML2 requested attribute
+   */
+  public static RequestedAttribute buildReqAttribute(final String name, final String friendlyName,
+      final boolean required) {
+    final RequestedAttribute attribute = Saml2Utils.createSamlObject(RequestedAttribute.class);
+    attribute.setIsRequired(required);
+    attribute.setName(name);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setNameFormat(Attribute.URI_REFERENCE);
+    return attribute;
+  }
+
+  /**
+   * Build a set of PVP Response-Attributes <br>
+   * <br>
+   * <b>INFO:</b> If a specific attribute can not be build, a info is logged, but no execpetion is
+   * thrown. Therefore, the return List must not include all requested attributes.
+   *
+   * @param authData AuthenticationData <code>IAuthData</code> which is used to build the attribute
+   *        values, but never <code>null</code>
+   * @param reqAttributenName List of PVP attribute names which are requested, but never
+   *        <code>null</code>
+   * @return List of PVP attributes, but never <code>null</code>
+   */
+  public static List<Attribute> buildSetOfResponseAttributes(final IAuthData authData,
+      final Collection<String> reqAttributenName) {
+    final List<Attribute> attrList = new ArrayList<>();
+    if (reqAttributenName != null) {
+      final Iterator<String> it = reqAttributenName.iterator();
+      while (it.hasNext()) {
+        final String reqAttributName = it.next();
+        try {
+          final Attribute attr =
+              PvpAttributeBuilder.buildAttribute(reqAttributName, null, authData);
+          if (attr == null) {
+            log.info("Attribute generation failed! for " + reqAttributName);
+
+          } else {
+            attrList.add(attr);
+
+          }
+
+        } catch (final Pvp2Exception e) {
+          log.info("Attribute generation failed! for " + reqAttributName);
+
+        } catch (final Exception e) {
+          log.warn("General Attribute generation failed! for " + reqAttributName, e);
+
+        }
+      }
+    }
+
+    return attrList;
+  }
+
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
new file mode 100644
index 00000000..1efa8745
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/PvpMetadataBuilder.java
@@ -0,0 +1,458 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
+
+import java.io.IOException;
+import java.io.StringWriter;
+import java.util.Collection;
+import java.util.List;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.TransformerFactoryConfigurationError;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.transform.stream.StreamResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataBuilderConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.AbstractCredentialProvider;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.apache.commons.httpclient.auth.CredentialsNotAvailableException;
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.AttributeConsumingService;
+import org.opensaml.saml2.metadata.ContactPerson;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.saml2.metadata.KeyDescriptor;
+import org.opensaml.saml2.metadata.LocalizedString;
+import org.opensaml.saml2.metadata.NameIDFormat;
+import org.opensaml.saml2.metadata.Organization;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.opensaml.saml2.metadata.RoleDescriptor;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.ServiceName;
+import org.opensaml.saml2.metadata.SingleLogoutService;
+import org.opensaml.saml2.metadata.SingleSignOnService;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.security.SecurityException;
+import org.opensaml.xml.security.SecurityHelper;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.keyinfo.KeyInfoGenerator;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
+import org.opensaml.xml.signature.Signature;
+import org.opensaml.xml.signature.SignatureException;
+import org.opensaml.xml.signature.Signer;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+import org.w3c.dom.Document;
+
+/**
+ * PVP metadata builder implementation.
+ *
+ * @author tlenz
+ *
+ */
+
+@Service("PVPMetadataBuilder")
+public class PvpMetadataBuilder {
+
+  private static final Logger log = LoggerFactory.getLogger(PvpMetadataBuilder.class);
+
+  X509KeyInfoGeneratorFactory keyInfoFactory = null;
+
+  /**
+   * PVP metadata builder.
+   *
+   */
+  public PvpMetadataBuilder() {
+    keyInfoFactory = new X509KeyInfoGeneratorFactory();
+    keyInfoFactory.setEmitEntityIDAsKeyName(true);
+    keyInfoFactory.setEmitEntityCertificate(true);
+
+  }
+
+
+  /**
+   * Build PVP 2.1 conform SAML2 metadata.
+   *
+   * @param config PVPMetadataBuilder configuration*
+   * @return PVP metadata as XML String
+   * @throws SecurityException In case of an error
+   * @throws ConfigurationException In case of an error
+   * @throws CredentialsNotAvailableException In case of an error
+   * @throws TransformerFactoryConfigurationError In case of an error
+   * @throws MarshallingException In case of an error
+   * @throws TransformerException In case of an error
+   * @throws ParserConfigurationException In case of an error
+   * @throws IOException In case of an error
+   * @throws SignatureException In case of an error
+   */
+  public String buildPvpMetadata(final IPvpMetadataBuilderConfiguration config)
+      throws CredentialsNotAvailableException, EaafException, SecurityException,
+      TransformerFactoryConfigurationError, MarshallingException, TransformerException,
+      ParserConfigurationException, IOException, SignatureException {
+    final DateTime date = new DateTime();
+    final EntityDescriptor entityDescriptor = Saml2Utils.createSamlObject(EntityDescriptor.class);
+
+    // set entityID
+    entityDescriptor.setEntityID(config.getEntityID());
+
+    // set contact and organisation information
+    final List<ContactPerson> contactPersons = config.getContactPersonInformation();
+    if (contactPersons != null) {
+      entityDescriptor.getContactPersons().addAll(contactPersons);
+    }
+
+    final Organization organisation = config.getOrgansiationInformation();
+    if (organisation != null) {
+      entityDescriptor.setOrganization(organisation);
+    }
+
+    // set IDP metadata
+    if (config.buildIdpSsoDescriptor()) {
+      final RoleDescriptor idpSsoDesc = generateIdpMetadata(config);
+      if (idpSsoDesc != null) {
+        entityDescriptor.getRoleDescriptors().add(idpSsoDesc);
+      }
+
+    }
+
+    // set SP metadata for interfederation
+    if (config.buildSpSsoDescriptor()) {
+      final RoleDescriptor spSsoDesc = generateSpMetadata(config);
+      if (spSsoDesc != null) {
+        entityDescriptor.getRoleDescriptors().add(spSsoDesc);
+      }
+
+    }
+
+    // set metadata signature parameters
+    final Credential metadataSignCred = config.getMetadataSigningCredentials();
+    final Signature signature = AbstractCredentialProvider.getIdpSignature(metadataSignCred);
+    SecurityHelper.prepareSignatureParams(signature, metadataSignCred, null, null);
+
+    // initialize XML document builder
+    DocumentBuilder builder;
+    final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+
+    builder = factory.newDocumentBuilder();
+    final Document document = builder.newDocument();
+
+
+    // build entities descriptor
+    if (config.buildEntitiesDescriptorAsRootElement()) {
+      final EntitiesDescriptor entitiesDescriptor =
+          Saml2Utils.createSamlObject(EntitiesDescriptor.class);
+      entitiesDescriptor.setName(config.getEntityFriendlyName());
+      entitiesDescriptor.setID(Saml2Utils.getSecureIdentifier());
+      entitiesDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil()));
+      entitiesDescriptor.getEntityDescriptors().add(entityDescriptor);
+
+      // load default PVP security configurations
+      EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+      entitiesDescriptor.setSignature(signature);
+
+
+      // marshall document
+      final Marshaller out =
+          org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(entitiesDescriptor);
+      out.marshall(entitiesDescriptor, document);
+
+    } else {
+      entityDescriptor.setValidUntil(date.plusHours(config.getMetadataValidUntil()));
+      entityDescriptor.setID(Saml2Utils.getSecureIdentifier());
+
+      entityDescriptor.setSignature(signature);
+
+
+
+      // marshall document
+      final Marshaller out =
+          org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(entityDescriptor);
+      out.marshall(entityDescriptor, document);
+
+    }
+
+    // sign metadata
+    Signer.signObject(signature);
+
+    // transform metadata object to XML string
+    final Transformer transformer = TransformerFactory.newInstance().newTransformer();
+
+    final StringWriter sw = new StringWriter();
+    final StreamResult sr = new StreamResult(sw);
+    final DOMSource source = new DOMSource(document);
+    transformer.transform(source, sr);
+    sw.close();
+
+    return sw.toString();
+  }
+
+
+  private RoleDescriptor generateSpMetadata(final IPvpMetadataBuilderConfiguration config)
+      throws CredentialsNotAvailableException, SecurityException, EaafException {
+    final SPSSODescriptor spSsoDescriptor = Saml2Utils.createSamlObject(SPSSODescriptor.class);
+    spSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+    spSsoDescriptor.setAuthnRequestsSigned(config.wantAuthnRequestSigned());
+    spSsoDescriptor.setWantAssertionsSigned(config.wantAssertionSigned());
+
+    final KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+
+    // Set AuthRequest Signing certificate
+    final Credential authcredential = config.getRequestorResponseSigningCredentials();
+    if (authcredential == null) {
+      log.warn("SP Metadata generation FAILED! --> Builder has NO request signing-credential. ");
+      return null;
+
+    } else {
+      final KeyDescriptor signKeyDescriptor = Saml2Utils.createSamlObject(KeyDescriptor.class);
+      signKeyDescriptor.setUse(UsageType.SIGNING);
+      signKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authcredential));
+      spSsoDescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+    }
+
+    // Set assertion encryption credentials
+    final Credential authEncCredential = config.getEncryptionCredentials();
+
+    if (authEncCredential != null) {
+      final KeyDescriptor encryKeyDescriptor = Saml2Utils.createSamlObject(KeyDescriptor.class);
+      encryKeyDescriptor.setUse(UsageType.ENCRYPTION);
+      encryKeyDescriptor.setKeyInfo(keyInfoGenerator.generate(authEncCredential));
+      spSsoDescriptor.getKeyDescriptors().add(encryKeyDescriptor);
+
+    } else {
+      log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+
+    }
+
+    // check nameID formates
+    if (config.getSpAllowedNameIdTypes() == null || config.getSpAllowedNameIdTypes().size() == 0) {
+      log.warn(
+          "SP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. ");
+      return null;
+
+    } else {
+      for (final String format : config.getSpAllowedNameIdTypes()) {
+        final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
+        nameIdFormat.setFormat(format);
+        spSsoDescriptor.getNameIDFormats().add(nameIdFormat);
+
+      }
+    }
+
+
+    // add POST-Binding assertion consumer services
+    if (StringUtils.isNotEmpty(config.getSpAssertionConsumerServicePostBindingUrl())) {
+      final AssertionConsumerService postassertionConsumerService =
+          Saml2Utils.createSamlObject(AssertionConsumerService.class);
+      postassertionConsumerService.setIndex(0);
+      postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+      postassertionConsumerService
+          .setLocation(config.getSpAssertionConsumerServicePostBindingUrl());
+      postassertionConsumerService.setIsDefault(true);
+      spSsoDescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
+
+    }
+
+    // add POST-Binding assertion consumer services
+    if (StringUtils.isNotEmpty(config.getSpAssertionConsumerServiceRedirectBindingUrl())) {
+      final AssertionConsumerService redirectassertionConsumerService =
+          Saml2Utils.createSamlObject(AssertionConsumerService.class);
+      redirectassertionConsumerService.setIndex(1);
+      redirectassertionConsumerService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+      redirectassertionConsumerService
+          .setLocation(config.getSpAssertionConsumerServiceRedirectBindingUrl());
+      spSsoDescriptor.getAssertionConsumerServices().add(redirectassertionConsumerService);
+
+    }
+
+    // validate WebSSO endpoints
+    if (spSsoDescriptor.getAssertionConsumerServices().size() == 0) {
+      log.warn(
+          "SP Metadata generation FAILED! --> NO SAML2 AssertionConsumerService endpoint found. ");
+      return null;
+
+    }
+
+    // add POST-Binding SLO descriptor
+    if (StringUtils.isNotEmpty(config.getSpSloPostBindingUrl())) {
+      final SingleLogoutService postSloService =
+          Saml2Utils.createSamlObject(SingleLogoutService.class);
+      postSloService.setLocation(config.getSpSloPostBindingUrl());
+      postSloService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+      spSsoDescriptor.getSingleLogoutServices().add(postSloService);
+
+    }
+
+    // add POST-Binding SLO descriptor
+    if (StringUtils.isNotEmpty(config.getSpSloRedirectBindingUrl())) {
+      final SingleLogoutService redirectSloService =
+          Saml2Utils.createSamlObject(SingleLogoutService.class);
+      redirectSloService.setLocation(config.getSpSloRedirectBindingUrl());
+      redirectSloService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+      spSsoDescriptor.getSingleLogoutServices().add(redirectSloService);
+
+    }
+
+    // add POST-Binding SLO descriptor
+    if (StringUtils.isNotEmpty(config.getSpSloSoapBindingUrl())) {
+      final SingleLogoutService soapSloService =
+          Saml2Utils.createSamlObject(SingleLogoutService.class);
+      soapSloService.setLocation(config.getSpSloSoapBindingUrl());
+      soapSloService.setBinding(SAMLConstants.SAML2_SOAP11_BINDING_URI);
+      spSsoDescriptor.getSingleLogoutServices().add(soapSloService);
+
+    }
+
+
+    // add required attributes
+    final Collection<RequestedAttribute> reqSpAttr = config.getSpRequiredAttributes();
+    final AttributeConsumingService attributeService =
+        Saml2Utils.createSamlObject(AttributeConsumingService.class);
+
+    attributeService.setIndex(0);
+    attributeService.setIsDefault(true);
+    final ServiceName serviceName = Saml2Utils.createSamlObject(ServiceName.class);
+    serviceName.setName(new LocalizedString("Default Service", "en"));
+    attributeService.getNames().add(serviceName);
+
+    if (reqSpAttr != null && reqSpAttr.size() > 0) {
+      log.debug("Add " + reqSpAttr.size() + " attributes to SP metadata");
+      attributeService.getRequestAttributes().addAll(reqSpAttr);
+
+    } else {
+      log.debug("SP metadata contains NO requested attributes.");
+
+    }
+
+    spSsoDescriptor.getAttributeConsumingServices().add(attributeService);
+
+    return spSsoDescriptor;
+  }
+
+  private IDPSSODescriptor generateIdpMetadata(final IPvpMetadataBuilderConfiguration config)
+      throws EaafException, CredentialsNotAvailableException, SecurityException {
+    // check response signing credential
+    final Credential responseSignCred = config.getRequestorResponseSigningCredentials();
+    if (responseSignCred == null) {
+      log.warn("IDP Metadata generation FAILED! --> Builder has NO Response signing credential. ");
+      return null;
+
+    }
+
+    // check nameID formates
+    if (config.getIdpPossibleNameIdTypes() == null
+        || config.getIdpPossibleNameIdTypes().size() == 0) {
+      log.warn(
+          "IDP Metadata generation FAILED! --> Builder has NO provideable SAML2 nameIDFormats. ");
+      return null;
+
+    }
+
+    // build SAML2 IDP-SSO descriptor element
+    final IDPSSODescriptor idpSsoDescriptor = Saml2Utils.createSamlObject(IDPSSODescriptor.class);
+
+    idpSsoDescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
+
+    // set ass default value, because PVP 2.x specification defines this feature as MUST
+    idpSsoDescriptor.setWantAuthnRequestsSigned(config.wantAuthnRequestSigned());
+
+    // add WebSSO descriptor for POST-Binding
+    if (StringUtils.isNotEmpty(config.getIdpWebSsoPostBindingUrl())) {
+      final SingleSignOnService postSingleSignOnService =
+          Saml2Utils.createSamlObject(SingleSignOnService.class);
+      postSingleSignOnService.setLocation(config.getIdpWebSsoPostBindingUrl());
+      postSingleSignOnService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+      idpSsoDescriptor.getSingleSignOnServices().add(postSingleSignOnService);
+
+    }
+
+    // add WebSSO descriptor for Redirect-Binding
+    if (StringUtils.isNotEmpty(config.getIdpWebSsoRedirectBindingUrl())) {
+      final SingleSignOnService postSingleSignOnService =
+          Saml2Utils.createSamlObject(SingleSignOnService.class);
+      postSingleSignOnService.setLocation(config.getIdpWebSsoRedirectBindingUrl());
+      postSingleSignOnService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+      idpSsoDescriptor.getSingleSignOnServices().add(postSingleSignOnService);
+
+    }
+
+    // add Single LogOut POST-Binding endpoing
+    if (StringUtils.isNotEmpty(config.getIdpSloPostBindingUrl())) {
+      final SingleLogoutService postSloService =
+          Saml2Utils.createSamlObject(SingleLogoutService.class);
+      postSloService.setLocation(config.getIdpSloPostBindingUrl());
+      postSloService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
+      idpSsoDescriptor.getSingleLogoutServices().add(postSloService);
+
+    }
+
+    // add Single LogOut Redirect-Binding endpoing
+    if (StringUtils.isNotEmpty(config.getIdpSloRedirectBindingUrl())) {
+      final SingleLogoutService redirectSloService =
+          Saml2Utils.createSamlObject(SingleLogoutService.class);
+      redirectSloService.setLocation(config.getIdpSloRedirectBindingUrl());
+      redirectSloService.setBinding(SAMLConstants.SAML2_REDIRECT_BINDING_URI);
+      idpSsoDescriptor.getSingleLogoutServices().add(redirectSloService);
+
+    }
+
+    // validate WebSSO endpoints
+    if (idpSsoDescriptor.getSingleSignOnServices().size() == 0) {
+      log.warn("IDP Metadata generation FAILED! --> NO SAML2 SingleSignOnService endpoint found. ");
+      return null;
+
+    }
+
+    // set assertion signing key
+    final KeyDescriptor signKeyDescriptor = Saml2Utils.createSamlObject(KeyDescriptor.class);
+    signKeyDescriptor.setUse(UsageType.SIGNING);
+    final KeyInfoGenerator keyInfoGenerator = keyInfoFactory.newInstance();
+    signKeyDescriptor
+        .setKeyInfo(keyInfoGenerator.generate(config.getRequestorResponseSigningCredentials()));
+    idpSsoDescriptor.getKeyDescriptors().add(signKeyDescriptor);
+
+    // set IDP attribute set
+    idpSsoDescriptor.getAttributes().addAll(config.getIdpPossibleAttributes());
+
+    // set providable nameID formats
+    for (final String format : config.getIdpPossibleNameIdTypes()) {
+      final NameIDFormat nameIdFormat = Saml2Utils.createSamlObject(NameIDFormat.class);
+      nameIdFormat.setFormat(format);
+      idpSsoDescriptor.getNameIDFormats().add(nameIdFormat);
+
+    }
+
+    return idpSsoDescriptor;
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
index cb4a4608..559a3959 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/SamlAttributeGenerator.java
@@ -1,31 +1,26 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.builder;
 
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.core.AttributeValue;
 import org.opensaml.xml.Configuration;
@@ -35,58 +30,66 @@ import org.opensaml.xml.schema.XSString;
 import org.opensaml.xml.schema.impl.XSIntegerBuilder;
 import org.opensaml.xml.schema.impl.XSStringBuilder;
 
-import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
-
 public class SamlAttributeGenerator implements IAttributeGenerator<Attribute> {
-	
-	private XMLObject buildAttributeStringValue(String value) {
-		XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
-		XSString stringValue = stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
-		stringValue.setValue(value);
-		return stringValue;
-	}
-	
-	private XMLObject buildAttributeIntegerValue(int value) {
-		XSIntegerBuilder integerBuilder = (XSIntegerBuilder) Configuration.getBuilderFactory().getBuilder(XSInteger.TYPE_NAME);
-		XSInteger integerValue = integerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
-		integerValue.setValue(value);
-		return integerValue;
-	}
-	
-	public Attribute buildStringAttribute(final String friendlyName, final String name, final String value) {
-		Attribute attribute = SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.setNameFormat(Attribute.URI_REFERENCE);
-		attribute.getAttributeValues().add(buildAttributeStringValue(value));
-		return attribute;
-	}
-	
-	public Attribute buildIntegerAttribute(final String friendlyName, final String name, final int value) {
-		Attribute attribute = SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.setNameFormat(Attribute.URI_REFERENCE);
-		attribute.getAttributeValues().add(buildAttributeIntegerValue(value));
-		return attribute;
-	}
-	
-	public Attribute buildEmptyAttribute(final String friendlyName, final String name) {
-		Attribute attribute = SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.setNameFormat(Attribute.URI_REFERENCE);
-		return attribute;
-	}
 
-	public Attribute buildLongAttribute(String friendlyName, String name, long value) {
-		Attribute attribute = SAML2Utils.createSAMLObject(Attribute.class);
-		attribute.setFriendlyName(friendlyName);
-		attribute.setName(name);
-		attribute.setNameFormat(Attribute.URI_REFERENCE);
-		attribute.getAttributeValues().add(buildAttributeIntegerValue((int) value));
-		return attribute;
-	}
-	
+  private XMLObject buildAttributeStringValue(final String value) {
+    final XSStringBuilder stringBuilder =
+        (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
+    final XSString stringValue =
+        stringBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSString.TYPE_NAME);
+    stringValue.setValue(value);
+    return stringValue;
+  }
+
+  private XMLObject buildAttributeIntegerValue(final int value) {
+    final XSIntegerBuilder integerBuilder =
+        (XSIntegerBuilder) Configuration.getBuilderFactory().getBuilder(XSInteger.TYPE_NAME);
+    final XSInteger integerValue =
+        integerBuilder.buildObject(AttributeValue.DEFAULT_ELEMENT_NAME, XSInteger.TYPE_NAME);
+    integerValue.setValue(value);
+    return integerValue;
+  }
+
+  @Override
+  public Attribute buildStringAttribute(final String friendlyName, final String name,
+      final String value) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.setNameFormat(Attribute.URI_REFERENCE);
+    attribute.getAttributeValues().add(buildAttributeStringValue(value));
+    return attribute;
+  }
+
+  @Override
+  public Attribute buildIntegerAttribute(final String friendlyName, final String name,
+      final int value) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.setNameFormat(Attribute.URI_REFERENCE);
+    attribute.getAttributeValues().add(buildAttributeIntegerValue(value));
+    return attribute;
+  }
+
+  @Override
+  public Attribute buildEmptyAttribute(final String friendlyName, final String name) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.setNameFormat(Attribute.URI_REFERENCE);
+    return attribute;
+  }
+
+  @Override
+  public Attribute buildLongAttribute(final String friendlyName, final String name,
+      final long value) {
+    final Attribute attribute = Saml2Utils.createSamlObject(Attribute.class);
+    attribute.setFriendlyName(friendlyName);
+    attribute.setName(name);
+    attribute.setNameFormat(Attribute.URI_REFERENCE);
+    attribute.getAttributeValues().add(buildAttributeIntegerValue((int) value));
+    return attribute;
+  }
+
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFExtensionImplementation.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFExtensionImplementation.java
deleted file mode 100644
index 817ca2f6..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFExtensionImplementation.java
+++ /dev/null
@@ -1,36 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.saml2.common.impl.ExtensionsImpl;
-
-public class EAAFExtensionImplementation extends ExtensionsImpl {
-
-	protected EAAFExtensionImplementation(String namespaceURI, String elementLocalName, String namespacePrefix) {
-		super(namespaceURI, elementLocalName, namespacePrefix);
-		
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestExtensionBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestExtensionBuilder.java
deleted file mode 100644
index 431784cf..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestExtensionBuilder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.common.Extensions;
-
-public class EAAFRequestExtensionBuilder extends AbstractSAMLObjectBuilder<Extensions> {
-
-	@Override
-	public Extensions buildObject() {
-		return buildObject(SAMLConstants.SAML20P_NS, Extensions.LOCAL_NAME, SAMLConstants.SAML20P_PREFIX);
-		
-	}
-
-	@Override
-	public Extensions buildObject(String namespaceURI, String localName, String namespacePrefix) {
-		 return new EAAFExtensionImplementation(namespaceURI, localName, namespacePrefix);
-		 
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeBuilder.java
deleted file mode 100644
index 33868544..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeBuilder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EAAFRequestedAttributeImpl;
-
-public class EAAFRequestedAttributeBuilder extends AbstractSAMLObjectBuilder<EAAFRequestedAttribute> {
-
-	@Override
-	public EAAFRequestedAttribute buildObject() {
-		return buildObject(EAAFRequestedAttribute.DEFAULT_ELEMENT_NAME);
-	}
-
-	@Override
-	public EAAFRequestedAttribute buildObject(String namespaceURI, String localName, String namespacePrefix) {
-		return new EAAFRequestedAttributeImpl(namespaceURI, localName,
-				namespacePrefix);
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeMarshaller.java
deleted file mode 100644
index d95adc8f..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeMarshaller.java
+++ /dev/null
@@ -1,76 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import java.util.Map.Entry;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.Configuration;
-import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Attr;
-import org.w3c.dom.Element;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-
-public class EAAFRequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller {
-    protected final void marshallAttributes(final XMLObject samlElement,
-    	    final Element domElement) throws MarshallingException {
-    	final EAAFRequestedAttribute requestedAttr = (EAAFRequestedAttribute) samlElement;
-
-    	if (requestedAttr.getName() != null) {
-    	    domElement.setAttributeNS(null, EAAFRequestedAttribute.NAME_ATTRIB_NAME, requestedAttr.getName());
-    	}
-
-    	if (requestedAttr.getNameFormat() != null) {
-    	    domElement.setAttributeNS(null, EAAFRequestedAttribute.NAME_FORMAT_ATTR, requestedAttr.getNameFormat());
-    	}
-
-    	if (requestedAttr.getFriendlyName() != null) {
-    	    domElement.setAttributeNS(null, EAAFRequestedAttribute.FRIENDLY_NAME_ATT, requestedAttr.getFriendlyName());
-    	}
-
-    	if (requestedAttr.getIsRequiredXSBoolean() != null) {
-    	    domElement.setAttributeNS(null, EAAFRequestedAttribute.IS_REQUIRED_ATTR, requestedAttr.getIsRequiredXSBoolean());
-    	}
-
-    	Attr attr;
-    	for (Entry<QName, String> entry : requestedAttr.getUnknownAttributes()
-    		.entrySet()) {
-    	    attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(),
-    		    entry.getKey());
-    	    attr.setValue(entry.getValue());
-    	    domElement.setAttributeNodeNS(attr);
-    	    if (Configuration.isIDAttribute(entry.getKey())
-    		    || requestedAttr.getUnknownAttributes().isIDAttribute(
-    			    entry.getKey())) {
-    		attr.getOwnerElement().setIdAttributeNode(attr, true);
-    	    }
-    	}
-        }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeUnmarshaller.java
deleted file mode 100644
index a4515707..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributeUnmarshaller.java
+++ /dev/null
@@ -1,75 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.util.XMLHelper;
-import org.w3c.dom.Attr;
-
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-
-public class EAAFRequestedAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller {
-    protected final void processChildElement(final XMLObject parentSAMLObject, final XMLObject childSAMLObject) throws UnmarshallingException {
-    	final EAAFRequestedAttribute requestedAttr = (EAAFRequestedAttribute) parentSAMLObject;
-    	final QName childQName = childSAMLObject.getElementQName();
-    
-    	if ("AttributeValue".equals(childQName.getLocalPart())
-    		&& childQName.getNamespaceURI().equals(PVPConstants.EIDAT10_SAML_NS)) {
-    	    requestedAttr.getAttributeValues().add(childSAMLObject);
-    	
-    	} else
-    	    super.processChildElement(parentSAMLObject, childSAMLObject);
-
-    }
-
-    protected final void processAttribute(final XMLObject samlObject, final Attr attribute) throws UnmarshallingException {
-    	final EAAFRequestedAttribute requestedAttr = (EAAFRequestedAttribute) samlObject;
-    	if (attribute.getLocalName().equals(EAAFRequestedAttribute.NAME_ATTRIB_NAME)) {
-    	    requestedAttr.setName(attribute.getValue());
-    	
-    	} else if (attribute.getLocalName().equals(EAAFRequestedAttribute.NAME_FORMAT_ATTR)) {
-    	    requestedAttr.setNameFormat(attribute.getValue());
-    	    
-    	} else if (attribute.getLocalName().equals(EAAFRequestedAttribute.FRIENDLY_NAME_ATT)) {
-    	    requestedAttr.setFriendlyName(attribute.getValue());
-    	    
-    	} else if (attribute.getLocalName().equals(EAAFRequestedAttribute.IS_REQUIRED_ATTR)) {
-    	    requestedAttr.setIsRequired(attribute.getValue());
-
-    	} else {
-    	    final QName attribQName = XMLHelper.getNodeQName(attribute);
-    	    if (attribute.isId()) {
-    	    	requestedAttr.getUnknownAttributes().registerID(attribQName);
-    	    }
-    	    requestedAttr.getUnknownAttributes().put(attribQName,
-    		    attribute.getValue());
-    	}
-   }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesBuilder.java
deleted file mode 100644
index 6e432b25..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesBuilder.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes;
-import at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EAAFRequestedAttributesImpl;
-
-public class EAAFRequestedAttributesBuilder extends AbstractSAMLObjectBuilder<EAAFRequestedAttributes> {
-
-	@Override
-	public EAAFRequestedAttributes buildObject() {
-		return buildObject(EAAFRequestedAttributes.DEFAULT_ELEMENT_NAME);
-	}
-
-	@Override
-	public EAAFRequestedAttributes buildObject(String namespaceURI, String localName, String namespacePrefix) {
-		return new EAAFRequestedAttributesImpl(namespaceURI, localName,
-				namespacePrefix);
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesMarshaller.java
deleted file mode 100644
index 28d50422..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesMarshaller.java
+++ /dev/null
@@ -1,31 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
-
-public class EAAFRequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller {
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesUnmarshaller.java
deleted file mode 100644
index b2758326..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EAAFRequestedAttributesUnmarshaller.java
+++ /dev/null
@@ -1,45 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
-
-import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.io.UnmarshallingException;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes;
-
-public class EAAFRequestedAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller {
-    protected final void processChildElement(final XMLObject parentObject,
-    	    final XMLObject childObject) throws UnmarshallingException {
-    	final EAAFRequestedAttributes attrStatement = (EAAFRequestedAttributes) parentObject;
-    	if (childObject instanceof EAAFRequestedAttribute) {
-    	    attrStatement.getAttributes().add((EAAFRequestedAttribute) childObject);
-    	    
-    	} else
-    	    super.processChildElement(parentObject, childObject);
-
-    }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafExtensionImplementation.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafExtensionImplementation.java
new file mode 100644
index 00000000..e61f5e6e
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafExtensionImplementation.java
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import org.opensaml.saml2.common.impl.ExtensionsImpl;
+
+public class EaafExtensionImplementation extends ExtensionsImpl {
+
+  protected EaafExtensionImplementation(final String namespaceUri, final String elementLocalName,
+      final String namespacePrefix) {
+    super(namespaceUri, elementLocalName, namespacePrefix);
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java
new file mode 100644
index 00000000..d8ea35a0
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestExtensionBuilder.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.common.Extensions;
+
+public class EaafRequestExtensionBuilder extends AbstractSAMLObjectBuilder<Extensions> {
+
+  @Override
+  public Extensions buildObject() {
+    return buildObject(SAMLConstants.SAML20P_NS, Extensions.LOCAL_NAME,
+        SAMLConstants.SAML20P_PREFIX);
+
+  }
+
+  @Override
+  public Extensions buildObject(final String namespaceUri, final String localName, final String namespacePrefix) {
+    return new EaafExtensionImplementation(namespaceUri, localName, namespacePrefix);
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java
new file mode 100644
index 00000000..4f91f267
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeBuilder.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EaafRequestedAttributeImpl;
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+public class EaafRequestedAttributeBuilder
+    extends AbstractSAMLObjectBuilder<EaafRequestedAttribute> {
+
+  @Override
+  public EaafRequestedAttribute buildObject() {
+    return buildObject(EaafRequestedAttribute.DEFAULT_ELEMENT_NAME);
+  }
+
+  @Override
+  public EaafRequestedAttribute buildObject(final String namespaceUri, final String localName,
+      final String namespacePrefix) {
+    return new EaafRequestedAttributeImpl(namespaceUri, localName, namespacePrefix);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java
new file mode 100644
index 00000000..a370818e
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeMarshaller.java
@@ -0,0 +1,69 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import java.util.Map.Entry;
+import javax.xml.namespace.QName;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Attr;
+import org.w3c.dom.Element;
+
+public class EaafRequestedAttributeMarshaller extends AbstractSAMLObjectMarshaller {
+  @Override
+  protected final void marshallAttributes(final XMLObject samlElement, final Element domElement)
+      throws MarshallingException {
+    final EaafRequestedAttribute requestedAttr = (EaafRequestedAttribute) samlElement;
+
+    if (requestedAttr.getName() != null) {
+      domElement.setAttributeNS(null, EaafRequestedAttribute.NAME_ATTRIB_NAME,
+          requestedAttr.getName());
+    }
+
+    if (requestedAttr.getNameFormat() != null) {
+      domElement.setAttributeNS(null, EaafRequestedAttribute.NAME_FORMAT_ATTR,
+          requestedAttr.getNameFormat());
+    }
+
+    if (requestedAttr.getFriendlyName() != null) {
+      domElement.setAttributeNS(null, EaafRequestedAttribute.FRIENDLY_NAME_ATT,
+          requestedAttr.getFriendlyName());
+    }
+
+    if (requestedAttr.getIsRequiredXsBoolean() != null) {
+      domElement.setAttributeNS(null, EaafRequestedAttribute.IS_REQUIRED_ATTR,
+          requestedAttr.getIsRequiredXsBoolean());
+    }
+
+    Attr attr;
+    for (final Entry<QName, String> entry : requestedAttr.getUnknownAttributes().entrySet()) {
+      attr = XMLHelper.constructAttribute(domElement.getOwnerDocument(), entry.getKey());
+      attr.setValue(entry.getValue());
+      domElement.setAttributeNodeNS(attr);
+      if (org.opensaml.xml.Configuration.isIDAttribute(entry.getKey())
+          || requestedAttr.getUnknownAttributes().isIDAttribute(entry.getKey())) {
+        attr.getOwnerElement().setIdAttributeNode(attr, true);
+      }
+    }
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java
new file mode 100644
index 00000000..25baed16
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributeUnmarshaller.java
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import javax.xml.namespace.QName;
+
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.util.XMLHelper;
+import org.w3c.dom.Attr;
+
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+
+public class EaafRequestedAttributeUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+  @Override
+  protected final void processChildElement(final XMLObject parentSamlObject,
+      final XMLObject childSamlObject) throws UnmarshallingException {
+    final EaafRequestedAttribute requestedAttr = (EaafRequestedAttribute) parentSamlObject;
+    final QName childQName = childSamlObject.getElementQName();
+
+    if ("AttributeValue".equals(childQName.getLocalPart())
+        && childQName.getNamespaceURI().equals(PvpConstants.EIDAT10_SAML_NS)) {
+      requestedAttr.getAttributeValues().add(childSamlObject);
+
+    } else {
+      super.processChildElement(parentSamlObject, childSamlObject);
+    }
+
+  }
+
+  @Override
+  protected final void processAttribute(final XMLObject samlObject, final Attr attribute)
+      throws UnmarshallingException {
+    final EaafRequestedAttribute requestedAttr = (EaafRequestedAttribute) samlObject;
+    if (attribute.getLocalName().equals(EaafRequestedAttribute.NAME_ATTRIB_NAME)) {
+      requestedAttr.setName(attribute.getValue());
+
+    } else if (attribute.getLocalName().equals(EaafRequestedAttribute.NAME_FORMAT_ATTR)) {
+      requestedAttr.setNameFormat(attribute.getValue());
+
+    } else if (attribute.getLocalName().equals(EaafRequestedAttribute.FRIENDLY_NAME_ATT)) {
+      requestedAttr.setFriendlyName(attribute.getValue());
+
+    } else if (attribute.getLocalName().equals(EaafRequestedAttribute.IS_REQUIRED_ATTR)) {
+      requestedAttr.setIsRequired(attribute.getValue());
+
+    } else {
+      final QName attribQName = XMLHelper.getNodeQName(attribute);
+      if (attribute.isId()) {
+        requestedAttr.getUnknownAttributes().registerID(attribQName);
+      }
+      requestedAttr.getUnknownAttributes().put(attribQName, attribute.getValue());
+    }
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java
new file mode 100644
index 00000000..1f68747f
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesBuilder.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import org.opensaml.common.impl.AbstractSAMLObjectBuilder;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import at.gv.egiz.eaaf.modules.pvp2.impl.reqattr.EaafRequestedAttributesImpl;
+
+public class EaafRequestedAttributesBuilder
+    extends AbstractSAMLObjectBuilder<EaafRequestedAttributes> {
+
+  @Override
+  public EaafRequestedAttributes buildObject() {
+    return buildObject(EaafRequestedAttributes.DEFAULT_ELEMENT_NAME);
+  }
+
+  @Override
+  public EaafRequestedAttributes buildObject(final String namespaceUri, final String localName,
+      final String namespacePrefix) {
+    return new EaafRequestedAttributesImpl(namespaceUri, localName, namespacePrefix);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java
new file mode 100644
index 00000000..2fff64b3
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesMarshaller.java
@@ -0,0 +1,26 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import org.opensaml.common.impl.AbstractSAMLObjectMarshaller;
+
+public class EaafRequestedAttributesMarshaller extends AbstractSAMLObjectMarshaller {
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java
new file mode 100644
index 00000000..b2cf7a82
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/builder/reqattr/EaafRequestedAttributesUnmarshaller.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import org.opensaml.common.impl.AbstractSAMLObjectUnmarshaller;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.io.UnmarshallingException;
+
+public class EaafRequestedAttributesUnmarshaller extends AbstractSAMLObjectUnmarshaller {
+  @Override
+  protected final void processChildElement(final XMLObject parentObject,
+      final XMLObject childObject) throws UnmarshallingException {
+    final EaafRequestedAttributes attrStatement = (EaafRequestedAttributes) parentObject;
+    if (childObject instanceof EaafRequestedAttribute) {
+      attrStatement.getAttributes().add((EaafRequestedAttribute) childObject);
+
+    } else {
+      super.processChildElement(parentObject, childObject);
+    }
+
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
index 452fa553..107a856e 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/InboundMessage.java
@@ -1,123 +1,135 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.message;
 
 import java.io.Serializable;
-
+import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.provider.MetadataProviderException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.w3c.dom.Element;
 
-import at.gv.egiz.eaaf.modules.pvp2.api.message.InboundMessageInterface;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPVPMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.NoMetadataInformationException;
- 
-/**
- * @author tlenz
- *
- */
-public class InboundMessage implements InboundMessageInterface, Serializable{
-	private static final Logger log = LoggerFactory.getLogger(InboundMessage.class);
-	
-	private static final long serialVersionUID = 2395131650841669663L;
-	
-	private Element samlMessage = null;
-	private boolean verified = false;
-	private String entityID = null;
-	private String relayState = null;
-	
-	
-	public EntityDescriptor getEntityMetadata(IPVPMetadataProvider  metadataProvider) throws NoMetadataInformationException {
-		try {
-			if (metadataProvider == null)
-				throw new NullPointerException("No PVP MetadataProvider found.");
-			
-			return metadataProvider.getEntityDescriptor(this.entityID);
-			
-		} catch (MetadataProviderException e) {
-			log.warn("No Metadata for EntitiyID " + entityID); 
-			throw new NoMetadataInformationException();
-		}			
-	}
-	
-	/**
-	 * @param entitiyID the entitiyID to set
-	 */
-	public void setEntityID(String entitiyID) {
-		this.entityID = entitiyID;
-	}
-	
-	public void setVerified(boolean verified) {
-		this.verified = verified;
-	}
-		
-	/**
-	 * @param relayState the relayState to set
-	 */
-	public void setRelayState(String relayState) {
-		this.relayState = relayState;
-	}
-	
-	public void setSAMLMessage(Element msg) {
-		this.samlMessage = msg;
-	}
-	
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getRelayState()
-	 */
-	@Override
-	public String getRelayState() {
-		return relayState;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getEntityID()
-	 */
-	@Override
-	public String getEntityID() {
-		return entityID;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#isVerified()
-	 */
-	@Override
-	public boolean isVerified() {
-		return verified;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getInboundMessage()
-	 */
-	@Override
-	public Element getInboundMessage() {
-		return samlMessage;
-	}
+public class InboundMessage implements InboundMessageInterface, Serializable {
+  private static final Logger log = LoggerFactory.getLogger(InboundMessage.class);
+
+  private static final long serialVersionUID = 2395131650841669663L;
+
+  private Element samlMessage = null;
+  private boolean verified = false;
+  private String entityID = null;
+  private String relayState = null;
+
+  /**
+   * Get SAML2 metadata for Entity that sends this request.
+   *
+   * @param metadataProvider Metadataprovider
+   * @return EntityDescriptor from metadata
+   * @throws NoMetadataInformationException In case of an error
+   */
+  public EntityDescriptor getEntityMetadata(final IPvpMetadataProvider metadataProvider)
+      throws NoMetadataInformationException {
+    try {
+      if (metadataProvider == null) {
+        throw new NullPointerException("No PVP MetadataProvider found.");
+      }
+
+      return metadataProvider.getEntityDescriptor(this.entityID);
+
+    } catch (final MetadataProviderException e) {
+      log.warn("No Metadata for EntitiyID " + entityID);
+      throw new NoMetadataInformationException();
+    }
+  }
+
+  /**
+   * Set EntitId of requester.
+   *
+   * @param entitiyID the entitiyID to set
+   */
+  public void setEntityID(final String entitiyID) {
+    this.entityID = entitiyID;
+  }
+
+  public void setVerified(final boolean verified) {
+    this.verified = verified;
+  }
+
+  /**
+   * Set relayState from requester.
+   *
+   * @param relayState the relayState to set
+   */
+  public void setRelayState(final String relayState) {
+    this.relayState = relayState;
+  }
+
+  /**
+   * Set full SAML2 message.
+   *
+   * @param msg message
+   */
+  public void setSamlMessage(final Element msg) {
+    this.samlMessage = msg;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getRelayState()
+   */
+  @Override
+  public String getRelayState() {
+    return relayState;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getEntityID()
+   */
+  @Override
+  public String getEntityID() {
+    return entityID;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#isVerified()
+   */
+  @Override
+  public boolean isVerified() {
+    return verified;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.messages.PVP21InboundMessage#getInboundMessage()
+   */
+  @Override
+  public Element getInboundMessage() {
+    return samlMessage;
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileRequest.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileRequest.java
deleted file mode 100644
index 9c9c913d..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileRequest.java
+++ /dev/null
@@ -1,69 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.message;
-
-
-import org.opensaml.Configuration;
-import org.opensaml.xml.io.Unmarshaller;
-import org.opensaml.xml.io.UnmarshallerFactory;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.opensaml.xml.signature.SignableXMLObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class PVPSProfileRequest extends InboundMessage{
-	private static final Logger log = LoggerFactory.getLogger(PVPSProfileRequest.class);
-	
-	private static final long serialVersionUID = 8613921176727607896L;
-
-	private String binding = null;
-	
-	public PVPSProfileRequest(SignableXMLObject inboundMessage, String binding) {
-		setSAMLMessage(inboundMessage.getDOM());
-		this.binding = binding;
-		
-	}
-	
-	public String getRequestBinding() {
-		return binding;
-	}
-	
-	public SignableXMLObject getSamlRequest() {
-		UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
-		Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(getInboundMessage());
-		
-		try {
-			return (SignableXMLObject) unmashaller.unmarshall(getInboundMessage());
-			
-		} catch (UnmarshallingException e) {
-			log.warn("AuthnRequest Unmarshaller error", e);
-			return null;
-		}
-		
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileResponse.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileResponse.java
deleted file mode 100644
index 107aa731..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PVPSProfileResponse.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.message;
-
-import org.opensaml.Configuration;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.xml.io.Unmarshaller;
-import org.opensaml.xml.io.UnmarshallerFactory;
-import org.opensaml.xml.io.UnmarshallingException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-public class PVPSProfileResponse extends InboundMessage {
-		
-	private static final Logger log = LoggerFactory.getLogger(PVPSProfileResponse.class);
-	
-	private static final long serialVersionUID = -1133012928130138501L;
-
-	public PVPSProfileResponse(StatusResponseType response) {
-		setSAMLMessage(response.getDOM());
-	}
-
-	public StatusResponseType getResponse() {		
-		UnmarshallerFactory unmarshallerFactory = Configuration.getUnmarshallerFactory();
-		Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(getInboundMessage());
-		
-		try {
-			return (StatusResponseType) unmashaller.unmarshall(getInboundMessage());
-			
-		} catch (UnmarshallingException e) {
-			log.warn("AuthnResponse Unmarshaller error", e);
-			return null;
-		}
-		
-	}
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java
new file mode 100644
index 00000000..dce2dd04
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileRequest.java
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.message;
+
+
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.opensaml.xml.signature.SignableXMLObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class PvpSProfileRequest extends InboundMessage {
+  private static final Logger log = LoggerFactory.getLogger(PvpSProfileRequest.class);
+
+  private static final long serialVersionUID = 8613921176727607896L;
+
+  private String binding = null;
+
+  /**
+   * PVP2 S-Profil request DAO.
+   *
+   * @param inboundMessage SAML2 request object
+   * @param binding Used SAML2 binding
+   */
+  public PvpSProfileRequest(final SignableXMLObject inboundMessage, final String binding) {
+    setSamlMessage(inboundMessage.getDOM());
+    this.binding = binding;
+
+  }
+
+  public String getRequestBinding() {
+    return binding;
+  }
+
+  /**
+   * Get SAML2 request object.
+   *
+   * @return
+   */
+  public SignableXMLObject getSamlRequest() {
+    final UnmarshallerFactory unmarshallerFactory =
+        org.opensaml.xml.Configuration.getUnmarshallerFactory();
+    final Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(getInboundMessage());
+
+    try {
+      return (SignableXMLObject) unmashaller.unmarshall(getInboundMessage());
+
+    } catch (final UnmarshallingException e) {
+      log.warn("AuthnRequest Unmarshaller error", e);
+      return null;
+    }
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileResponse.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileResponse.java
new file mode 100644
index 00000000..8d1cbe8c
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/message/PvpSProfileResponse.java
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.message;
+
+import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class PvpSProfileResponse extends InboundMessage {
+
+  private static final Logger log = LoggerFactory.getLogger(PvpSProfileResponse.class);
+
+  private static final long serialVersionUID = -1133012928130138501L;
+
+  public PvpSProfileResponse(final StatusResponseType response) {
+    setSamlMessage(response.getDOM());
+  }
+
+  /**
+   * Get SAML2 Response object.
+   *
+   * @return
+   */
+  public StatusResponseType getResponse() {
+    final UnmarshallerFactory unmarshallerFactory =
+        org.opensaml.xml.Configuration.getUnmarshallerFactory();
+    final Unmarshaller unmashaller = unmarshallerFactory.getUnmarshaller(getInboundMessage());
+
+    try {
+      return (StatusResponseType) unmashaller.unmarshall(getInboundMessage());
+
+    } catch (final UnmarshallingException e) {
+      log.warn("AuthnResponse Unmarshaller error", e);
+      return null;
+    }
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
index 08ef26ab..ec81353a 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/AbstractChainingMetadataProvider.java
@@ -1,29 +1,22 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.metadata;
 
 import java.io.IOException;
@@ -35,9 +28,12 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Timer;
-
 import javax.xml.namespace.QName;
-
+import at.gv.egiz.components.spring.api.IDestroyableObject;
+import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
@@ -52,419 +48,474 @@ import org.opensaml.xml.XMLObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import at.gv.egiz.components.spring.api.IDestroyableObject;
-import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
-import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPVPMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
-
 public abstract class AbstractChainingMetadataProvider extends SimpleMetadataProvider
-	implements ObservableMetadataProvider, IGarbageCollectorProcessing, 
-	IRefreshableMetadataProvider, IDestroyableObject, IPVPMetadataProvider {
-
-	private static final Logger log = LoggerFactory.getLogger(AbstractChainingMetadataProvider.class);
-	
-	private MetadataProvider internalProvider = null;
-	private static Object mutex = new Object();	
-	private Timer timer = null; 
-	
-		
-	public AbstractChainingMetadataProvider() {
-		internalProvider = new ChainingMetadataProvider();	
-		
-	}
-	
-	public final Timer getTimer() {
-		return this.timer;
-		
-	}
-	
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector()
-	 */
-	@Override
-	public void runGarbageCollector() {
-		synchronized (mutex) {			
-			/**add new Metadataprovider or remove Metadataprovider which are not in use any more.**/
-			try {
-				log.trace("Check consistence of PVP2X metadata");	
-				addAndRemoveMetadataProvider(); 
-					
-			} catch (EAAFConfigurationException e) {
-				log.error("Access to MOA-ID configuration FAILED.", e);
-					
-			}
-		}
-		
-	}
-			
-	public void fullyDestroy() {
-		internalDestroy();
-			
-	}
-	
-	@Override
-	public synchronized boolean refreshMetadataProvider(String entityID) {
-		try {			
-			//check if metadata provider is already loaded
-			try {
-				if (internalProvider.getEntityDescriptor(entityID) != null)
-					return true;
-				
-			} catch (MetadataProviderException e) {}
-			
-			
-			//reload metadata provider 
-			String metadataURL = getMetadataURL(entityID);
-			if (StringUtils.isNotEmpty(metadataURL)) {
-				Map<String, HTTPMetadataProvider> actuallyLoadedProviders = getAllActuallyLoadedProviders();
-
-				// check if MetadataProvider is actually loaded
-				if (actuallyLoadedProviders.containsKey(metadataURL)) {
-					actuallyLoadedProviders.get(metadataURL).refresh();						
-					log.info("SAML2 metadata for service provider: " 
-							+ entityID + " is refreshed.");
-					return true;
-						
-				} else {
-					//load new Metadata Provider
-					if (timer == null)
-						timer = new Timer(true);
-
-					ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;											
-					chainProvider.addMetadataProvider(createNewMetadataProvider(entityID));
-					
-					emitChangeEvent();						
-					log.info("SAML2 metadata for service provider: " 
-							+ entityID + " is added.");
-					return true;
-						
-				}
-															
-			} else
-				log.debug("Can not refresh SAML2 metadata: NO SAML2 metadata URL for SP with Id: " + entityID);
-																	
-		} catch (MetadataProviderException e) {
-			log.warn("Refresh SAML2 metadata for service provider: " 
-					+ entityID + " FAILED.", e);
-			
-		} catch (IOException e) {
-			log.warn("Refresh SAML2 metadata for service provider: " 
-					+ entityID + " FAILED.", e);
-			
-		} catch (EAAFConfigurationException e) {			
-			log.warn("Refresh SAML2 metadata for service provider: " 
-					+ entityID + " FAILED.", e);
-			
-		} catch (CertificateException e) {
-			log.warn("Refresh SAML2 metadata for service provider: " 
-					+ entityID + " FAILED.", e);
-			
-		}
-		
-		return false;
-		
-	}
-			
-	public void internalDestroy() {
-		if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
-			log.info("Destrorying PVP-Authentication MetaDataProvider.");
-			ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;				
-			
-			List<MetadataProvider> providers = chainProvider.getProviders();
-			for (MetadataProvider provider : providers) {
-				if (provider instanceof HTTPMetadataProvider) {
-					HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
-					log.debug("Destroy HTTPMetadataProvider +" + httpprovider.getMetadataURI());
-					httpprovider.destroy();
-					
-				} else {
-					log.warn("MetadataProvider can not be destroyed.");
-				}
-			}
-				
-			internalProvider = new ChainingMetadataProvider();
-			
-			if (timer != null)
-				timer.cancel();
-			
-		} else {
-			log.warn("ReInitalize MOAMetaDataProvider is not possible! MOA-ID Instance has to be restarted manualy");
-		}
-	}
-	
-	
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#requireValidMetadata()
-	 */
-	@Override
-	public boolean requireValidMetadata() {
-		return internalProvider.requireValidMetadata();
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setRequireValidMetadata(boolean)
-	 */
-	@Override
-	public void setRequireValidMetadata(boolean requireValidMetadata) {
-		internalProvider.setRequireValidMetadata(requireValidMetadata);
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadataFilter()
-	 */
-	@Override
-	public MetadataFilter getMetadataFilter() {
-		return internalProvider.getMetadataFilter();
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setMetadataFilter(org.opensaml.saml2.metadata.provider.MetadataFilter)
-	 */
-	@Override
-	public void setMetadataFilter(MetadataFilter newFilter)
-			throws MetadataProviderException {
-		internalProvider.setMetadataFilter(newFilter);
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadata()
-	 */
-	@Override
-	public XMLObject getMetadata() throws MetadataProviderException {
-		return internalProvider.getMetadata();
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntitiesDescriptor(java.lang.String)
-	 */
-	@Override
-	public EntitiesDescriptor getEntitiesDescriptor(String entitiesID)
-			throws MetadataProviderException {
-		EntitiesDescriptor entitiesDesc = null;
-		try {
-			entitiesDesc = internalProvider.getEntitiesDescriptor(entitiesID);
-		
-			if (entitiesDesc == null) {
-				log.debug("Can not find PVP metadata for entityID: " + entitiesID 
-						+ " Start refreshing process ...");
-				if (refreshMetadataProvider(entitiesID))
-					return internalProvider.getEntitiesDescriptor(entitiesID);
-									
-			}			
-			
-		} catch (MetadataProviderException e) {
-			log.debug("Can not find PVP metadata for entityID: " + entitiesID 
-					+ " Start refreshing process ...");
-			if (refreshMetadataProvider(entitiesID))
-				return internalProvider.getEntitiesDescriptor(entitiesID);
-			
-		}	
-		
-		return entitiesDesc;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntityDescriptor(java.lang.String)
-	 */
-	@Override
-	public EntityDescriptor getEntityDescriptor(String entityID)
-			throws MetadataProviderException {
-		EntityDescriptor entityDesc = null;
-		try {
-			entityDesc = internalProvider.getEntityDescriptor(entityID);
-			if (entityDesc == null) {
-				log.debug("Can not find PVP metadata for entityID: " + entityID 
-						+ " Start refreshing process ...");
-				if (refreshMetadataProvider(entityID))
-					return internalProvider.getEntityDescriptor(entityID);
-									
-			}
-			
-		} catch (MetadataProviderException e) {
-			log.debug("Can not find PVP metadata for entityID: " + entityID 
-					+ " Start refreshing process ...");
-			if (refreshMetadataProvider(entityID))
-				return internalProvider.getEntityDescriptor(entityID);
-			
-		}
-		
-//		if (entityDesc != null)
-//			lastAccess.put(entityID, new Date());
-		
-		return entityDesc;
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName)
-	 */
-	@Override
-	public List<RoleDescriptor> getRole(String entityID, QName roleName)
-			throws MetadataProviderException {		
-		List<RoleDescriptor> result = internalProvider.getRole(entityID, roleName);
-		
-//		if (result != null)
-//			lastAccess.put(entityID, new Date());
-		
-		return result; 
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang.String, javax.xml.namespace.QName, java.lang.String)
-	 */
-	@Override
-	public RoleDescriptor getRole(String entityID, QName roleName,
-			String supportedProtocol) throws MetadataProviderException {
-		RoleDescriptor result = internalProvider.getRole(entityID, roleName, supportedProtocol);
-		
-//		if (result != null)
-//			lastAccess.put(entityID, new Date());
-		
-		return result; 
-	}
-
-	/* (non-Javadoc)
-	 * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers()
-	 */
-	@Override
-	public List<Observer> getObservers() {
-		return ((ChainingMetadataProvider) internalProvider).getObservers();
-	}
-
-	
-	/**
-	 * Get the URL to metadata for a specific entityID
-	 * 
-	 * @param entityId
-	 * @return
-	 * @throws EAAFConfigurationException 
-	 */
-	protected abstract String getMetadataURL(String entityId) throws EAAFConfigurationException;
-	
-	/**
-	 * Creates a new implementation specific SAML2 metadata provider
-	 * 
-	 * @param entityId
-	 * @return
-	 * @throws EAAFConfigurationException
-	 * @throws IOException 
-	 * @throws CertificateException 
-	 * @throws ConfigurationException 
-	 */
-	protected abstract MetadataProvider createNewMetadataProvider(String entityId) throws EAAFConfigurationException, IOException, CertificateException;
-	
-	/**
-	 * Get a List of metadata URLs for all SAML2 SPs from configuration 
-	 * 
-	 * @throws EAAFConfigurationException
-	 */
-	protected abstract List<String> getAllMetadataURLsFromConfiguration() throws EAAFConfigurationException;
-	
-	
-	protected void emitChangeEvent() {
-		if ((getObservers() == null) || (getObservers().size() == 0)) {
-			return;
-		}
-
-		List<Observer> tempObserverList = new ArrayList<Observer>(getObservers());
-		for (ObservableMetadataProvider.Observer observer : tempObserverList)
-			if (observer != null)
-				observer.onEvent(this);
-	}
-	
-	private Map<String, HTTPMetadataProvider> getAllActuallyLoadedProviders() {
-		Map<String, HTTPMetadataProvider> loadedproviders = new HashMap<String, HTTPMetadataProvider>();
-		ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
-		
-		//make a Map of all actually loaded HTTPMetadataProvider
-		List<MetadataProvider> providers = chainProvider.getProviders();
-		for (MetadataProvider provider : providers) {
-			if (provider instanceof HTTPMetadataProvider) {
-				HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
-				loadedproviders.put(httpprovider.getMetadataURI(), httpprovider);
-
-			}
-		}
-		
-		return loadedproviders;		
-	}
-	
-	private void addAndRemoveMetadataProvider() throws EAAFConfigurationException {
-		if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
-			log.info("Reload MOAMetaDataProvider.");
-			
-			/*OpenSAML ChainingMetadataProvider can not remove a MetadataProvider (UnsupportedOperationException)
-			 *The ChainingMetadataProvider use internal a unmodifiableList to hold all registrated MetadataProviders.*/ 
-			Map<String, MetadataProvider> providersinuse = new HashMap<String, MetadataProvider>();
-			ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
-			
-			//get all actually loaded metadata providers
-			Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders();
-						
-			/* TODO: maybe add metadata provider destroy after timeout.
-			 *       But could be a problem if one Metadataprovider load an EntitiesDescriptor 
-			 *       with more the multiple EntityDescriptors. If one of this EntityDesciptors 
-			 *       are expired the full EntitiesDescriptor is removed. 
-			 *       
-			 *       Timeout requires a better solution in this case! 
-			 */
-									
-			//load all SAML2 SPs form configuration and 
-			//compare actually loaded Providers with configured SAML2 SPs			
-			List<String> allMetadataURLs = getAllMetadataURLsFromConfiguration();
-			
-			if (allMetadataURLs != null) {
-				Iterator<String> metadataURLInterator = allMetadataURLs.iterator();
-				while (metadataURLInterator.hasNext()) {
-					String metadataurl = metadataURLInterator.next();			
-					try {
-						if (StringUtils.isNotEmpty(metadataurl)) {						
-							if (loadedproviders.containsKey(metadataurl)) {									
-								//	SAML2 SP is actually loaded, to nothing
-								providersinuse.put(metadataurl, loadedproviders.get(metadataurl));
-								loadedproviders.remove(metadataurl);
-													
-							}
-						}
-					} catch (Throwable e) {
-						log.error(
-						"Failed to add Metadata (unhandled reason: " + e.getMessage(), e);
-										
-					}	
-				}
-			}
-			
-			//remove all actually loaded MetadataProviders with are not in ConfigurationDB any more
-			Collection<HTTPMetadataProvider> notusedproviders = loadedproviders.values();
-			for (HTTPMetadataProvider provider : notusedproviders) {
-				String metadataurl = provider.getMetadataURI();				
-				try {					
-					provider.destroy();
-					
-					/*OpenSAML ChainingMetadataProvider can not remove a MetadataProvider (UnsupportedOperationException)
-					 *The ChainingMetadataProvider use internal a unmodifiableList to hold all registrated MetadataProviders.*/
-					//chainProvider.removeMetadataProvider(provider);					
-					log.info("Remove not used MetadataProvider with MetadataURL " + metadataurl);
-					
-				} catch (Throwable e) {
-					log.error("HTTPMetadataProvider with URL " + metadataurl 
-							+ " can not be removed from the list of actually loaded Providers.", e);
-					
-				}
-				
-			}
-			
-			try {
-				chainProvider.setProviders(new ArrayList<MetadataProvider>(providersinuse.values()));				
-				emitChangeEvent();
-								
-			} catch (MetadataProviderException e) {
-				log.warn("ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy", e);
-														
-			}
-			
-		} else
-			log.warn("ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy");
-		
-	}
+    implements ObservableMetadataProvider, IGarbageCollectorProcessing,
+    IRefreshableMetadataProvider, IDestroyableObject, IPvpMetadataProvider {
+
+  private static final Logger log = LoggerFactory.getLogger(AbstractChainingMetadataProvider.class);
+
+  private MetadataProvider internalProvider = null;
+  private static Object mutex = new Object();
+  private Timer timer = null;
+
+
+  public AbstractChainingMetadataProvider() {
+    internalProvider = new ChainingMetadataProvider();
+
+  }
+
+  public final Timer getTimer() {
+    return this.timer;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.config.auth.IGarbageCollectorProcessing#runGarbageCollector()
+   */
+  @Override
+  public void runGarbageCollector() {
+    synchronized (mutex) {
+      /* add new Metadataprovider or remove Metadataprovider which are not in use any more. */
+      try {
+        log.trace("Check consistence of PVP2X metadata");
+        addAndRemoveMetadataProvider();
+
+      } catch (final EaafConfigurationException e) {
+        log.error("Access to MOA-ID configuration FAILED.", e);
+
+      }
+    }
+
+  }
+
+  @Override
+  public void fullyDestroy() {
+    internalDestroy();
+
+  }
+
+  @Override
+  public synchronized boolean refreshMetadataProvider(final String entityID) {
+    try {
+      // check if metadata provider is already loaded
+      try {
+        if (internalProvider.getEntityDescriptor(entityID) != null) {
+          return true;
+        }
+
+      } catch (final MetadataProviderException e) {
+        log.debug("Metadata for EntityId: {} is not valid. Starting refresh ... ", entityID);
+
+      }
+
+
+      // reload metadata provider
+      final String metadataUrl = getMetadataUrl(entityID);
+      if (StringUtils.isNotEmpty(metadataUrl)) {
+        final Map<String, HTTPMetadataProvider> actuallyLoadedProviders =
+            getAllActuallyLoadedProviders();
+
+        // check if MetadataProvider is actually loaded
+        if (actuallyLoadedProviders.containsKey(metadataUrl)) {
+          actuallyLoadedProviders.get(metadataUrl).refresh();
+          log.info("SAML2 metadata for service provider: " + entityID + " is refreshed.");
+          return true;
+
+        } else {
+          // load new Metadata Provider
+          if (timer == null) {
+            timer = new Timer(true);
+          }
+
+          final ChainingMetadataProvider chainProvider =
+              (ChainingMetadataProvider) internalProvider;
+          chainProvider.addMetadataProvider(createNewMetadataProvider(entityID));
+
+          emitChangeEvent();
+          log.info("SAML2 metadata for service provider: " + entityID + " is added.");
+          return true;
+
+        }
+
+      } else {
+        log.debug(
+            "Can not refresh SAML2 metadata: NO SAML2 metadata URL for SP with Id: " + entityID);
+      }
+
+    } catch (final MetadataProviderException e) {
+      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
+
+    } catch (final IOException e) {
+      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
+
+    } catch (final EaafConfigurationException e) {
+      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
+
+    } catch (final CertificateException e) {
+      log.warn("Refresh SAML2 metadata for service provider: " + entityID + " FAILED.", e);
+
+    }
+
+    return false;
+
+  }
+
+  /**
+   * Close metadata provider and remove all loaded metadata.
+   *
+   */
+  public void internalDestroy() {
+    if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
+      log.info("Destrorying PVP-Authentication MetaDataProvider.");
+      final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
+
+      final List<MetadataProvider> providers = chainProvider.getProviders();
+      for (final MetadataProvider provider : providers) {
+        if (provider instanceof HTTPMetadataProvider) {
+          final HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
+          log.debug("Destroy HTTPMetadataProvider +" + httpprovider.getMetadataURI());
+          httpprovider.destroy();
+
+        } else {
+          log.warn("MetadataProvider can not be destroyed.");
+        }
+      }
+
+      internalProvider = new ChainingMetadataProvider();
+
+      if (timer != null) {
+        timer.cancel();
+      }
+
+    } else {
+      log.warn(
+          "ReInitalize MOAMetaDataProvider is not possible! MOA-ID Instance has to be restarted manualy");
+    }
+  }
+
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#requireValidMetadata()
+   */
+  @Override
+  public boolean requireValidMetadata() {
+    return internalProvider.requireValidMetadata();
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setRequireValidMetadata
+   * (boolean)
+   */
+  @Override
+  public void setRequireValidMetadata(final boolean requireValidMetadata) {
+    internalProvider.setRequireValidMetadata(requireValidMetadata);
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadataFilter()
+   */
+  @Override
+  public MetadataFilter getMetadataFilter() {
+    return internalProvider.getMetadataFilter();
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#setMetadataFilter(org.
+   * opensaml.saml2.metadata.provider.MetadataFilter)
+   */
+  @Override
+  public void setMetadataFilter(final MetadataFilter newFilter) throws MetadataProviderException {
+    internalProvider.setMetadataFilter(newFilter);
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getMetadata()
+   */
+  @Override
+  public XMLObject getMetadata() throws MetadataProviderException {
+    return internalProvider.getMetadata();
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntitiesDescriptor(
+   * java.lang.String)
+   */
+  @Override
+  public EntitiesDescriptor getEntitiesDescriptor(final String entitiesID)
+      throws MetadataProviderException {
+    EntitiesDescriptor entitiesDesc = null;
+    try {
+      entitiesDesc = internalProvider.getEntitiesDescriptor(entitiesID);
+
+      if (entitiesDesc == null) {
+        log.debug("Can not find PVP metadata for entityID: " + entitiesID
+            + " Start refreshing process ...");
+        if (refreshMetadataProvider(entitiesID)) {
+          return internalProvider.getEntitiesDescriptor(entitiesID);
+        }
+
+      }
+
+    } catch (final MetadataProviderException e) {
+      log.debug("Can not find PVP metadata for entityID: " + entitiesID
+          + " Start refreshing process ...");
+      if (refreshMetadataProvider(entitiesID)) {
+        return internalProvider.getEntitiesDescriptor(entitiesID);
+      }
+
+    }
+
+    return entitiesDesc;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getEntityDescriptor(
+   * java.lang.String)
+   */
+  @Override
+  public EntityDescriptor getEntityDescriptor(final String entityID)
+      throws MetadataProviderException {
+    EntityDescriptor entityDesc = null;
+    try {
+      entityDesc = internalProvider.getEntityDescriptor(entityID);
+      if (entityDesc == null) {
+        log.debug("Can not find PVP metadata for entityID: " + entityID
+            + " Start refreshing process ...");
+        if (refreshMetadataProvider(entityID)) {
+          return internalProvider.getEntityDescriptor(entityID);
+        }
+
+      }
+
+    } catch (final MetadataProviderException e) {
+      log.debug(
+          "Can not find PVP metadata for entityID: " + entityID + " Start refreshing process ...");
+      if (refreshMetadataProvider(entityID)) {
+        return internalProvider.getEntityDescriptor(entityID);
+      }
+
+    }
+
+    // if (entityDesc != null)
+    // lastAccess.put(entityID, new Date());
+
+    return entityDesc;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang.
+   * String, javax.xml.namespace.QName)
+   */
+  @Override
+  public List<RoleDescriptor> getRole(final String entityID, final QName roleName)
+      throws MetadataProviderException {
+    final List<RoleDescriptor> result = internalProvider.getRole(entityID, roleName);
+
+    // if (result != null)
+    // lastAccess.put(entityID, new Date());
+
+    return result;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.protocols.pvp2x.metadata.IEAAFMetadataProvider#getRole(java.lang.
+   * String, javax.xml.namespace.QName, java.lang.String)
+   */
+  @Override
+  public RoleDescriptor getRole(final String entityID, final QName roleName,
+      final String supportedProtocol) throws MetadataProviderException {
+    final RoleDescriptor result = internalProvider.getRole(entityID, roleName, supportedProtocol);
+
+    // if (result != null)
+    // lastAccess.put(entityID, new Date());
+
+    return result;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see org.opensaml.saml2.metadata.provider.ObservableMetadataProvider#getObservers()
+   */
+  @Override
+  public List<Observer> getObservers() {
+    return ((ChainingMetadataProvider) internalProvider).getObservers();
+  }
+
+
+  /**
+   * Get the URL to metadata for a specific entityID.
+   *
+   * @param entityId EntityId
+   * @return URL to metadata
+   * @throws EaafConfigurationException In case of an error
+   */
+  protected abstract String getMetadataUrl(String entityId) throws EaafConfigurationException;
+
+  /**
+   * Creates a new implementation specific SAML2 metadata provider.
+   *
+   * @param entityId EntityId
+   * @return MetadataProvider
+   * @throws EaafConfigurationException In case of an error
+   * @throws IOException  In case of an error
+   * @throws CertificateException  In case of an error
+   * @throws ConfigurationException  In case of an error
+   */
+  protected abstract MetadataProvider createNewMetadataProvider(String entityId)
+      throws EaafConfigurationException, IOException, CertificateException;
+
+  /**
+   * Get a List of metadata URLs for all SAML2 SPs from configuration.
+   *
+   * @throws EaafConfigurationException In case of an error
+   */
+  protected abstract List<String> getAllMetadataUrlsFromConfiguration()
+      throws EaafConfigurationException;
+
+
+  protected void emitChangeEvent() {
+    if ((getObservers() == null) || (getObservers().size() == 0)) {
+      return;
+    }
+
+    final List<Observer> tempObserverList = new ArrayList<>(getObservers());
+    for (final ObservableMetadataProvider.Observer observer : tempObserverList) {
+      if (observer != null) {
+        observer.onEvent(this);
+      }
+    }
+  }
+
+  private Map<String, HTTPMetadataProvider> getAllActuallyLoadedProviders() {
+    final Map<String, HTTPMetadataProvider> loadedproviders =
+        new HashMap<>();
+    final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
+
+    // make a Map of all actually loaded HTTPMetadataProvider
+    final List<MetadataProvider> providers = chainProvider.getProviders();
+    for (final MetadataProvider provider : providers) {
+      if (provider instanceof HTTPMetadataProvider) {
+        final HTTPMetadataProvider httpprovider = (HTTPMetadataProvider) provider;
+        loadedproviders.put(httpprovider.getMetadataURI(), httpprovider);
+
+      }
+    }
+
+    return loadedproviders;
+  }
+
+  private void addAndRemoveMetadataProvider() throws EaafConfigurationException {
+    if (internalProvider != null && internalProvider instanceof ChainingMetadataProvider) {
+      log.info("Reload MOAMetaDataProvider.");
+
+      /*
+       * OpenSAML ChainingMetadataProvider can not remove a MetadataProvider
+       * (UnsupportedOperationException) The ChainingMetadataProvider use internal a
+       * unmodifiableList to hold all registrated MetadataProviders.
+       */
+      final Map<String, MetadataProvider> providersinuse = new HashMap<>();
+      final ChainingMetadataProvider chainProvider = (ChainingMetadataProvider) internalProvider;
+
+      // get all actually loaded metadata providers
+      final Map<String, HTTPMetadataProvider> loadedproviders = getAllActuallyLoadedProviders();
+
+      /*
+       * TODO: maybe add metadata provider destroy after timeout. But could be a problem if one
+       * Metadataprovider load an EntitiesDescriptor with more the multiple EntityDescriptors. If
+       * one of this EntityDesciptors are expired the full EntitiesDescriptor is removed.
+       *
+       * Timeout requires a better solution in this case!
+       */
+
+      // load all SAML2 SPs form configuration and
+      // compare actually loaded Providers with configured SAML2 SPs
+      final List<String> allMetadataUrls = getAllMetadataUrlsFromConfiguration();
+
+      if (allMetadataUrls != null) {
+        final Iterator<String> metadataUrlInterator = allMetadataUrls.iterator();
+        while (metadataUrlInterator.hasNext()) {
+          final String metadataurl = metadataUrlInterator.next();
+          try {
+            if (StringUtils.isNotEmpty(metadataurl)) {
+              if (loadedproviders.containsKey(metadataurl)) {
+                // SAML2 SP is actually loaded, to nothing
+                providersinuse.put(metadataurl, loadedproviders.get(metadataurl));
+                loadedproviders.remove(metadataurl);
+
+              }
+            }
+          } catch (final Throwable e) {
+            log.error("Failed to add Metadata (unhandled reason: " + e.getMessage(), e);
+
+          }
+        }
+      }
+
+      // remove all actually loaded MetadataProviders with are not in ConfigurationDB any more
+      final Collection<HTTPMetadataProvider> notusedproviders = loadedproviders.values();
+      for (final HTTPMetadataProvider provider : notusedproviders) {
+        final String metadataurl = provider.getMetadataURI();
+        try {
+          provider.destroy();
+
+          /*
+           * OpenSAML ChainingMetadataProvider can not remove a MetadataProvider
+           * (UnsupportedOperationException) The ChainingMetadataProvider use internal a
+           * unmodifiableList to hold all registrated MetadataProviders.
+           */
+          // chainProvider.removeMetadataProvider(provider);
+          log.info("Remove not used MetadataProvider with MetadataURL " + metadataurl);
+
+        } catch (final Throwable e) {
+          log.error("HTTPMetadataProvider with URL " + metadataurl
+              + " can not be removed from the list of actually loaded Providers.", e);
+
+        }
+
+      }
+
+      try {
+        chainProvider.setProviders(new ArrayList<>(providersinuse.values()));
+        emitChangeEvent();
+
+      } catch (final MetadataProviderException e) {
+        log.warn(
+            "ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy",
+            e);
+
+      }
+
+    } else {
+      log.warn(
+          "ReInitalize AbstractMetaDataProvider is not possible! Service has to be restarted manualy");
+    }
+
+  }
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java
index 06065a82..04c1dcb8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/MetadataFilterChain.java
@@ -1,34 +1,26 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.metadata;
 
 import java.util.ArrayList;
 import java.util.List;
-
 import org.opensaml.saml2.metadata.provider.FilterException;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
 import org.opensaml.xml.XMLObject;
@@ -37,44 +29,48 @@ import org.slf4j.LoggerFactory;
 
 
 /**
+ * Metadata filter-chain implementation.
+ *
  * @author tlenz
  *
  */
 public class MetadataFilterChain implements MetadataFilter {
-	private static final Logger log = LoggerFactory.getLogger(MetadataFilterChain.class);
-		
-	
-	private List<MetadataFilter> filters = new ArrayList<MetadataFilter>();
-		
-	/**
-	 * Return all actually used Metadata filters
-	 * 
-	 * @return List of Metadata filters
-	 */
-	public List<MetadataFilter> getFilters() {
-		return filters;
-	}
-	
-	/**
-	 * Add a new Metadata filter to filterchain
-	 * 
-	 * @param filter 
-	 */
-	public void addFilter(MetadataFilter filter) {
-		filters.add(filter);
-	}
-	
-	
-	/* (non-Javadoc)
-	 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
-	 */
-	@Override
-	public void doFilter(XMLObject arg0) throws FilterException {
-		for (MetadataFilter filter : filters) {
-			log.trace("Use EAAFMetadataFilter " + filter.getClass().getName());
-			filter.doFilter(arg0);
-		}
+  private static final Logger log = LoggerFactory.getLogger(MetadataFilterChain.class);
+
+
+  private final List<MetadataFilter> filters = new ArrayList<>();
+
+  /**
+   * Return all actually used Metadata filters.
+   *
+   * @return List of Metadata filters
+   */
+  public List<MetadataFilter> getFilters() {
+    return filters;
+  }
+
+  /**
+   * Add a new Metadata filter to filterchain.
+   *
+   * @param filter add a metadata filter
+   */
+  public void addFilter(final MetadataFilter filter) {
+    filters.add(filter);
+  }
+
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+   */
+  @Override
+  public void doFilter(final XMLObject arg0) throws FilterException {
+    for (final MetadataFilter filter : filters) {
+      log.trace("Use EAAFMetadataFilter " + filter.getClass().getName());
+      filter.doFilter(arg0);
+    }
 
-	}
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java
index c16ca5fd..67dd1d35 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/metadata/SimpleMetadataProvider.java
@@ -1,37 +1,32 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.metadata;
 
 import java.io.File;
 import java.net.MalformedURLException;
 import java.util.Timer;
-
 import javax.net.ssl.SSLHandshakeException;
-
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
 import org.apache.commons.httpclient.HttpClient;
 import org.opensaml.saml2.metadata.provider.FilesystemMetadataProvider;
 import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
@@ -42,195 +37,193 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
-
 /**
+ * Simple SAML2 metadata provider.
+ *
  * @author tlenz
  *
  */
-public abstract class SimpleMetadataProvider implements MetadataProvider{
-	private static final Logger log = LoggerFactory.getLogger(SimpleMetadataProvider.class);
-	
-	private static final String URI_PREFIX_HTTP = "http:";
-	private static final String URI_PREFIX_HTTPS = "https:";
-	private static final String URI_PREFIX_FILE = "file:";
-	
-	
-	@Autowired 
-	protected IConfiguration authConfig;
-
-	
-	/**
-	 * Create a single SAML2 metadata provider
-	 * 
-	 * @param metadataLocation where the metadata should be loaded, but never null. If the location starts with http(s):, than a http
-	 *  based metadata provider is used. If the location starts with file:, than a filesystem based metadata provider is used
-	 * @param filter Filters, which should be used to validate the metadata
-	 * @param IdForLogging Id, which is used for Logging
-	 * @param timer {@link Timer} which is used to schedule metadata refresh operations
-	 * @param httpClient Apache commons 3.x http client
-	 * 
-	 * @return SAML2 Metadata Provider, or null if the metadata provider can not initialized
-	 */
-	protected MetadataProvider createNewSimpleMetadataProvider(String metadataLocation, MetadataFilter filter, 
-			String IdForLogging, Timer timer, ParserPool pool, HttpClient httpClient) {
-		if (metadataLocation.startsWith(URI_PREFIX_HTTP) || metadataLocation.startsWith(URI_PREFIX_HTTPS)) {
-			if (httpClient != null)
-				return createNewHTTPMetaDataProvider(metadataLocation, filter, IdForLogging, timer, pool, httpClient);
-			
-			else {
-				log.warn("Can not load http(s) based SAML2 metadata without a HTTP client");		
-				return null;
-			}
-		 
-		} else {
-			String absoluteMetadataLocation;
-			try {
-				absoluteMetadataLocation = FileUtils.makeAbsoluteURL(
-						metadataLocation,
-						authConfig.getConfigurationRootDirectory());
-				
-				if (absoluteMetadataLocation.startsWith(URI_PREFIX_FILE)) {
-					File metadataFile = new File(absoluteMetadataLocation);
-					if (metadataFile.exists())
-						return createNewFileSystemMetaDataProvider(metadataFile, filter, IdForLogging, timer, pool);
-					
-					else {
-						log.warn("SAML2 metadata file: " + absoluteMetadataLocation + " not found or not exist");
-						return null;
-					}
-					
-				}	
-				
-				
-			} catch (MalformedURLException e) {
-				log.warn("SAML2 metadata URL is invalid: " + metadataLocation, e);
-				
-			}
-							
-		}
-		
-		log.warn("SAML2 metadata has an unsupported metadata location prefix: " + metadataLocation);		
-		return null;
-		
-	}
-	
-	
-	/**
-	 * Create a single SAML2 filesystem based metadata provider
-	 * 
-	 * @param metadataFile File, where the metadata should be loaded
-	 * @param filter Filters, which should be used to validate the metadata
-	 * @param IdForLogging Id, which is used for Logging
-	 * @param timer {@link Timer} which is used to schedule metadata refresh operations
-	 * @param pool 
-	 * 
-	 * @return SAML2 Metadata Provider
-	 */	
-	private MetadataProvider createNewFileSystemMetaDataProvider(File metadataFile, MetadataFilter filter, String IdForLogging, Timer timer, ParserPool pool) {
-		FilesystemMetadataProvider fileSystemProvider = null;
-		try {
-			fileSystemProvider = new FilesystemMetadataProvider(timer, metadataFile);
-			fileSystemProvider.setParserPool(pool);
-			fileSystemProvider.setRequireValidMetadata(true);
-			fileSystemProvider.setMinRefreshDelay(1000*60*15); //15 minutes
-			fileSystemProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours
-			//httpProvider.setRefreshDelayFactor(0.1F);
-			
-			fileSystemProvider.setMetadataFilter(filter);
-			fileSystemProvider.initialize();
-			
-			fileSystemProvider.setRequireValidMetadata(true);
-			
-			return fileSystemProvider;
-						
-		} catch (Exception e) {
-			log.warn(
-					"Failed to load Metadata file for "
-							+ IdForLogging + "[ "
-							+ "File: " + metadataFile.getAbsolutePath()
-							+ " Msg: " + e.getMessage() + " ]", e);
-			
-			
-			log.warn("Can not initialize SAML2 metadata provider from filesystem: " + metadataFile.getAbsolutePath()
-					+ " Reason: " + e.getMessage(), e);
-			
-			if (fileSystemProvider != null)
-				fileSystemProvider.destroy();
-			
-		}
-				
-		return null;
-				
-	}
-	
-	
-	
-	/**
-	 * Create a single SAML2 HTTP metadata provider
-	 * 
-	 * @param metadataURL URL, where the metadata should be loaded
-	 * @param filter Filters, which should be used to validate the metadata
-	 * @param IdForLogging Id, which is used for Logging
-	 * @param timer {@link Timer} which is used to schedule metadata refresh operations
-	 * @param pool 
-	 * 
-	 * @return SAML2 Metadata Provider
-	 */
-	private MetadataProvider createNewHTTPMetaDataProvider(String metadataURL, MetadataFilter filter, String IdForLogging, Timer timer, ParserPool pool, HttpClient httpClient) {
-		HTTPMetadataProvider httpProvider = null;
-		try {			
-			httpProvider = new HTTPMetadataProvider(timer, httpClient, 
-					metadataURL);
-			httpProvider.setParserPool(pool);
-			httpProvider.setRequireValidMetadata(true);
-			httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes
-			httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours
-			//httpProvider.setRefreshDelayFactor(0.1F);
-			
-			httpProvider.setMetadataFilter(filter);
-			httpProvider.initialize();
-			
-			httpProvider.setRequireValidMetadata(true);
-			
-			return httpProvider;
-						
-		} catch (Throwable e) {			
-			if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
-				log.warn("SSL-Server certificate for metadata " 
-						+ metadataURL + " not trusted.", e);
-				
-			} if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {				
-				log.warn("Signature verification for metadata" 
-						+ metadataURL + " FAILED.", e);
-			 
-			} if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
-				log.warn("Schema validation for metadata " 
-						+ metadataURL + " FAILED.", e);								
-			}
-			
-			log.warn(
-					"Failed to load Metadata file for "
-							+ IdForLogging + "[ "
-							+ e.getMessage() + " ]", e);
-						
-			if (httpProvider != null) {
-				log.debug("Destroy failed Metadata provider");
-				httpProvider.destroy();
-			}
-			
-//			if (timer != null) {
-//				log.debug("Destroy Timer.");
-//				timer.cancel();
-//			}
-
-			
-		}
-		
-		return null;	
-	}
+public abstract class SimpleMetadataProvider implements MetadataProvider {
+  private static final Logger log = LoggerFactory.getLogger(SimpleMetadataProvider.class);
+
+  private static final String URI_PREFIX_HTTP = "http:";
+  private static final String URI_PREFIX_HTTPS = "https:";
+  private static final String URI_PREFIX_FILE = "file:";
+
+
+  @Autowired
+  protected IConfiguration authConfig;
+
+
+  /**
+   * Create a single SAML2 metadata provider.
+   *
+   * @param metadataLocation where the metadata should be loaded, but never null. If the location
+   *        starts with http(s):, than a http based metadata provider is used. If the location
+   *        starts with file:, than a filesystem based metadata provider is used
+   * @param filter Filters, which should be used to validate the metadata
+   * @param idForLogging Id, which is used for Logging
+   * @param timer {@link Timer} which is used to schedule metadata refresh operations
+   * @param httpClient Apache commons 3.x http client
+   *
+   * @return SAML2 Metadata Provider, or null if the metadata provider can not initialized
+   */
+  protected MetadataProvider createNewSimpleMetadataProvider(final String metadataLocation,
+      final MetadataFilter filter, final String idForLogging, final Timer timer,
+      final ParserPool pool, final HttpClient httpClient) {
+    if (metadataLocation.startsWith(URI_PREFIX_HTTP)
+        || metadataLocation.startsWith(URI_PREFIX_HTTPS)) {
+      if (httpClient != null) {
+        return createNewHttpMetaDataProvider(metadataLocation, filter, idForLogging, timer, pool,
+            httpClient);
+      } else {
+        log.warn("Can not load http(s) based SAML2 metadata without a HTTP client");
+        return null;
+      }
+
+    } else {
+      String absoluteMetadataLocation;
+      try {
+        absoluteMetadataLocation =
+            FileUtils.makeAbsoluteUrl(metadataLocation, authConfig.getConfigurationRootDirectory());
+
+        if (absoluteMetadataLocation.startsWith(URI_PREFIX_FILE)) {
+          final File metadataFile = new File(absoluteMetadataLocation);
+          if (metadataFile.exists()) {
+            return createNewFileSystemMetaDataProvider(metadataFile, filter, idForLogging, timer,
+                pool);
+          } else {
+            log.warn(
+                "SAML2 metadata file: " + absoluteMetadataLocation + " not found or not exist");
+            return null;
+          }
+
+        }
+
+
+      } catch (final MalformedURLException e) {
+        log.warn("SAML2 metadata URL is invalid: " + metadataLocation, e);
+
+      }
+
+    }
+
+    log.warn("SAML2 metadata has an unsupported metadata location prefix: " + metadataLocation);
+    return null;
+
+  }
+
+
+  /**
+   * Create a single SAML2 filesystem based metadata provider.
+   *
+   * @param metadataFile File, where the metadata should be loaded
+   * @param filter Filters, which should be used to validate the metadata
+   * @param idForLogging Id, which is used for Logging
+   * @param timer {@link Timer} which is used to schedule metadata refresh operations
+   * @param pool
+   *
+   * @return SAML2 Metadata Provider
+   */
+  private MetadataProvider createNewFileSystemMetaDataProvider(final File metadataFile,
+      final MetadataFilter filter, final String idForLogging, final Timer timer,
+      final ParserPool pool) {
+    FilesystemMetadataProvider fileSystemProvider = null;
+    try {
+      fileSystemProvider = new FilesystemMetadataProvider(timer, metadataFile);
+      fileSystemProvider.setParserPool(pool);
+      fileSystemProvider.setRequireValidMetadata(true);
+      fileSystemProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
+      fileSystemProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
+      // httpProvider.setRefreshDelayFactor(0.1F);
+
+      fileSystemProvider.setMetadataFilter(filter);
+      fileSystemProvider.initialize();
+
+      fileSystemProvider.setRequireValidMetadata(true);
+
+      return fileSystemProvider;
+
+    } catch (final Exception e) {
+      log.warn("Failed to load Metadata file for " + idForLogging + "[ " + "File: "
+          + metadataFile.getAbsolutePath() + " Msg: " + e.getMessage() + " ]", e);
+
+
+      log.warn("Can not initialize SAML2 metadata provider from filesystem: "
+          + metadataFile.getAbsolutePath() + " Reason: " + e.getMessage(), e);
+
+      if (fileSystemProvider != null) {
+        fileSystemProvider.destroy();
+      }
+
+    }
+
+    return null;
+
+  }
+
+
+
+  /**
+   * Create a single SAML2 HTTP metadata provider.
+   *
+   * @param metadataUrl URL, where the metadata should be loaded
+   * @param filter Filters, which should be used to validate the metadata
+   * @param idForLogging Id, which is used for Logging
+   * @param timer {@link Timer} which is used to schedule metadata refresh operations
+   * @param pool
+   *
+   * @return SAML2 Metadata Provider
+   */
+  private MetadataProvider createNewHttpMetaDataProvider(final String metadataUrl,
+      final MetadataFilter filter, final String idForLogging, final Timer timer,
+      final ParserPool pool, final HttpClient httpClient) {
+    HTTPMetadataProvider httpProvider = null;
+    try {
+      httpProvider = new HTTPMetadataProvider(timer, httpClient, metadataUrl);
+      httpProvider.setParserPool(pool);
+      httpProvider.setRequireValidMetadata(true);
+      httpProvider.setMinRefreshDelay(1000 * 60 * 15); // 15 minutes
+      httpProvider.setMaxRefreshDelay(1000 * 60 * 60 * 24); // 24 hours
+      // httpProvider.setRefreshDelayFactor(0.1F);
+
+      httpProvider.setMetadataFilter(filter);
+      httpProvider.initialize();
+
+      httpProvider.setRequireValidMetadata(true);
+
+      return httpProvider;
+
+    } catch (final Throwable e) {
+      if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+        log.warn("SSL-Server certificate for metadata " + metadataUrl + " not trusted.", e);
+
+      }
+      if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {
+        log.warn("Signature verification for metadata" + metadataUrl + " FAILED.", e);
+
+      }
+      if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
+        log.warn("Schema validation for metadata " + metadataUrl + " FAILED.", e);
+      }
+
+      log.warn("Failed to load Metadata file for " + idForLogging + "[ " + e.getMessage() + " ]",
+          e);
+
+      if (httpProvider != null) {
+        log.debug("Destroy failed Metadata provider");
+        httpProvider.destroy();
+      }
+
+      // if (timer != null) {
+      // log.debug("Destroy Timer.");
+      // timer.cancel();
+      // }
+
+
+    }
+
+    return null;
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HTTPPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HTTPPostEncoderWithOwnTemplate.java
deleted file mode 100644
index 8af12acc..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HTTPPostEncoderWithOwnTemplate.java
+++ /dev/null
@@ -1,122 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStreamWriter;
-import java.io.Writer;
-
-import org.apache.velocity.VelocityContext;
-import org.apache.velocity.app.VelocityEngine;
-import org.opensaml.common.binding.SAMLMessageContext;
-import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
-import org.opensaml.ws.message.encoder.MessageEncodingException;
-import org.opensaml.ws.transport.http.HTTPOutTransport;
-import org.opensaml.ws.transport.http.HTTPTransportUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration;
-import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder;
-
-/**
- * @author tlenz
- *
- */
-public class HTTPPostEncoderWithOwnTemplate extends HTTPPostEncoder {
-	private static final Logger log = LoggerFactory.getLogger(HTTPPostEncoderWithOwnTemplate.class);
-	
-	
-	private final VelocityEngine velocityEngine;
-	private final IVelocityGUIBuilderConfiguration guiConfig;
-	private final IVelocityGuiFormBuilder guiBuilder;
-	
-	/**
-	 * @param engine
-	 * @param templateId
-	 */
-	public HTTPPostEncoderWithOwnTemplate(IVelocityGUIBuilderConfiguration guiConfig, IVelocityGuiFormBuilder guiBuilder, VelocityEngine engine) {
-		super(engine, null);
-		this.velocityEngine = engine;
-		this.guiConfig = guiConfig;
-		this.guiBuilder = guiBuilder;
-		
-	}
-
-    /**
-     * Base64 and POST encodes the outbound message and writes it to the outbound transport.
-     * 
-     * @param messageContext current message context
-     * @param endpointURL endpoint URL to which to encode message
-     * 
-     * @throws MessageEncodingException thrown if there is a problem encoding the message
-     */
-    @Override
-	protected void postEncode(SAMLMessageContext messageContext, String endpointURL) throws MessageEncodingException {
-    	log.debug("Invoking Velocity template to create POST body");
-        InputStream is = null;
-        try {        	
-        	//build Velocity Context from GUI input paramters
-			final VelocityContext context = guiBuilder.generateVelocityContextFromConfiguration(guiConfig);
-        	
-			//load template
-			is = guiBuilder.getTemplateInputStream(guiConfig);
-						
-			//populate velocity context with SAML2 parameters
-            populateVelocityContext(context, messageContext, endpointURL);
-
-            //populate transport parameter
-            final HTTPOutTransport outTransport = (HTTPOutTransport) messageContext.getOutboundMessageTransport();
-            HTTPTransportUtils.addNoCacheHeaders(outTransport);
-            HTTPTransportUtils.setUTF8Encoding(outTransport);
-            HTTPTransportUtils.setContentType(outTransport, "text/html");
-
-            //evaluate template and write content to response
-            final Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8");                        
-            velocityEngine.evaluate(context, out, "SAML2_POST_BINDING", new BufferedReader(new InputStreamReader(is)));            
-            out.flush();
-            
-        } catch (final Exception e) {
-        	log.error("Error invoking Velocity template", e);
-            throw new MessageEncodingException("Error creating output document", e);
-            
-        } finally {
-			if (is != null) {
-				try {
-					is.close();
-					
-				} catch (final IOException e) {
-					log.error("Can NOT close GUI-Template InputStream.", e);
-				}
-			}
-        	
-		}
-    }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java
new file mode 100644
index 00000000..860eec64
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/HttpPostEncoderWithOwnTemplate.java
@@ -0,0 +1,123 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.InputStreamReader;
+import java.io.OutputStreamWriter;
+import java.io.Writer;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiBuilderConfiguration;
+import at.gv.egiz.eaaf.core.api.gui.IVelocityGuiFormBuilder;
+import org.apache.velocity.VelocityContext;
+import org.apache.velocity.app.VelocityEngine;
+import org.opensaml.common.binding.SAMLMessageContext;
+import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
+import org.opensaml.ws.message.encoder.MessageEncodingException;
+import org.opensaml.ws.transport.http.HTTPOutTransport;
+import org.opensaml.ws.transport.http.HTTPTransportUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * OpenSAML2 Post-Binding encoder that uses dynamic loaded templates.
+ *
+ * @author tlenz
+ *
+ */
+public class HttpPostEncoderWithOwnTemplate extends HTTPPostEncoder {
+  private static final Logger log = LoggerFactory.getLogger(HttpPostEncoderWithOwnTemplate.class);
+
+
+  private final VelocityEngine velocityEngine;
+  private final IVelocityGuiBuilderConfiguration guiConfig;
+  private final IVelocityGuiFormBuilder guiBuilder;
+
+  /**
+   * Own Post-Binding encoder.
+   *
+   * @param guiConfig GUI configuration
+   * @param guiBuilder GUI builder implementation
+   * @param engine velocity engine
+   */
+  public HttpPostEncoderWithOwnTemplate(final IVelocityGuiBuilderConfiguration guiConfig,
+      final IVelocityGuiFormBuilder guiBuilder, final VelocityEngine engine) {
+    super(engine, null);
+    this.velocityEngine = engine;
+    this.guiConfig = guiConfig;
+    this.guiBuilder = guiBuilder;
+
+  }
+
+  /**
+   * Base64 and POST encodes the outbound message and writes it to the outbound transport.
+   *
+   * @param messageContext current message context
+   * @param endpointUrl endpoint URL to which to encode message
+   *
+   * @throws MessageEncodingException thrown if there is a problem encoding the message
+   */
+  @Override
+  protected void postEncode(final SAMLMessageContext messageContext, final String endpointUrl)
+      throws MessageEncodingException {
+    log.debug("Invoking Velocity template to create POST body");
+    InputStream is = null;
+    try {
+      // build Velocity Context from GUI input paramters
+      final VelocityContext context =
+          guiBuilder.generateVelocityContextFromConfiguration(guiConfig);
+
+      // load template
+      is = guiBuilder.getTemplateInputStream(guiConfig);
+
+      // populate velocity context with SAML2 parameters
+      populateVelocityContext(context, messageContext, endpointUrl);
+
+      // populate transport parameter
+      final HTTPOutTransport outTransport =
+          (HTTPOutTransport) messageContext.getOutboundMessageTransport();
+      HTTPTransportUtils.addNoCacheHeaders(outTransport);
+      HTTPTransportUtils.setUTF8Encoding(outTransport);
+      HTTPTransportUtils.setContentType(outTransport, "text/html");
+
+      // evaluate template and write content to response
+      final Writer out = new OutputStreamWriter(outTransport.getOutgoingStream(), "UTF-8");
+      velocityEngine.evaluate(context, out, "SAML2_POST_BINDING",
+          new BufferedReader(new InputStreamReader(is)));
+      out.flush();
+
+    } catch (final Exception e) {
+      log.error("Error invoking Velocity template", e);
+      throw new MessageEncodingException("Error creating output document", e);
+
+    } finally {
+      if (is != null) {
+        try {
+          is.close();
+
+        } catch (final IOException e) {
+          log.error("Can NOT close GUI-Template InputStream.", e);
+        }
+      }
+
+    }
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java
index 2f3912ca..d84b407f 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/KeyStoreX509CredentialAdapter.java
@@ -1,56 +1,53 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml;
 
 import java.security.KeyStore;
-
 import org.opensaml.xml.security.x509.X509Credential;
 
 
 /**
+ * OpenSAML2 KeyStore adapter.
+ *
  * @author tlenz
  *
  */
-public class KeyStoreX509CredentialAdapter extends
-		org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter {
-
-	/**
-	 * @param store
-	 * @param alias
-	 * @param password
-	 */
-	public KeyStoreX509CredentialAdapter(KeyStore store, String alias,
-			char[] password) {
-		super(store, alias, password);
-	}
-	
-	public Class<? extends X509Credential> getCredentialType() {
-		return X509Credential.class;
-	}
-	
+public class KeyStoreX509CredentialAdapter
+    extends org.opensaml.xml.security.x509.KeyStoreX509CredentialAdapter {
+
+  /**
+   * Get an OpenSAML2 keystore.
+   *
+   * @param store Java KeyStore
+   * @param alias Key alias
+   * @param password key Password
+   */
+  public KeyStoreX509CredentialAdapter(final KeyStore store, final String alias,
+      final char[] password) {
+    super(store, alias, password);
+  }
+
+  @Override
+  public Class<? extends X509Credential> getCredentialType() {
+    return X509Credential.class;
+  }
+
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java
index 544dc9f5..2def1446 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/StringRedirectDeflateEncoder.java
@@ -1,31 +1,25 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml;
 
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafDefaultSaml2Bootstrap;
 import org.opensaml.common.binding.SAMLMessageContext;
 import org.opensaml.saml2.binding.encoding.HTTPRedirectDeflateEncoder;
 import org.opensaml.ws.message.MessageContext;
@@ -33,49 +27,49 @@ import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
-
 /**
+ * Create deflate encoded SAML2 redirect-binding informations.
+ *
  * @author tlenz
  *
  */
 public class StringRedirectDeflateEncoder extends HTTPRedirectDeflateEncoder {
-	private static final Logger log = LoggerFactory.getLogger(StringRedirectDeflateEncoder.class);
-	
-	private String redirectURL = null;
-	
-	public void encode(MessageContext messageContext)
-			throws MessageEncodingException {
-		if (!(messageContext instanceof SAMLMessageContext)) {
-			log.error("Invalid message context type, this encoder only support SAMLMessageContext");
-			throw new MessageEncodingException(
-					"Invalid message context type, this encoder only support SAMLMessageContext");
-		}
+  private static final Logger log = LoggerFactory.getLogger(StringRedirectDeflateEncoder.class);
+
+  private String redirectUrl = null;
+
+  @Override
+  public void encode(final MessageContext messageContext) throws MessageEncodingException {
+    if (!(messageContext instanceof SAMLMessageContext)) {
+      log.error("Invalid message context type, this encoder only support SAMLMessageContext");
+      throw new MessageEncodingException(
+          "Invalid message context type, this encoder only support SAMLMessageContext");
+    }
+
+    // load default PVP security configurations
+    EaafDefaultSaml2Bootstrap.initializeDefaultPvpConfiguration();
+
+    final SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
+
+    final String endpointUrl = getEndpointURL(samlMsgCtx).buildURL();
 
-		//load default PVP security configurations
-		EAAFDefaultSAML2Bootstrap.initializeDefaultPVPConfiguration();
-		
-		SAMLMessageContext samlMsgCtx = (SAMLMessageContext) messageContext;
+    setResponseDestination(samlMsgCtx.getOutboundSAMLMessage(), endpointUrl);
 
-		String endpointURL = getEndpointURL(samlMsgCtx).buildURL();
+    removeSignature(samlMsgCtx);
 
-		setResponseDestination(samlMsgCtx.getOutboundSAMLMessage(), endpointURL);
+    final String encodedMessage = deflateAndBase64Encode(samlMsgCtx.getOutboundSAMLMessage());
 
-		removeSignature(samlMsgCtx);
+    redirectUrl = buildRedirectURL(samlMsgCtx, endpointUrl, encodedMessage);
+  }
 
-		String encodedMessage = deflateAndBase64Encode(samlMsgCtx
-				.getOutboundSAMLMessage());
+  /**
+   * Get generated redirect URL.
+   *
+   * @return the redirectURL
+   */
+  public String getRedirectUrl() {
+    return redirectUrl;
+  }
 
-		redirectURL = buildRedirectURL(samlMsgCtx, endpointURL,
-				encodedMessage);
-	}
 
-	/**
-	 * @return the redirectURL
-	 */
-	public String getRedirectURL() {
-		return redirectURL;
-	}
-	
-	
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSAML2Bootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSAML2Bootstrap.java
deleted file mode 100644
index 266b6e5f..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSAML2Bootstrap.java
+++ /dev/null
@@ -1,94 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize;
-
-import org.opensaml.Configuration;
-import org.opensaml.DefaultBootstrap;
-import org.opensaml.xml.ConfigurationException;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributeBuilder;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributeMarshaller;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributeUnmarshaller;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributesBuilder;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributesMarshaller;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EAAFRequestedAttributesUnmarshaller;
-
-/** 
- * @author tlenz
- *
- */
-public class EAAFDefaultSAML2Bootstrap extends DefaultBootstrap {
-
-    public static synchronized void bootstrap() throws ConfigurationException {
-
-        initializeXMLSecurity();
-
-        initializeXMLTooling();
-
-        initializeArtifactBuilderFactories();
-
-        initializeGlobalSecurityConfiguration();
-        
-        initializeParserPool();
-        
-        initializeESAPI();
-        
-        initializeExtenstions();
-        
-    }
-  
-    private static void initializeExtenstions() {
-        Configuration.registerObjectProvider(
-        		EAAFRequestedAttribute.DEFAULT_ELEMENT_NAME, 
-        		new EAAFRequestedAttributeBuilder(),
-                new EAAFRequestedAttributeMarshaller(), 
-                new EAAFRequestedAttributeUnmarshaller()
-             );
-
-        Configuration.registerObjectProvider(
-        		EAAFRequestedAttributes.DEFAULT_ELEMENT_NAME, 
-        		new EAAFRequestedAttributesBuilder(),
-                new EAAFRequestedAttributesMarshaller(),
-                new EAAFRequestedAttributesUnmarshaller()
-            );
-		
-	}
-
-	public static void initializeDefaultPVPConfiguration() {
-    	initializeGlobalSecurityConfiguration();
-    	
-    }
-    
-    /**
-     * Initializes the default global security configuration.
-     */
-    protected static void initializeGlobalSecurityConfiguration() {
-        Configuration.setGlobalSecurityConfiguration(EAAFDefaultSecurityConfigurationBootstrap.buildDefaultConfig());
-    }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSecurityConfigurationBootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSecurityConfigurationBootstrap.java
deleted file mode 100644
index ddd5b13e..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EAAFDefaultSecurityConfigurationBootstrap.java
+++ /dev/null
@@ -1,156 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize;
-
-import org.opensaml.xml.encryption.EncryptionConstants;
-import org.opensaml.xml.security.BasicSecurityConfiguration;
-import org.opensaml.xml.security.DefaultSecurityConfigurationBootstrap;
-import org.opensaml.xml.security.credential.BasicKeyInfoGeneratorFactory;
-import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
-import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
-import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
-import org.opensaml.xml.signature.SignatureConstants;
-
-/**
- * @author tlenz
- *
- */
-public class EAAFDefaultSecurityConfigurationBootstrap extends
-		DefaultSecurityConfigurationBootstrap {
-	
-	public static BasicSecurityConfiguration buildDefaultConfig() {
-		BasicSecurityConfiguration config = new BasicSecurityConfiguration();
-
-		populateSignatureParams(config);
-		populateEncryptionParams(config);
-		populateKeyInfoCredentialResolverParams(config);
-		populateKeyInfoGeneratorManager(config);
-		populateKeyParams(config);
-
-		return config;
-	}
-
-	protected static void populateKeyInfoGeneratorManager(
-			BasicSecurityConfiguration config) {
-		NamedKeyInfoGeneratorManager namedManager = new NamedKeyInfoGeneratorManager();
-		config.setKeyInfoGeneratorManager(namedManager);
-
-		namedManager.setUseDefaultManager(true);
-		KeyInfoGeneratorManager defaultManager = namedManager
-				.getDefaultManager();
-
-		BasicKeyInfoGeneratorFactory basicFactory = new BasicKeyInfoGeneratorFactory();
-		basicFactory.setEmitPublicKeyValue(true);
-
-		X509KeyInfoGeneratorFactory x509Factory = new X509KeyInfoGeneratorFactory();
-		x509Factory.setEmitEntityCertificate(true);
-
-		defaultManager.registerFactory(basicFactory);
-		defaultManager.registerFactory(x509Factory);
-	}
-	
-	protected static void populateSignatureParams(
-			BasicSecurityConfiguration config) {
-		
-		//use SHA256 instead of SHA1
-		config.registerSignatureAlgorithmURI("RSA",
-				SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
-	
-		config.registerSignatureAlgorithmURI("DSA",
-				"http://www.w3.org/2000/09/xmldsig#dsa-sha1");
-		
-		//use SHA256 instead of SHA1
-		config.registerSignatureAlgorithmURI("EC",
-				SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
-
-		//use SHA256 instead of SHA1
-		config.registerSignatureAlgorithmURI("AES",
-				SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
-		
-		
-		config.registerSignatureAlgorithmURI("DESede",
-				SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
-
-		config.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
-		config.setSignatureHMACOutputLength(null);
-		
-		//use SHA256 instead of SHA1
-		config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
-	}
-
-	protected static void populateEncryptionParams(
-			BasicSecurityConfiguration config) {
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(128),
-				"http://www.w3.org/2001/04/xmlenc#aes128-cbc");
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(192),
-				"http://www.w3.org/2001/04/xmlenc#aes192-cbc");
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(256),
-				"http://www.w3.org/2001/04/xmlenc#aes256-cbc");
-		
-		//support GCM mode
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(128), 
-				EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM);
-		
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(192), 
-				EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM);
-		
-		config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(256), 
-				EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM);
-		
-		
-		config.registerDataEncryptionAlgorithmURI("DESede",
-				Integer.valueOf(168),
-				"http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
-		config.registerDataEncryptionAlgorithmURI("DESede",
-				Integer.valueOf(192),
-				"http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
-
-		config.registerKeyTransportEncryptionAlgorithmURI("RSA", null, "AES",
-				"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
-		
-		config.registerKeyTransportEncryptionAlgorithmURI("RSA", null,
-				"DESede", "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
-
-		config.registerKeyTransportEncryptionAlgorithmURI("AES",
-				Integer.valueOf(128), null,
-				"http://www.w3.org/2001/04/xmlenc#kw-aes128");
-		config.registerKeyTransportEncryptionAlgorithmURI("AES",
-				Integer.valueOf(192), null,
-				"http://www.w3.org/2001/04/xmlenc#kw-aes192");
-		config.registerKeyTransportEncryptionAlgorithmURI("AES",
-				Integer.valueOf(256), null,
-				"http://www.w3.org/2001/04/xmlenc#kw-aes256");
-		config.registerKeyTransportEncryptionAlgorithmURI("DESede",
-				Integer.valueOf(168), null,
-				"http://www.w3.org/2001/04/xmlenc#kw-tripledes");
-		config.registerKeyTransportEncryptionAlgorithmURI("DESede",
-				Integer.valueOf(192), null,
-				"http://www.w3.org/2001/04/xmlenc#kw-tripledes");
-
-		config.setAutoGeneratedDataEncryptionKeyAlgorithmURI("http://www.w3.org/2001/04/xmlenc#aes128-cbc");
-	}
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java
new file mode 100644
index 00000000..9db8e5e7
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSaml2Bootstrap.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize;
+
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributeMarshaller;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributeUnmarshaller;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesMarshaller;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.reqattr.EaafRequestedAttributesUnmarshaller;
+import org.opensaml.DefaultBootstrap;
+import org.opensaml.xml.ConfigurationException;
+
+/**
+ * EAAF specific OpenSAML Initializer.
+ *
+ * @author tlenz
+ *
+ */
+public class EaafDefaultSaml2Bootstrap extends DefaultBootstrap {
+
+  /**
+   * OpenSAML2 bootstrap.
+   *
+   * @throws ConfigurationException In case of an error
+   */
+  public static synchronized void bootstrap() throws ConfigurationException {
+
+    initializeXMLSecurity();
+
+    initializeXMLTooling();
+
+    initializeArtifactBuilderFactories();
+
+    initializeGlobalSecurityConfiguration();
+
+    initializeParserPool();
+
+    initializeESAPI();
+
+    initializeExtenstions();
+
+  }
+
+  private static void initializeExtenstions() {
+    org.opensaml.xml.Configuration.registerObjectProvider(
+        EaafRequestedAttribute.DEFAULT_ELEMENT_NAME, new EaafRequestedAttributeBuilder(),
+        new EaafRequestedAttributeMarshaller(), new EaafRequestedAttributeUnmarshaller());
+
+    org.opensaml.xml.Configuration.registerObjectProvider(
+        EaafRequestedAttributes.DEFAULT_ELEMENT_NAME, new EaafRequestedAttributesBuilder(),
+        new EaafRequestedAttributesMarshaller(), new EaafRequestedAttributesUnmarshaller());
+
+  }
+
+  public static void initializeDefaultPvpConfiguration() {
+    initializeGlobalSecurityConfiguration();
+
+  }
+
+  /**
+   * Initializes the default global security configuration.
+   */
+  protected static void initializeGlobalSecurityConfiguration() {
+    org.opensaml.xml.Configuration.setGlobalSecurityConfiguration(
+        EaafDefaultSecurityConfigurationBootstrap.buildDefaultConfig());
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java
new file mode 100644
index 00000000..a1a7e9d2
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/opensaml/initialize/EaafDefaultSecurityConfigurationBootstrap.java
@@ -0,0 +1,141 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize;
+
+import org.opensaml.xml.encryption.EncryptionConstants;
+import org.opensaml.xml.security.BasicSecurityConfiguration;
+import org.opensaml.xml.security.DefaultSecurityConfigurationBootstrap;
+import org.opensaml.xml.security.credential.BasicKeyInfoGeneratorFactory;
+import org.opensaml.xml.security.keyinfo.KeyInfoGeneratorManager;
+import org.opensaml.xml.security.keyinfo.NamedKeyInfoGeneratorManager;
+import org.opensaml.xml.security.x509.X509KeyInfoGeneratorFactory;
+import org.opensaml.xml.signature.SignatureConstants;
+
+/**
+ * EAAF specific OpenSAML2 security configuration.
+ *
+ * @author tlenz
+ *
+ */
+public class EaafDefaultSecurityConfigurationBootstrap
+    extends DefaultSecurityConfigurationBootstrap {
+
+  /**
+   * Build EAAF security configuration for OpenSAML2.
+   *
+   * @return
+   */
+  public static BasicSecurityConfiguration buildDefaultConfig() {
+    final BasicSecurityConfiguration config = new BasicSecurityConfiguration();
+
+    populateSignatureParams(config);
+    populateEncryptionParams(config);
+    populateKeyInfoCredentialResolverParams(config);
+    populateKeyInfoGeneratorManager(config);
+    populateKeyParams(config);
+
+    return config;
+  }
+
+  protected static void populateKeyInfoGeneratorManager(final BasicSecurityConfiguration config) {
+    final NamedKeyInfoGeneratorManager namedManager = new NamedKeyInfoGeneratorManager();
+    config.setKeyInfoGeneratorManager(namedManager);
+
+    namedManager.setUseDefaultManager(true);
+    final KeyInfoGeneratorManager defaultManager = namedManager.getDefaultManager();
+
+    final BasicKeyInfoGeneratorFactory basicFactory = new BasicKeyInfoGeneratorFactory();
+    basicFactory.setEmitPublicKeyValue(true);
+
+    final X509KeyInfoGeneratorFactory x509Factory = new X509KeyInfoGeneratorFactory();
+    x509Factory.setEmitEntityCertificate(true);
+
+    defaultManager.registerFactory(basicFactory);
+    defaultManager.registerFactory(x509Factory);
+  }
+
+  protected static void populateSignatureParams(final BasicSecurityConfiguration config) {
+
+    // use SHA256 instead of SHA1
+    config.registerSignatureAlgorithmURI("RSA", SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+
+    config.registerSignatureAlgorithmURI("DSA", "http://www.w3.org/2000/09/xmldsig#dsa-sha1");
+
+    // use SHA256 instead of SHA1
+    config.registerSignatureAlgorithmURI("EC", SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
+
+    // use SHA256 instead of SHA1
+    config.registerSignatureAlgorithmURI("AES", SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
+
+
+    config.registerSignatureAlgorithmURI("DESede", SignatureConstants.ALGO_ID_MAC_HMAC_SHA256);
+
+    config.setSignatureCanonicalizationAlgorithm("http://www.w3.org/2001/10/xml-exc-c14n#");
+    config.setSignatureHMACOutputLength(null);
+
+    // use SHA256 instead of SHA1
+    config.setSignatureReferenceDigestMethod(SignatureConstants.ALGO_ID_DIGEST_SHA256);
+  }
+
+  protected static void populateEncryptionParams(final BasicSecurityConfiguration config) {
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(128),
+        "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(192),
+        "http://www.w3.org/2001/04/xmlenc#aes192-cbc");
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(256),
+        "http://www.w3.org/2001/04/xmlenc#aes256-cbc");
+
+    // support GCM mode
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(128),
+        EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES128_GCM);
+
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(192),
+        EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES192_GCM);
+
+    config.registerDataEncryptionAlgorithmURI("AES", Integer.valueOf(256),
+        EncryptionConstants.ALGO_ID_BLOCKCIPHER_AES256_GCM);
+
+
+    config.registerDataEncryptionAlgorithmURI("DESede", Integer.valueOf(168),
+        "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
+    config.registerDataEncryptionAlgorithmURI("DESede", Integer.valueOf(192),
+        "http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
+
+    config.registerKeyTransportEncryptionAlgorithmURI("RSA", null, "AES",
+        "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
+
+    config.registerKeyTransportEncryptionAlgorithmURI("RSA", null, "DESede",
+        "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p");
+
+    config.registerKeyTransportEncryptionAlgorithmURI("AES", Integer.valueOf(128), null,
+        "http://www.w3.org/2001/04/xmlenc#kw-aes128");
+    config.registerKeyTransportEncryptionAlgorithmURI("AES", Integer.valueOf(192), null,
+        "http://www.w3.org/2001/04/xmlenc#kw-aes192");
+    config.registerKeyTransportEncryptionAlgorithmURI("AES", Integer.valueOf(256), null,
+        "http://www.w3.org/2001/04/xmlenc#kw-aes256");
+    config.registerKeyTransportEncryptionAlgorithmURI("DESede", Integer.valueOf(168), null,
+        "http://www.w3.org/2001/04/xmlenc#kw-tripledes");
+    config.registerKeyTransportEncryptionAlgorithmURI("DESede", Integer.valueOf(192), null,
+        "http://www.w3.org/2001/04/xmlenc#kw-tripledes");
+
+    config.setAutoGeneratedDataEncryptionKeyAlgorithmURI(
+        "http://www.w3.org/2001/04/xmlenc#aes128-cbc");
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributeImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributeImpl.java
deleted file mode 100644
index ed169d8c..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributeImpl.java
+++ /dev/null
@@ -1,133 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.common.impl.AbstractSAMLObject;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.schema.XSBooleanValue;
-import org.opensaml.xml.util.AttributeMap;
-import org.opensaml.xml.util.XMLObjectChildrenList;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-
-public class EAAFRequestedAttributeImpl extends AbstractSAMLObject implements EAAFRequestedAttribute {
-
-    private final XMLObjectChildrenList<XMLObject> attributeValues;
-    private String friendlyName;
-    private String isRequired;
-    private String name;
-    private String nameFormat;
-    private AttributeMap unknownAttributes;
-	
-	public EAAFRequestedAttributeImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
-		super(namespaceURI, elementLocalName, namespacePrefix);
-		unknownAttributes = new AttributeMap(this);
-		attributeValues = new XMLObjectChildrenList<XMLObject>(this);
-
-	}
-
-    public final List<XMLObject> getAttributeValues() {
-	return attributeValues;
-    }
-
-    public final String getFriendlyName() {
-	return friendlyName;
-    }
-
-    public final String getIsRequiredXSBoolean() {
-	return isRequired;
-    }
-
-    public final String getName() {
-	return name;
-    }
-
-    public final String getNameFormat() {
-	return nameFormat;
-    }
-
-    public final List<XMLObject> getOrderedChildren() {
-	final List<XMLObject> children = new ArrayList<XMLObject>();
-	children.addAll(attributeValues);
-	return Collections.unmodifiableList(children);
-    }
-
-
-    public final AttributeMap getUnknownAttributes() {
-	return unknownAttributes;
-    }
-
-
-    public final void setFriendlyName(final String newFriendlyName) {
-	this.friendlyName = prepareForAssignment(this.friendlyName,
-		newFriendlyName);
-    }
-
-
-    public final void setIsRequired(final String newIsRequired) {
-	isRequired = prepareForAssignment(this.isRequired, newIsRequired);
-
-    }
-
-
-    public final void setName(final String newName) {
-	this.name = prepareForAssignment(this.name, newName);
-    }
-
-
-    public final void setNameFormat(final String newNameFormat) {
-	this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat);
-    }
-
-
-    public final void setUnknownAttributes(final AttributeMap newUnknownAttr) {
-	this.unknownAttributes = newUnknownAttr;
-    }
-
-    @Override
-    public XSBooleanValue isRequiredXSBoolean() {
-        return XSBooleanValue.valueOf(isRequired);
-    }
-
-    @Override
-    public void setIsRequired(Boolean aBoolean) {
-        this.isRequired = String.valueOf(aBoolean);
-    }
-
-    @Override
-    public void setIsRequired(XSBooleanValue xsBooleanValue) {
-        this.isRequired = String.valueOf(xsBooleanValue);
-    }
-
-    @Override
-    public Boolean isRequired() {
-        return Boolean.parseBoolean(isRequired);
-    }
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributesImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributesImpl.java
deleted file mode 100644
index b85d4791..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EAAFRequestedAttributesImpl.java
+++ /dev/null
@@ -1,61 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.opensaml.common.impl.AbstractSAMLObject;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.util.IndexedXMLObjectChildrenList;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes;
-
-public class EAAFRequestedAttributesImpl extends AbstractSAMLObject implements EAAFRequestedAttributes {
-
-	 private final IndexedXMLObjectChildrenList<XMLObject> indexedChildren;
-	
-	public EAAFRequestedAttributesImpl(String namespaceURI, String elementLocalName, String namespacePrefix) {
-		super(namespaceURI, elementLocalName, namespacePrefix);
-		indexedChildren = new IndexedXMLObjectChildrenList<XMLObject>(this);
-	}
-
-	@Override
-	public List<XMLObject> getOrderedChildren() {
-		final List<XMLObject> children = new ArrayList<XMLObject>();
-		children.addAll(indexedChildren);
-		return Collections.unmodifiableList(children);
-		
-	}
-
-	@Override
-	public List<EAAFRequestedAttribute> getAttributes() {
-		return (List<EAAFRequestedAttribute>) indexedChildren
-				.subList(EAAFRequestedAttribute.DEFAULT_ELEMENT_NAME);
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java
new file mode 100644
index 00000000..1ceb5adc
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributeImpl.java
@@ -0,0 +1,149 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.schema.XSBooleanValue;
+import org.opensaml.xml.util.AttributeMap;
+import org.opensaml.xml.util.XMLObjectChildrenList;
+
+public class EaafRequestedAttributeImpl extends AbstractSAMLObject
+    implements EaafRequestedAttribute {
+
+  private final XMLObjectChildrenList<XMLObject> attributeValues;
+  private String friendlyName;
+  private String isRequired;
+  private String name;
+  private String nameFormat;
+  private AttributeMap unknownAttributes;
+
+  /**
+   * Build an EAAF specific requested attribute.
+   *
+   * @param namespaceUri Attribute namespace
+   * @param elementLocalName Attribute name
+   * @param namespacePrefix Attribute namespace prefix
+   */
+  public EaafRequestedAttributeImpl(final String namespaceUri, final String elementLocalName,
+      final String namespacePrefix) {
+    super(namespaceUri, elementLocalName, namespacePrefix);
+    unknownAttributes = new AttributeMap(this);
+    attributeValues = new XMLObjectChildrenList<>(this);
+
+  }
+
+  @Override
+  public final List<XMLObject> getAttributeValues() {
+    return attributeValues;
+  }
+
+  @Override
+  public final String getFriendlyName() {
+    return friendlyName;
+  }
+
+  @Override
+  public final String getIsRequiredXsBoolean() {
+    return isRequired;
+  }
+
+  @Override
+  public final String getName() {
+    return name;
+  }
+
+  @Override
+  public final String getNameFormat() {
+    return nameFormat;
+  }
+
+  @Override
+  public final List<XMLObject> getOrderedChildren() {
+    final List<XMLObject> children = new ArrayList<>();
+    children.addAll(attributeValues);
+    return Collections.unmodifiableList(children);
+  }
+
+
+  @Override
+  public final AttributeMap getUnknownAttributes() {
+    return unknownAttributes;
+  }
+
+
+  @Override
+  public final void setFriendlyName(final String newFriendlyName) {
+    this.friendlyName = prepareForAssignment(this.friendlyName, newFriendlyName);
+  }
+
+
+  @Override
+  public void setIsRequired(final Boolean aboolean) {
+    this.isRequired = String.valueOf(aboolean);
+  }
+
+  @Override
+  public void setIsRequired(final XSBooleanValue xsBooleanValue) {
+    this.isRequired = String.valueOf(xsBooleanValue);
+  }
+
+  @Override
+  public final void setIsRequired(final String newIsRequired) {
+    isRequired = prepareForAssignment(this.isRequired, newIsRequired);
+
+  }
+
+
+  @Override
+  public final void setName(final String newName) {
+    this.name = prepareForAssignment(this.name, newName);
+  }
+
+
+  @Override
+  public final void setNameFormat(final String newNameFormat) {
+    this.nameFormat = prepareForAssignment(this.nameFormat, newNameFormat);
+  }
+
+
+  public final void setUnknownAttributes(final AttributeMap newUnknownAttr) {
+    this.unknownAttributes = newUnknownAttr;
+  }
+
+  @Override
+  public XSBooleanValue isRequiredXSBoolean() {
+    return XSBooleanValue.valueOf(isRequired);
+  }
+
+
+
+
+
+  @Override
+  public Boolean isRequired() {
+    return Boolean.parseBoolean(isRequired);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java
new file mode 100644
index 00000000..3b447538
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/reqattr/EaafRequestedAttributesImpl.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.reqattr;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttributes;
+import org.opensaml.common.impl.AbstractSAMLObject;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.util.IndexedXMLObjectChildrenList;
+
+public class EaafRequestedAttributesImpl extends AbstractSAMLObject
+    implements EaafRequestedAttributes {
+
+  private final IndexedXMLObjectChildrenList<XMLObject> indexedChildren;
+
+  public EaafRequestedAttributesImpl(final String namespaceUri, final String elementLocalName,
+      final String namespacePrefix) {
+    super(namespaceUri, elementLocalName, namespacePrefix);
+    indexedChildren = new IndexedXMLObjectChildrenList<>(this);
+  }
+
+  @Override
+  public List<XMLObject> getOrderedChildren() {
+    final List<XMLObject> children = new ArrayList<>();
+    children.addAll(indexedChildren);
+    return Collections.unmodifiableList(children);
+
+  }
+
+  @Override
+  public List<EaafRequestedAttribute> getAttributes() {
+    return (List<EaafRequestedAttribute>) indexedChildren
+        .subList(EaafRequestedAttribute.DEFAULT_ELEMENT_NAME);
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
index acc5357e..ea361f11 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/AbstractCredentialProvider.java
@@ -1,36 +1,32 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
 
 import java.security.KeyStore;
 import java.security.PrivateKey;
 import java.security.interfaces.ECPrivateKey;
 import java.security.interfaces.RSAPrivateKey;
-
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.KeyStoreX509CredentialAdapter;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.security.credential.UsageType;
@@ -40,186 +36,210 @@ import org.opensaml.xml.signature.SignatureConstants;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
-import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.KeyStoreX509CredentialAdapter;
-
 public abstract class AbstractCredentialProvider {
-	
-	private static final Logger log = LoggerFactory.getLogger(AbstractCredentialProvider.class);
-	
-	private KeyStore keyStore = null;
-	
-	/**
-	 * Get a friendlyName for this keyStore implementation
-	 * This friendlyName is used for logging
-	 * 
-	 * @return keyStore friendlyName
-	 */
-	public abstract String getFriendlyName();
-	
-	/**
-	 * Get KeyStore
-	 * 
-	 * @return URL to the keyStore
-	 * @throws EAAFException 
-	 */
-	public abstract String getKeyStoreFilePath() throws EAAFException;
-	
-	/**
-	 * Get keyStore password
-	 * 
-	 * @return Password of the keyStore
-	 */
-	public abstract String getKeyStorePassword();
-	
-	/**
-	 * Get alias of key for metadata signing
-	 * 
-	 * @return key alias
-	 */
-	public abstract String getMetadataKeyAlias();
-	
-	/**
-	 * Get password of key for metadata signing
-	 * 
-	 * @return key password
-	 */
-	public abstract String getMetadataKeyPassword();
-	
-	/**
-	 * Get alias of key for request/response signing
-	 * 
-	 * @return key alias
-	 */
-	public abstract String getSignatureKeyAlias();
-	
-	/**
-	 * Get password of key for request/response signing
-	 * 
-	 * @return key password
-	 */
-	public abstract String getSignatureKeyPassword();
-	
-	/**
-	 * Get alias of key for IDP response encryption
-	 * 
-	 * @return key alias
-	 */
-	public abstract String getEncryptionKeyAlias();
-	
-	/**
-	 * Get password of key for IDP response encryption
-	 * 
-	 * @return key password
-	 */
-	public abstract String getEncryptionKeyPassword();
-	
-	
-	public X509Credential getIDPMetaDataSigningCredential()
-			throws CredentialsNotAvailableException {
-		try {
-			
-			if (keyStore == null)
-				keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), 
-						getKeyStorePassword());
-
-			KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
-					keyStore, getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray());
-
-			credentials.setUsageType(UsageType.SIGNING);
-			if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
-				log.error(getFriendlyName() + " Metadata Signing credentials is not found or contains no PrivateKey.");
-				throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Signing credentials (Alias: "
-						+ getMetadataKeyAlias() + ") is not found or contains no PrivateKey."});
-				
-			}
-			return credentials;
-		} catch (Exception e) {
-			log.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials");
-			e.printStackTrace();
-			throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e);
-		}
-	}
-
-	public X509Credential getIDPAssertionSigningCredential()
-			throws CredentialsNotAvailableException {
-		try {
-			if (keyStore == null)
-				keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), 
-						getKeyStorePassword());
-
-			KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
-					keyStore, getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray());
-			
-			credentials.setUsageType(UsageType.SIGNING);
-			if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
-				log.error(getFriendlyName() + " Assertion Signing credentials is not found or contains no PrivateKey.");
-				throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Signing credentials (Alias: "
-						+ getSignatureKeyAlias() + ") is not found or contains no PrivateKey."});
-				
-			}
-			
-			return (X509Credential) credentials;
-		} catch (Exception e) {
-			log.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials");
-			e.printStackTrace();
-			throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e);
-		}
-	}
-	
-	public X509Credential getIDPAssertionEncryptionCredential()
-			throws CredentialsNotAvailableException {
-		try {
-			if (keyStore == null)
-				keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), 
-						getKeyStorePassword());
-
-			//if no encryption key is configured return null
-			if (StringUtils.isEmpty(getEncryptionKeyAlias()))
-				return null;
-			
-			KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(
-					keyStore, getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray());
-			
-			credentials.setUsageType(UsageType.ENCRYPTION);
-			
-			if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
-				log.error(getFriendlyName() + " Assertion Encryption credentials is not found or contains no PrivateKey.");
-				throw new CredentialsNotAvailableException("config.27", new Object[]{getFriendlyName() + " Assertion Encryption credentials (Alias: "
-						+ getEncryptionKeyAlias() + ") is not found or contains no PrivateKey."});
-				
-			}
-			
-			return (X509Credential) credentials;
-			
-		} catch (Exception e) {
-			log.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials");
-			e.printStackTrace();
-			throw new CredentialsNotAvailableException("config.27", new Object[]{e.getMessage()}, e);
-		}
-	}
-	
-	public static Signature getIDPSignature(Credential credentials) {		
-		PrivateKey privatekey = credentials.getPrivateKey();		
-		Signature signer = SAML2Utils.createSAMLObject(Signature.class);
-		
-		if (privatekey instanceof RSAPrivateKey) {
-			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
-			
-		} else if (privatekey instanceof ECPrivateKey) {
-			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
-
-		} else {
-			log.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId() + " credential.");
-			
-			
-		}
-
-		signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);		
-		signer.setSigningCredential(credentials);
-		return signer;
-		
-	}
+
+  private static final Logger log = LoggerFactory.getLogger(AbstractCredentialProvider.class);
+
+  private KeyStore keyStore = null;
+
+  /**
+   * Get a friendlyName for this keyStore implementation This friendlyName is used for logging.
+   *
+   * @return keyStore friendlyName
+   */
+  public abstract String getFriendlyName();
+
+  /**
+   * Get KeyStore.
+   *
+   * @return URL to the keyStore
+   * @throws EaafException In case of an invalid filepath
+   */
+  public abstract String getKeyStoreFilePath() throws EaafException;
+
+  /**
+   * Get keyStore password.
+   *
+   * @return Password of the keyStore
+   */
+  public abstract String getKeyStorePassword();
+
+  /**
+   * Get alias of key for metadata signing.
+   *
+   * @return key alias
+   */
+  public abstract String getMetadataKeyAlias();
+
+  /**
+   * Get password of key for metadata signing.
+   *
+   * @return key password
+   */
+  public abstract String getMetadataKeyPassword();
+
+  /**
+   * Get alias of key for request/response signing.
+   *
+   * @return key alias
+   */
+  public abstract String getSignatureKeyAlias();
+
+  /**
+   * Get password of key for request/response signing.
+   *
+   * @return key password
+   */
+  public abstract String getSignatureKeyPassword();
+
+  /**
+   * Get alias of key for IDP response encryption.
+   *
+   * @return key alias
+   */
+  public abstract String getEncryptionKeyAlias();
+
+  /**
+   * Get password of key for IDP response encryption.
+   *
+   * @return key password
+   */
+  public abstract String getEncryptionKeyPassword();
+
+
+  /**
+   * Get Credentials to sign metadata.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException In case of a credential error
+   */
+  public X509Credential getIdpMetaDataSigningCredential() throws CredentialsNotAvailableException {
+    try {
+
+      if (keyStore == null) {
+        keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
+      }
+
+      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+          getMetadataKeyAlias(), getMetadataKeyPassword().toCharArray());
+
+      credentials.setUsageType(UsageType.SIGNING);
+      if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
+        log.error(getFriendlyName()
+            + " Metadata Signing credentials is not found or contains no PrivateKey.");
+        throw new CredentialsNotAvailableException("config.27",
+            new Object[] {getFriendlyName() + " Assertion Signing credentials (Alias: "
+                + getMetadataKeyAlias() + ") is not found or contains no PrivateKey."});
+
+      }
+      return credentials;
+    } catch (final Exception e) {
+      log.error("Failed to generate " + getFriendlyName() + " Metadata Signing credentials");
+      e.printStackTrace();
+      throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e);
+    }
+  }
+
+  /**
+   * Get Credentials to sign Assertion.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException In case of a credential error
+   */
+  public X509Credential getIdpAssertionSigningCredential() throws CredentialsNotAvailableException {
+    try {
+      if (keyStore == null) {
+        keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
+      }
+
+      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+          getSignatureKeyAlias(), getSignatureKeyPassword().toCharArray());
+
+      credentials.setUsageType(UsageType.SIGNING);
+      if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
+        log.error(getFriendlyName()
+            + " Assertion Signing credentials is not found or contains no PrivateKey.");
+        throw new CredentialsNotAvailableException("config.27",
+            new Object[] {getFriendlyName() + " Assertion Signing credentials (Alias: "
+                + getSignatureKeyAlias() + ") is not found or contains no PrivateKey."});
+
+      }
+
+      return credentials;
+    } catch (final Exception e) {
+      log.error("Failed to generate " + getFriendlyName() + " Assertion Signing credentials");
+      e.printStackTrace();
+      throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e);
+    }
+  }
+
+  /**
+   * Get Credentials to encrypt assertion.
+   *
+   * @return Credentials
+   * @throws CredentialsNotAvailableException In case of a credential error
+   */
+  public X509Credential getIdpAssertionEncryptionCredential()
+      throws CredentialsNotAvailableException {
+    try {
+      if (keyStore == null) {
+        keyStore = KeyStoreUtils.loadKeyStore(getKeyStoreFilePath(), getKeyStorePassword());
+      }
+
+      // if no encryption key is configured return null
+      if (StringUtils.isEmpty(getEncryptionKeyAlias())) {
+        return null;
+      }
+
+      final KeyStoreX509CredentialAdapter credentials = new KeyStoreX509CredentialAdapter(keyStore,
+          getEncryptionKeyAlias(), getEncryptionKeyPassword().toCharArray());
+
+      credentials.setUsageType(UsageType.ENCRYPTION);
+
+      if (credentials.getPrivateKey() == null && credentials.getSecretKey() == null) {
+        log.error(getFriendlyName()
+            + " Assertion Encryption credentials is not found or contains no PrivateKey.");
+        throw new CredentialsNotAvailableException("config.27",
+            new Object[] {getFriendlyName() + " Assertion Encryption credentials (Alias: "
+                + getEncryptionKeyAlias() + ") is not found or contains no PrivateKey."});
+
+      }
+
+      return credentials;
+
+    } catch (final Exception e) {
+      log.error("Failed to generate " + getFriendlyName() + " Assertion Encryption credentials");
+      e.printStackTrace();
+      throw new CredentialsNotAvailableException("config.27", new Object[] {e.getMessage()}, e);
+    }
+  }
+
+  /**
+   * Get an XML signature object.
+   *
+   * @param credentials Credentials for signing
+   * @return OpenSAML Signature object
+   */
+  public static Signature getIdpSignature(final Credential credentials) {
+    final PrivateKey privatekey = credentials.getPrivateKey();
+    final Signature signer = Saml2Utils.createSamlObject(Signature.class);
+
+    if (privatekey instanceof RSAPrivateKey) {
+      signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA256);
+
+    } else if (privatekey instanceof ECPrivateKey) {
+      signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_ECDSA_SHA256);
+
+    } else {
+      log.warn("Could NOT evaluate the Private-Key type from " + credentials.getEntityId()
+          + " credential.");
+
+
+    }
+
+    signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
+    signer.setSigningCredential(credentials);
+    return signer;
+
+  }
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java
deleted file mode 100644
index 8e7183d3..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QAALevelVerifier.java
+++ /dev/null
@@ -1,104 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
-
-import java.util.List;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-import at.gv.egiz.eaaf.modules.pvp2.exception.QAANotAllowedException;
-
-/**
- * @author tlenz
- *
- */
-public class QAALevelVerifier {
-
-	private static final Logger log = LoggerFactory.getLogger(QAALevelVerifier.class);
-	
-	private static boolean verifyQAALevel(String qaaAuth, String requiredLoA, String matchingMode) throws QAANotAllowedException {
-		//to MINIMUM machting
-		if (EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM.equals(matchingMode)) {
-			log.trace("Perfom LoA matching in 'MINIMUM' mode ... ");
-			if (EAAFConstants.EIDAS_LOA_LOW.equals(requiredLoA) && 
-					(EAAFConstants.EIDAS_LOA_LOW.equals(qaaAuth) || 
-						EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) ||
-								EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))
-					)  
-				return true;
-	
-			else if (EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(requiredLoA) && 
-					(EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth) ||
-							EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))
-					) 
-				return true;
-	
-			else if (EAAFConstants.EIDAS_LOA_HIGH.equals(requiredLoA) && EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth)) 
-				return true;
-								
-		} else if (EAAFConstants.EIDAS_LOA_MATCHING_EXACT.equals(matchingMode)) {
-			//to EXACT matching
-			log.trace("Perfom LoA matching in 'EXACT' mode ... ");
-			if (qaaAuth.equals(requiredLoA)) { 
-				log.debug("Required LoA fits LoA from authentication. Continue auth process ... ");
-				return true;
-						
-			}
-																	
-		} else {
-			log.warn("LoA matching-mode:" + matchingMode + " is NOT supported by this implementation");
-			throw new QAANotAllowedException(qaaAuth, requiredLoA, matchingMode);
-			
-		}
-		
-		return false;
-	
-	}		
-	
-	public static void verifyQAALevel(String qaaAuth, List<String> requiredLoAs, String matchingMode) throws QAANotAllowedException {
-		log.trace("Starting LoA verification: authLoA: " + qaaAuth 
-				+ " requiredLoA: " + StringUtils.join(requiredLoAs, "|") 
-				+ " matchingMode: " + matchingMode);
-		
-		boolean hasMatch = false;
-		for (String loa : requiredLoAs) {
-			if (verifyQAALevel(qaaAuth, loa, matchingMode))
-				hasMatch = true;
-							
-		}		
-		
-		if (!hasMatch)
-			throw new QAANotAllowedException(qaaAuth, StringUtils.join(requiredLoAs, "|"), matchingMode);
-		
-		else
-			log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
-		
-	}
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java
new file mode 100644
index 00000000..876fa744
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/QaaLevelVerifier.java
@@ -0,0 +1,106 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
+
+import java.util.List;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.modules.pvp2.exception.QaaNotAllowedException;
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * EAAF LoA Level verifier checks if requested LoA matchs to LoA of authentication.
+ *
+ *
+ * @author tlenz
+ *
+ */
+public class QaaLevelVerifier {
+
+  private static final Logger log = LoggerFactory.getLogger(QaaLevelVerifier.class);
+
+  private static boolean verifyQaaLevel(final String qaaAuth, final String requiredLoA,
+      final String matchingMode) throws QaaNotAllowedException {
+    // to MINIMUM machting
+    if (EAAFConstants.EIDAS_LOA_MATCHING_MINIMUM.equals(matchingMode)) {
+      log.trace("Perfom LoA matching in 'MINIMUM' mode ... ");
+      if (EAAFConstants.EIDAS_LOA_LOW.equals(requiredLoA)
+          && (EAAFConstants.EIDAS_LOA_LOW.equals(qaaAuth)
+              || EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth)
+              || EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) {
+        return true;
+      } else if (EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(requiredLoA)
+          && (EAAFConstants.EIDAS_LOA_SUBSTANTIAL.equals(qaaAuth)
+              || EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth))) {
+        return true;
+      } else if (EAAFConstants.EIDAS_LOA_HIGH.equals(requiredLoA)
+          && EAAFConstants.EIDAS_LOA_HIGH.equals(qaaAuth)) {
+        return true;
+      }
+
+    } else if (EAAFConstants.EIDAS_LOA_MATCHING_EXACT.equals(matchingMode)) {
+      // to EXACT matching
+      log.trace("Perfom LoA matching in 'EXACT' mode ... ");
+      if (qaaAuth.equals(requiredLoA)) {
+        log.debug("Required LoA fits LoA from authentication. Continue auth process ... ");
+        return true;
+
+      }
+
+    } else {
+      log.warn("LoA matching-mode:" + matchingMode + " is NOT supported by this implementation");
+      throw new QaaNotAllowedException(qaaAuth, requiredLoA, matchingMode);
+
+    }
+
+    return false;
+
+  }
+
+  /**
+   * Check LoA level.
+   *
+   * @param qaaAuth LoA of authentication
+   * @param requiredLoAs List of allowed LoA levels
+   * @param matchingMode LoA matching mode
+   * @throws QaaNotAllowedException If LoA does not match
+   */
+  public static void verifyQaaLevel(final String qaaAuth, final List<String> requiredLoAs,
+      final String matchingMode) throws QaaNotAllowedException {
+    log.trace("Starting LoA verification: authLoA: " + qaaAuth + " requiredLoA: "
+        + StringUtils.join(requiredLoAs, "|") + " matchingMode: " + matchingMode);
+
+    boolean hasMatch = false;
+    for (final String loa : requiredLoAs) {
+      if (verifyQaaLevel(qaaAuth, loa, matchingMode)) {
+        hasMatch = true;
+      }
+
+    }
+
+    if (!hasMatch) {
+      throw new QaaNotAllowedException(qaaAuth, StringUtils.join(requiredLoAs, "|"), matchingMode);
+    } else {
+      log.debug("Requesed LoA fits LoA from authentication. Continue auth process ... ");
+    }
+
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SAML2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SAML2Utils.java
deleted file mode 100644
index d33ee6c6..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/SAML2Utils.java
+++ /dev/null
@@ -1,201 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
-
-import java.io.IOException;
-import java.security.NoSuchAlgorithmException;
-import java.util.List;
-
-import javax.xml.namespace.QName;
-import javax.xml.parsers.DocumentBuilder;
-import javax.xml.parsers.DocumentBuilderFactory;
-import javax.xml.parsers.ParserConfigurationException;
-import javax.xml.transform.TransformerException;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.Validator;
-
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.Configuration;
-import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
-import org.opensaml.common.xml.SAMLSchemaBuilder;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.core.Status;
-import org.opensaml.saml2.core.StatusCode;
-import org.opensaml.saml2.metadata.AssertionConsumerService;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.ws.soap.soap11.Body;
-import org.opensaml.ws.soap.soap11.Envelope;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.XMLObjectBuilderFactory;
-import org.opensaml.xml.io.Marshaller;
-import org.opensaml.xml.io.MarshallingException;
-import org.opensaml.xml.schema.XSString;
-import org.opensaml.xml.schema.impl.XSStringBuilder;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.w3c.dom.Document;
-
-import at.gv.egiz.eaaf.core.impl.utils.Random;
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
-
-public class SAML2Utils {
-	private static final Logger log = LoggerFactory.getLogger(SAML2Utils.class);
-	
-	public static <T> T createSAMLObject(final Class<T> clazz) {
-		try {
-			XMLObjectBuilderFactory builderFactory = Configuration
-					.getBuilderFactory();
-
-			QName defaultElementName = (QName) clazz.getDeclaredField(
-					"DEFAULT_ELEMENT_NAME").get(null);
-			@SuppressWarnings("unchecked")
-			T object = (T) builderFactory.getBuilder(defaultElementName)
-					.buildObject(defaultElementName);
-			return object;
-		} catch (Throwable e) {
-			e.printStackTrace();
-			return null;
-		}
-	}
-
-	public static String getSecureIdentifier() {
-		return "_".concat(Random.nextHexRandom16());
-		
-		/*Bug-Fix: There are open problems with RandomNumberGenerator via Java SPI and Java JDK 8.121 
-		*          Generation of a 16bit Random identifier FAILES with an  Caused by: java.lang.ArrayIndexOutOfBoundsException
-		*          Caused by: java.lang.ArrayIndexOutOfBoundsException
-							  at iaik.security.random.o.engineNextBytes(Unknown Source)
-							  at iaik.security.random.SecRandomSpi.engineNextBytes(Unknown Source)
-						      at java.security.SecureRandom.nextBytes(SecureRandom.java:468)
-						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:62)
-						      at org.opensaml.common.impl.SecureRandomIdentifierGenerator.generateIdentifier(SecureRandomIdentifierGenerator.java:56)
-						      at at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils.getSecureIdentifier(SAML2Utils.java:69)        
-		*/		
-		//return idGenerator.generateIdentifier();
-	}
-	
-	private static SecureRandomIdentifierGenerator idGenerator;
-	
-	private static DocumentBuilder builder;
-	static {
-		DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
-		factory.setNamespaceAware(true);
-		try {
-			builder = factory.newDocumentBuilder();
-		} catch (ParserConfigurationException e) {
-			// TODO Auto-generated catch block
-			e.printStackTrace();
-		}
-		try {
-			idGenerator = new SecureRandomIdentifierGenerator();
-		} catch(NoSuchAlgorithmException e) {
-			e.printStackTrace();
-		}
-	}
-
-	public static Document asDOMDocument(XMLObject object) throws IOException,
-			MarshallingException, TransformerException {
-		Document document = builder.newDocument();
-		Marshaller out = Configuration.getMarshallerFactory().getMarshaller(
-				object);
-		out.marshall(object, document);
-		return document;
-	}
-
-	public static Status getSuccessStatus() {
-		Status status = SAML2Utils.createSAMLObject(Status.class);
-		StatusCode statusCode = SAML2Utils.createSAMLObject(StatusCode.class);
-		statusCode.setValue(StatusCode.SUCCESS_URI);
-		status.setStatusCode(statusCode);
-		return status;
-	}
-	
-	public static int getDefaultAssertionConsumerServiceIndex(SPSSODescriptor spSSODescriptor) {
-		
-		List<AssertionConsumerService> assertionConsumerList = spSSODescriptor.getAssertionConsumerServices();
-		
-		for (AssertionConsumerService el : assertionConsumerList) {
-			if (el.isDefault())
-				return el.getIndex();
-			
-		}
-		
-		return 0;
-	}
-	
-    public static Envelope buildSOAP11Envelope(XMLObject payload) {
-        XMLObjectBuilderFactory bf = Configuration.getBuilderFactory();
-        Envelope envelope = (Envelope) bf.getBuilder(Envelope.DEFAULT_ELEMENT_NAME).buildObject(Envelope.DEFAULT_ELEMENT_NAME);
-        Body body = (Body) bf.getBuilder(Body.DEFAULT_ELEMENT_NAME).buildObject(Body.DEFAULT_ELEMENT_NAME);
-         
-        body.getUnknownXMLObjects().add(payload);
-        envelope.setBody(body);
-         
-        return envelope;
-    }
-    
-	 public static EAAFRequestedAttribute generateReqAuthnAttributeSimple(Attribute attr, boolean isRequired, String value) {
-		 EAAFRequestedAttribute requested = SAML2Utils.createSAMLObject(EAAFRequestedAttribute.class);
-		 requested.setName(attr.getName());
-		 requested.setNameFormat(attr.getNameFormat());	
-		 requested.setFriendlyName(attr.getFriendlyName());
-		 requested.setIsRequired(String.valueOf(isRequired));
-		 List<XMLObject> attributeValues = requested.getAttributeValues();
-		 if (StringUtils.isNotEmpty(value)) {
-			 XMLObject attributeValueForRequest = createAttributeValue(PVPConstants.EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE, value);
-					 attributeValues.add(attributeValueForRequest);
-		 }
-		 return requested;
-		 
-	 }
-	
-	    public static void schemeValidation(XMLObject xmlObject) throws Exception {
-	    	try {
-				Schema test = SAMLSchemaBuilder.getSAML11Schema();
-				Validator val = test.newValidator();
-				DOMSource source = new DOMSource(xmlObject.getDOM());		
-				val.validate(source);
-				log.debug("SAML2 Scheme validation successful");
-				return;
-			
-			} catch (Exception e) {
-				log.warn("SAML2 scheme validation FAILED.", e);
-				throw e;
-				
-			}
-	    }
-	 
-    private static XMLObject createAttributeValue(QName attributeValueType, String value) {
-		XSStringBuilder stringBuilder = (XSStringBuilder) Configuration.getBuilderFactory().getBuilder(XSString.TYPE_NAME);
-		XSString stringValue = stringBuilder.buildObject(attributeValueType, XSString.TYPE_NAME);
-		stringValue.setValue(value);
-		return stringValue;
-
-    }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
new file mode 100644
index 00000000..1c7a9652
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/utils/Saml2Utils.java
@@ -0,0 +1,247 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.utils;
+
+import java.io.IOException;
+import java.security.NoSuchAlgorithmException;
+import java.util.List;
+import javax.xml.namespace.QName;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.Validator;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EaafRequestedAttribute;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
+import org.opensaml.common.xml.SAMLSchemaBuilder;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.core.Status;
+import org.opensaml.saml2.core.StatusCode;
+import org.opensaml.saml2.metadata.AssertionConsumerService;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.ws.soap.soap11.Body;
+import org.opensaml.ws.soap.soap11.Envelope;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.XMLObjectBuilderFactory;
+import org.opensaml.xml.io.Marshaller;
+import org.opensaml.xml.io.MarshallingException;
+import org.opensaml.xml.schema.XSString;
+import org.opensaml.xml.schema.impl.XSStringBuilder;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Document;
+
+public class Saml2Utils {
+  private static final Logger log = LoggerFactory.getLogger(Saml2Utils.class);
+
+  private static SecureRandomIdentifierGenerator idGenerator;
+
+  private static DocumentBuilder builder;
+
+  static {
+    final DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
+    factory.setNamespaceAware(true);
+
+    try {
+      builder = factory.newDocumentBuilder();
+
+    } catch (final ParserConfigurationException e) {
+      // TODO Auto-generated catch block
+      e.printStackTrace();
+    }
+
+    try {
+      idGenerator = new SecureRandomIdentifierGenerator();
+
+    } catch (final NoSuchAlgorithmException e) {
+      e.printStackTrace();
+
+    }
+  }
+
+  /**
+   * Create a SAML2 object.
+   *
+   * @param <T> SAML2 object class
+   * @param clazz object class
+   * @return SAML2 object
+   */
+  public static <T> T createSamlObject(final Class<T> clazz) {
+    try {
+      final XMLObjectBuilderFactory builderFactory =
+          org.opensaml.xml.Configuration.getBuilderFactory();
+
+      final QName defaultElementName =
+          (QName) clazz.getDeclaredField("DEFAULT_ELEMENT_NAME").get(null);
+      @SuppressWarnings("unchecked")
+      final T object =
+          (T) builderFactory.getBuilder(defaultElementName).buildObject(defaultElementName);
+      return object;
+    } catch (final Throwable e) {
+      e.printStackTrace();
+      return null;
+    }
+  }
+
+  /**
+   * Get a new SAML2 conform random value.
+   *
+   * @return
+   */
+  public static String getSecureIdentifier() {
+    return "_".concat(Random.nextHexRandom16());
+
+  }
+
+
+  /**
+   * Transform SAML2 Object to Element.
+   *
+   * @param object SAML2 object
+   * @return Element
+   * @throws IOException In case of an transformation error
+   * @throws MarshallingException  In case of an transformation error
+   * @throws TransformerException In case of an transformation error
+   */
+  public static Document asDomDocument(final XMLObject object)
+      throws IOException, MarshallingException, TransformerException {
+    final Document document = builder.newDocument();
+    final Marshaller out =
+        org.opensaml.xml.Configuration.getMarshallerFactory().getMarshaller(object);
+    out.marshall(object, document);
+    return document;
+  }
+
+  /**
+   * Build success status element.
+   *
+   * @return
+   */
+  public static Status getSuccessStatus() {
+    final Status status = Saml2Utils.createSamlObject(Status.class);
+    final StatusCode statusCode = Saml2Utils.createSamlObject(StatusCode.class);
+    statusCode.setValue(StatusCode.SUCCESS_URI);
+    status.setStatusCode(statusCode);
+    return status;
+  }
+
+  /**
+   * Get AssertionConsumerService Index from metadata element.
+   *
+   * @param spSsoDescriptor metadata element
+   * @return
+   */
+  public static int getDefaultAssertionConsumerServiceIndex(final SPSSODescriptor spSsoDescriptor) {
+
+    final List<AssertionConsumerService> assertionConsumerList =
+        spSsoDescriptor.getAssertionConsumerServices();
+
+    for (final AssertionConsumerService el : assertionConsumerList) {
+      if (el.isDefault()) {
+        return el.getIndex();
+      }
+
+    }
+
+    return 0;
+  }
+
+  /**
+   * Build SOAP11 body from SAML2 object.
+   *
+   * @param payload SAML2 object
+   * @return
+   */
+  public static Envelope buildSoap11Envelope(final XMLObject payload) {
+    final XMLObjectBuilderFactory bf = org.opensaml.xml.Configuration.getBuilderFactory();
+    final Envelope envelope = (Envelope) bf.getBuilder(Envelope.DEFAULT_ELEMENT_NAME)
+        .buildObject(Envelope.DEFAULT_ELEMENT_NAME);
+    final Body body =
+        (Body) bf.getBuilder(Body.DEFAULT_ELEMENT_NAME).buildObject(Body.DEFAULT_ELEMENT_NAME);
+
+    body.getUnknownXMLObjects().add(payload);
+    envelope.setBody(body);
+
+    return envelope;
+  }
+
+  /**
+   * Generate EAAF specific requested attribute.
+   *
+   * @param attr SAML2 attribute definition
+   * @param isRequired is-mandatory flag
+   * @param value Attribute value
+   * @return
+   */
+  public static EaafRequestedAttribute generateReqAuthnAttributeSimple(final Attribute attr,
+      final boolean isRequired, final String value) {
+    final EaafRequestedAttribute requested =
+        Saml2Utils.createSamlObject(EaafRequestedAttribute.class);
+    requested.setName(attr.getName());
+    requested.setNameFormat(attr.getNameFormat());
+    requested.setFriendlyName(attr.getFriendlyName());
+    requested.setIsRequired(String.valueOf(isRequired));
+    final List<XMLObject> attributeValues = requested.getAttributeValues();
+    if (StringUtils.isNotEmpty(value)) {
+      final XMLObject attributeValueForRequest =
+          createAttributeValue(PvpConstants.EIDAS_REQUESTED_ATTRIBUTE_VALUE_TYPE, value);
+      attributeValues.add(attributeValueForRequest);
+    }
+    return requested;
+
+  }
+
+  /**
+   * Perform XML schema-validation on SAML2 object.
+   *
+   * @param xmlObject SAML2 object
+   * @throws Exception In case of a validation error
+   */
+  public static void schemeValidation(final XMLObject xmlObject) throws Exception {
+    try {
+      final Schema test = SAMLSchemaBuilder.getSAML11Schema();
+      final Validator val = test.newValidator();
+      final DOMSource source = new DOMSource(xmlObject.getDOM());
+      val.validate(source);
+      log.debug("SAML2 Scheme validation successful");
+      return;
+
+    } catch (final Exception e) {
+      log.warn("SAML2 scheme validation FAILED.", e);
+      throw e;
+
+    }
+  }
+
+  private static XMLObject createAttributeValue(final QName attributeValueType,
+      final String value) {
+    final XSStringBuilder stringBuilder = (XSStringBuilder) org.opensaml.xml.Configuration
+        .getBuilderFactory().getBuilder(XSString.TYPE_NAME);
+    final XSString stringValue = stringBuilder.buildObject(attributeValueType, XSString.TYPE_NAME);
+    stringValue.setValue(value);
+    return stringValue;
+
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EAAFURICompare.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EAAFURICompare.java
deleted file mode 100644
index 30b7dcf9..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EAAFURICompare.java
+++ /dev/null
@@ -1,60 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
-
-import org.opensaml.common.binding.decoding.URIComparator;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-
-public class EAAFURICompare implements URIComparator {
-	private static final Logger log = LoggerFactory.getLogger(EAAFURICompare.class);
-	
-	private String serviceURL = "";
-	
-	/**
-	 * 
-	 * 
-	 * @param serviceURL public URL of the PVP S-Profile endpoint
-	 */
-	public EAAFURICompare(String serviceURL) {
-		this.serviceURL = serviceURL;
-	}
-
-	public boolean compare(String uri1, String uri2) {				
-		if (this.serviceURL.equals(uri1))		
-			return true;
-		
-		else {
-			log.warn("PVP request destination-endpoint: " + uri1 
-					+ " does not match to IDP endpoint:" + serviceURL);
-			return false;
-			
-		}
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java
new file mode 100644
index 00000000..fcee2382
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/EaafUriCompare.java
@@ -0,0 +1,53 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
+
+import org.opensaml.common.binding.decoding.URIComparator;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+
+public class EaafUriCompare implements URIComparator {
+  private static final Logger log = LoggerFactory.getLogger(EaafUriCompare.class);
+
+  private String serviceUrl = "";
+
+  /**
+   * SAML2 URL comperator.
+   *
+   * @param serviceUrl public URL of the PVP S-Profile endpoint
+   */
+  public EaafUriCompare(final String serviceUrl) {
+    this.serviceUrl = serviceUrl;
+  }
+
+  @Override
+  public boolean compare(final String uri1, final String uri2) {
+    if (this.serviceUrl.equals(uri1)) {
+      return true;
+    } else {
+      log.warn("PVP request destination-endpoint: " + uri1 + " does not match to IDP endpoint:"
+          + serviceUrl);
+      return false;
+
+    }
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
index 18ee5797..d8ae95a0 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/TrustEngineFactory.java
@@ -1,34 +1,26 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.validation;
 
 import java.util.ArrayList;
 import java.util.List;
-
 import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.opensaml.security.MetadataCredentialResolver;
 import org.opensaml.xml.security.keyinfo.BasicProviderKeyInfoCredentialResolver;
@@ -42,24 +34,31 @@ import org.opensaml.xml.signature.impl.ExplicitKeySignatureTrustEngine;
 
 public class TrustEngineFactory {
 
-	public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(MetadataProvider provider) {
-		MetadataCredentialResolver resolver;
+  /**
+   * Get OpenSAML2 TrustEngine.
+   *
+   * @param provider Metadata provider
+   * @return
+   */
+  public static SignatureTrustEngine getSignatureKnownKeysTrustEngine(
+      final MetadataProvider provider) {
+    MetadataCredentialResolver resolver;
 
-		resolver = new MetadataCredentialResolver(provider);
+    resolver = new MetadataCredentialResolver(provider);
 
-		List<KeyInfoProvider> keyInfoProvider = new ArrayList<KeyInfoProvider>();
-		keyInfoProvider.add(new DSAKeyValueProvider());
-		keyInfoProvider.add(new RSAKeyValueProvider());
-		keyInfoProvider.add(new InlineX509DataProvider());
+    final List<KeyInfoProvider> keyInfoProvider = new ArrayList<>();
+    keyInfoProvider.add(new DSAKeyValueProvider());
+    keyInfoProvider.add(new RSAKeyValueProvider());
+    keyInfoProvider.add(new InlineX509DataProvider());
 
-		KeyInfoCredentialResolver keyInfoResolver = new BasicProviderKeyInfoCredentialResolver(
-				keyInfoProvider);
+    final KeyInfoCredentialResolver keyInfoResolver =
+        new BasicProviderKeyInfoCredentialResolver(keyInfoProvider);
 
-		ExplicitKeySignatureTrustEngine engine = new ExplicitKeySignatureTrustEngine(
-				resolver, keyInfoResolver);
+    final ExplicitKeySignatureTrustEngine engine =
+        new ExplicitKeySignatureTrustEngine(resolver, keyInfoResolver);
 
-		return engine;
+    return engine;
 
-	}
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
index 424c4431..40cbdeb0 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/AbstractMetadataSignatureFilter.java
@@ -1,35 +1,30 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata;
 
 import java.util.ArrayList;
 import java.util.Iterator;
 import java.util.List;
-
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
 import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
@@ -37,118 +32,117 @@ import org.opensaml.xml.XMLObject;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SignatureValidationException;
-
 public abstract class AbstractMetadataSignatureFilter implements MetadataFilter {
-	private static final Logger log = LoggerFactory.getLogger(AbstractMetadataSignatureFilter.class);
-		
-	public void doFilter(XMLObject metadata) throws SignatureValidationException {
-		try {
-			if (metadata instanceof EntitiesDescriptor) {
-				EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
-				if(entitiesDescriptor.getSignature() == null) {
-					throw new PVP2MetadataException("pvp2.26", 
-							new Object[] {"Root element of metadata file has to be signed"});
-				}
-				processEntitiesDescriptor(entitiesDescriptor);
-				
-				
-				if (entitiesDescriptor.getEntityDescriptors().size() == 0) {
-					throw new PVP2MetadataException("pvp2.26", 
-							new Object[] {"No valid entity in metadata " + entitiesDescriptor.getName()});
-				}
-				
-				
-			} else if (metadata instanceof EntityDescriptor) {
-				EntityDescriptor entityDescriptor = (EntityDescriptor) metadata;
-				processEntityDescriptorr(entityDescriptor);
-				
-			} else
-				throw new PVP2MetadataException("pvp2.26", 
-						new Object[] {"Invalid Metadata file Root element is unknown"});
-			
-			
-			
-			log.info("Metadata signature policy check done OK");
-		} catch (EAAFException e) {
-			log.warn("Metadata signature policy check FAILED.", e);
-			throw new SignatureValidationException(e);
-			
-		}
-	}
-	
-	/**
-	 * Signature verification of a SAML2 EntityDescriptor element
-	 * 
-	 * @param desc 
-	 * @throws PVP2MetadataException if the signature is not valid or can not verified
-	 */
-	protected abstract void verify(EntityDescriptor desc) throws PVP2MetadataException;
-	
-	/**
-	 * Signature verification of a SAML2 EntitiesDescriptor element
-	 * 
-	 * @param desc
-	 * @throws PVP2MetadataException if the signature is not valid or can not verified
-	 */
-	protected abstract void verify(EntitiesDescriptor desc) throws PVP2MetadataException;
-	
-	/**
-	 * Verify a EntityDescriptor element of an EntitiesDescriptor
-	 * 
-	 * @param entity EntityDescriptor to verify
-	 * @param desc Full EntitiesDescriptor  that contains the EntityDescriptor
-	 * @throws PVP2MetadataException
-	 */
-	protected abstract void verify(EntityDescriptor entity, EntitiesDescriptor desc) throws PVP2MetadataException;
-	
-	
-	private void processEntityDescriptorr(EntityDescriptor desc) throws EAAFException {				
-		verify(desc);
-		
-	}
-	
-	private void processEntitiesDescriptor(EntitiesDescriptor desc) throws EAAFException {
-		Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
-		
-		if(desc.getSignature() != null) {
-			verify(desc);
-			
-		}
-		
-		while(entID.hasNext()) {
-			processEntitiesDescriptor(entID.next());
-		}
-				
-		Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
-		List<EntityDescriptor> verifiedEntIT = new ArrayList<EntityDescriptor>();
-		
-		//check every Entity		
-		while(entIT.hasNext()) {			
-			EntityDescriptor entity = entIT.next();
-			log.debug("Validate metadata for entityID: " + entity.getEntityID() + " ..... ");
-			try {
-				verify(entity, desc);
-				
-				//add entity to verified entity-list					
-				verifiedEntIT.add(entity);
-				log.debug("Metadata for entityID: " + entity.getEntityID() + " valid");
-				
-				
-			} catch (Exception e) {
-				//remove entity of signature can not be verified.
-				log.info("Entity " + entity.getEntityID() + " is removed from metadata " 
-						+ desc.getName() + ". Entity verification error: " + e.getMessage());
-
-			}
-			
-		}		
-		
-		//set only verified entity elements
-		desc.getEntityDescriptors().clear();
-		desc.getEntityDescriptors().addAll(verifiedEntIT);
-	}
+  private static final Logger log = LoggerFactory.getLogger(AbstractMetadataSignatureFilter.class);
+
+  @Override
+  public void doFilter(final XMLObject metadata) throws SignatureValidationException {
+    try {
+      if (metadata instanceof EntitiesDescriptor) {
+        final EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+        if (entitiesDescriptor.getSignature() == null) {
+          throw new Pvp2MetadataException("pvp2.26",
+              new Object[] {"Root element of metadata file has to be signed"});
+        }
+        processEntitiesDescriptor(entitiesDescriptor);
+
+
+        if (entitiesDescriptor.getEntityDescriptors().size() == 0) {
+          throw new Pvp2MetadataException("pvp2.26",
+              new Object[] {"No valid entity in metadata " + entitiesDescriptor.getName()});
+        }
+
+
+      } else if (metadata instanceof EntityDescriptor) {
+        final EntityDescriptor entityDescriptor = (EntityDescriptor) metadata;
+        processEntityDescriptorr(entityDescriptor);
+
+      } else {
+        throw new Pvp2MetadataException("pvp2.26",
+            new Object[] {"Invalid Metadata file Root element is unknown"});
+      }
+
+
+
+      log.info("Metadata signature policy check done OK");
+    } catch (final EaafException e) {
+      log.warn("Metadata signature policy check FAILED.", e);
+      throw new SignatureValidationException(e);
+
+    }
+  }
+
+  /**
+   * Signature verification of a SAML2 EntityDescriptor element.
+   *
+   * @param desc EntityDescriptor
+   * @throws Pvp2MetadataException if the signature is not valid or can not verified
+   */
+  protected abstract void verify(EntityDescriptor desc) throws Pvp2MetadataException;
+
+  /**
+   * Signature verification of a SAML2 EntitiesDescriptor element.
+   *
+   * @param desc EntitiesDescriptor
+   * @throws Pvp2MetadataException if the signature is not valid or can not verified
+   */
+  protected abstract void verify(EntitiesDescriptor desc) throws Pvp2MetadataException;
+
+  /**
+   * Verify a EntityDescriptor element of an EntitiesDescriptor.
+   *
+   * @param entity EntityDescriptor to verify
+   * @param desc Full EntitiesDescriptor that contains the EntityDescriptor
+   * @throws Pvp2MetadataException In case of an verification error
+   */
+  protected abstract void verify(EntityDescriptor entity, EntitiesDescriptor desc)
+      throws Pvp2MetadataException;
+
+
+  private void processEntityDescriptorr(final EntityDescriptor desc) throws EaafException {
+    verify(desc);
+
+  }
+
+  private void processEntitiesDescriptor(final EntitiesDescriptor desc) throws EaafException {
+    final Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
+
+    if (desc.getSignature() != null) {
+      verify(desc);
+
+    }
+
+    while (entID.hasNext()) {
+      processEntitiesDescriptor(entID.next());
+    }
+
+    final Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+    final List<EntityDescriptor> verifiedEntIT = new ArrayList<>();
+
+    // check every Entity
+    while (entIT.hasNext()) {
+      final EntityDescriptor entity = entIT.next();
+      log.debug("Validate metadata for entityID: " + entity.getEntityID() + " ..... ");
+      try {
+        verify(entity, desc);
+
+        // add entity to verified entity-list
+        verifiedEntIT.add(entity);
+        log.debug("Metadata for entityID: " + entity.getEntityID() + " valid");
+
+
+      } catch (final Exception e) {
+        // remove entity of signature can not be verified.
+        log.info("Entity " + entity.getEntityID() + " is removed from metadata " + desc.getName()
+            + ". Entity verification error: " + e.getMessage());
+
+      }
+
+    }
+
+    // set only verified entity elements
+    desc.getEntityDescriptors().clear();
+    desc.getEntityDescriptors().addAll(verifiedEntIT);
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PVPEntityCategoryFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PVPEntityCategoryFilter.java
deleted file mode 100644
index 87ab31fb..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PVPEntityCategoryFilter.java
+++ /dev/null
@@ -1,236 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.saml2.common.Extensions;
-import org.opensaml.saml2.core.Attribute;
-import org.opensaml.saml2.metadata.AttributeConsumingService;
-import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
-import org.opensaml.saml2.metadata.LocalizedString;
-import org.opensaml.saml2.metadata.RequestedAttribute;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.saml2.metadata.ServiceName;
-import org.opensaml.saml2.metadata.provider.FilterException;
-import org.opensaml.saml2.metadata.provider.MetadataFilter;
-import org.opensaml.samlext.saml2mdattr.EntityAttributes;
-import org.opensaml.xml.XMLObject;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-
-import at.gv.egiz.eaaf.core.impl.data.Trible;
-import at.gv.egiz.eaaf.modules.pvp2.PVPConstants;
-import at.gv.egiz.eaaf.modules.pvp2.exception.PVP2MetadataException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
-import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
-
-/**
- * @author tlenz
- *
- */
-public class PVPEntityCategoryFilter implements MetadataFilter {
-	private static final Logger log = LoggerFactory.getLogger(PVPEntityCategoryFilter.class);
-	
-	private boolean isUsed = false;
-	
-	/**
-	 * Filter to map PVP EntityCategories into a set of single PVP attributes 
-	 * 
-	 * @param isUsed if true PVP EntityCategories are mapped, otherwise they are ignored
-	 * 
-	 */
-	public PVPEntityCategoryFilter(boolean isUsed) {
-		this.isUsed = isUsed;
-	}
-	
-	
-	/* (non-Javadoc)
-	 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
-	 */
-	@Override
-	public void doFilter(XMLObject metadata) throws FilterException {
-		
-		if (isUsed) {
-			 log.trace("Map PVP EntityCategory to single PVP Attributes ... ");
-			String entityId = null;
-			try {
-				if (metadata instanceof EntitiesDescriptor) {
-					 log.trace("Find EnitiesDescriptor ... ");
-					EntitiesDescriptor entitiesDesc = (EntitiesDescriptor) metadata;
-					if (entitiesDesc.getEntityDescriptors() != null) {
-						for (EntityDescriptor el : entitiesDesc.getEntityDescriptors()) 
-							resolveEntityCategoriesToAttributes(el);
-						
-					}
-									
-				} else if (metadata instanceof EntityDescriptor) {
-					 log.trace("Find EntityDescriptor");
-					resolveEntityCategoriesToAttributes((EntityDescriptor)metadata);
-					
-					
-				} else
-					throw new PVP2MetadataException("pvp2.26", 
-							new Object[] {"Invalid Metadata file Root element is no Entities- or EntityDescriptor"});
-				
-				
-				
-			} catch (Exception e) {
-				 log.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: " + entityId, e);
-				
-			}
-			
-		} else
-			 log.trace("Filter to map PVP EntityCategory to single PVP Attributes is deactivated");
-		
-	}
-
-	private void resolveEntityCategoriesToAttributes(EntityDescriptor metadata) {
-		 log.debug("Resolving EntityCategorie for Entity: " + metadata.getEntityID() + " ...");
-		Extensions extensions = metadata.getExtensions();
-		if (extensions != null) {
-			List<XMLObject> listOfExt = extensions.getUnknownXMLObjects();
-			if (listOfExt != null && !listOfExt.isEmpty()) {
-				 log.trace("Find #" + listOfExt.size() + " 'Extension' elements ");
-				for (XMLObject el : listOfExt) {
-					 log.trace("Find ExtensionElement: " + el.getElementQName().toString());
-					if (el instanceof EntityAttributes) {
-						EntityAttributes entityAttrElem = (EntityAttributes)el;
-						if (entityAttrElem.getAttributes() != null) {
-							 log.trace("Find EntityAttributes. Start attribute processing ...");
-							for (Attribute entityAttr : entityAttrElem.getAttributes()) {
-								if (entityAttr.getName().equals(PVPConstants.ENTITY_CATEGORY_ATTRIBITE)) {
-									if (!entityAttr.getAttributeValues().isEmpty()) {
-										String entityAttrValue = entityAttr.getAttributeValues().get(0).getDOM().getTextContent();
-										if (PVPConstants.EGOVTOKEN.equals(entityAttrValue)) {
-											 log.debug("Find 'EGOVTOKEN' EntityAttribute. Adding single pvp attributes ... ");
-											addAttributesToEntityDescriptor(metadata, 
-													buildAttributeList(PVPConstants.EGOVTOKEN_PVP_ATTRIBUTES), 
-													entityAttrValue);
-											
-																													
-										} else if (PVPConstants.CITIZENTOKEN.equals(entityAttrValue)) {
-											 log.debug("Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... ");
-											addAttributesToEntityDescriptor(metadata, 
-													buildAttributeList(PVPConstants.CITIZENTOKEN_PVP_ATTRIBUTES), 
-													entityAttrValue);
-											
-										} else
-											 log.info("EntityAttributeValue: " + entityAttrValue + " is UNKNOWN!");
-																			
-									} else
-										 log.info("EntityAttribute: No attribute value");
-																		
-								} else 
-									 log.info("EntityAttribute: " + entityAttr.getName() + " is NOT supported");
-								
-							}
-										
-						} else
-							 log.info("Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!");
-						
-					}					
-				}
-				
-			} else
-				 log.trace("'Extension' element is 'null' or empty");
-			
-		} else
-			 log.trace("No 'Extension' element found");
-				
-	}
-	
-	/**
-	 * @param metadata
-	 * @param attrList
-	 */
-	private void addAttributesToEntityDescriptor(EntityDescriptor metadata, List<RequestedAttribute> attrList, String entityAttr) {
-		SPSSODescriptor spSSODesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
-		if (spSSODesc != null) {
-			if (spSSODesc.getAttributeConsumingServices() == null || 
-					spSSODesc.getAttributeConsumingServices().isEmpty()) {
-				 log.trace("No 'AttributeConsumingServices' found. Added it ...");
-				
-				AttributeConsumingService attributeService = SAML2Utils.createSAMLObject(AttributeConsumingService.class);						
-				attributeService.setIndex(0);
-				attributeService.setIsDefault(true);
-				ServiceName serviceName = SAML2Utils.createSAMLObject(ServiceName.class);
-				serviceName.setName(new LocalizedString("Default Service", "en"));
-				attributeService.getNames().add(serviceName);
-				
-				if (attrList != null && !attrList.isEmpty()) {
-					attributeService.getRequestAttributes().addAll(attrList);
-					 log.info("Add  " + attrList.size() + " attributes for 'EntityAttribute': " + entityAttr);
-					
-				}
-				
-				spSSODesc.getAttributeConsumingServices().add(attributeService);
-				
-			} else {
-				 log.debug("Find 'AttributeConsumingServices'. Starting updating process ... ");
-				for (AttributeConsumingService el : spSSODesc.getAttributeConsumingServices()) {
-					 log.debug("Update 'AttributeConsumingService' with Index: " + el.getIndex());
-					
-					//load currently requested attributes
-					List<String> currentlyReqAttr = new ArrayList<String>();
-					for (RequestedAttribute reqAttr : el.getRequestAttributes())
-						currentlyReqAttr.add(reqAttr.getName());
-						
-
-					//check against EntityAttribute List
-					for (RequestedAttribute entityAttrListEl : attrList) {
-						if (!currentlyReqAttr.contains(entityAttrListEl.getName())) {
-							el.getRequestAttributes().add(entityAttrListEl);
-							
-						} else
-							 log.debug("'AttributeConsumingService' already contains attr: " + entityAttrListEl.getName());
-						
-					}
-					
-				}
-				
-			}
-			
-		} else
-			 log.info("Can ONLY add 'EntityAttributes' to 'SPSSODescriptor'");
-		
-	}
-
-	private List<RequestedAttribute> buildAttributeList(List<Trible<String, String, Boolean>> attrSet) {
-		List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
-		for (Trible<String, String, Boolean> el : attrSet)
-			requestedAttributes.add(PVPAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), el.getThird()));	
-					
-		return requestedAttributes;
-		
-		
-	}
-	 	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java
new file mode 100644
index 00000000..2d81b1f8
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/PvpEntityCategoryFilter.java
@@ -0,0 +1,251 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata;
+
+import java.util.ArrayList;
+import java.util.List;
+import at.gv.egiz.eaaf.core.impl.data.Trible;
+import at.gv.egiz.eaaf.modules.pvp2.PvpConstants;
+import at.gv.egiz.eaaf.modules.pvp2.exception.Pvp2MetadataException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.saml2.common.Extensions;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.saml2.metadata.AttributeConsumingService;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.LocalizedString;
+import org.opensaml.saml2.metadata.RequestedAttribute;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.saml2.metadata.ServiceName;
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.samlext.saml2mdattr.EntityAttributes;
+import org.opensaml.xml.XMLObject;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+/**
+ * Metadata filter that inject requested attributes based on Metadata EntityCategories.
+ *
+ * @author tlenz
+ *
+ */
+public class PvpEntityCategoryFilter implements MetadataFilter {
+  private static final Logger log = LoggerFactory.getLogger(PvpEntityCategoryFilter.class);
+
+  private boolean isUsed = false;
+
+  /**
+   * Filter to map PVP EntityCategories into a set of single PVP attributes.
+   *
+   * @param isUsed if true PVP EntityCategories are mapped, otherwise they are ignored
+   *
+   */
+  public PvpEntityCategoryFilter(final boolean isUsed) {
+    this.isUsed = isUsed;
+  }
+
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+   */
+  @Override
+  public void doFilter(final XMLObject metadata) throws FilterException {
+
+    if (isUsed) {
+      log.trace("Map PVP EntityCategory to single PVP Attributes ... ");
+      final String entityId = null;
+      try {
+        if (metadata instanceof EntitiesDescriptor) {
+          log.trace("Find EnitiesDescriptor ... ");
+          final EntitiesDescriptor entitiesDesc = (EntitiesDescriptor) metadata;
+          if (entitiesDesc.getEntityDescriptors() != null) {
+            for (final EntityDescriptor el : entitiesDesc.getEntityDescriptors()) {
+              resolveEntityCategoriesToAttributes(el);
+            }
+
+          }
+
+        } else if (metadata instanceof EntityDescriptor) {
+          log.trace("Find EntityDescriptor");
+          resolveEntityCategoriesToAttributes((EntityDescriptor) metadata);
+
+
+        } else {
+          throw new Pvp2MetadataException("pvp2.26", new Object[] {
+              "Invalid Metadata file Root element is no Entities- or EntityDescriptor"});
+        }
+
+
+
+      } catch (final Exception e) {
+        log.warn("SAML2 Metadata processing FAILED: Can not resolve EntityCategories for metadata: "
+            + entityId, e);
+
+      }
+
+    } else {
+      log.trace("Filter to map PVP EntityCategory to single PVP Attributes is deactivated");
+    }
+
+  }
+
+  private void resolveEntityCategoriesToAttributes(final EntityDescriptor metadata) {
+    log.debug("Resolving EntityCategorie for Entity: " + metadata.getEntityID() + " ...");
+    final Extensions extensions = metadata.getExtensions();
+    if (extensions != null) {
+      final List<XMLObject> listOfExt = extensions.getUnknownXMLObjects();
+      if (listOfExt != null && !listOfExt.isEmpty()) {
+        log.trace("Find #" + listOfExt.size() + " 'Extension' elements ");
+        for (final XMLObject el : listOfExt) {
+          log.trace("Find ExtensionElement: " + el.getElementQName().toString());
+          if (el instanceof EntityAttributes) {
+            final EntityAttributes entityAttrElem = (EntityAttributes) el;
+            if (entityAttrElem.getAttributes() != null) {
+              log.trace("Find EntityAttributes. Start attribute processing ...");
+              for (final Attribute entityAttr : entityAttrElem.getAttributes()) {
+                if (entityAttr.getName().equals(PvpConstants.ENTITY_CATEGORY_ATTRIBITE)) {
+                  if (!entityAttr.getAttributeValues().isEmpty()) {
+                    final String entityAttrValue =
+                        entityAttr.getAttributeValues().get(0).getDOM().getTextContent();
+                    if (PvpConstants.EGOVTOKEN.equals(entityAttrValue)) {
+                      log.debug(
+                          "Find 'EGOVTOKEN' EntityAttribute. Adding single pvp attributes ... ");
+                      addAttributesToEntityDescriptor(metadata,
+                          buildAttributeList(PvpConstants.EGOVTOKEN_PVP_ATTRIBUTES),
+                          entityAttrValue);
+
+
+                    } else if (PvpConstants.CITIZENTOKEN.equals(entityAttrValue)) {
+                      log.debug(
+                          "Find 'CITIZENTOKEN' EntityAttribute. Adding single pvp attributes ... ");
+                      addAttributesToEntityDescriptor(metadata,
+                          buildAttributeList(PvpConstants.CITIZENTOKEN_PVP_ATTRIBUTES),
+                          entityAttrValue);
+
+                    } else {
+                      log.info("EntityAttributeValue: " + entityAttrValue + " is UNKNOWN!");
+                    }
+
+                  } else {
+                    log.info("EntityAttribute: No attribute value");
+                  }
+
+                } else {
+                  log.info("EntityAttribute: " + entityAttr.getName() + " is NOT supported");
+                }
+
+              }
+
+            } else {
+              log.info(
+                  "Can NOT resolve EntityAttributes! Reason: Only EntityAttributes are supported!");
+            }
+
+          }
+        }
+
+      } else {
+        log.trace("'Extension' element is 'null' or empty");
+      }
+
+    } else {
+      log.trace("No 'Extension' element found");
+    }
+
+  }
+
+
+  private void addAttributesToEntityDescriptor(final EntityDescriptor metadata,
+      final List<RequestedAttribute> attrList, final String entityAttr) {
+    final SPSSODescriptor spSsoDesc = metadata.getSPSSODescriptor(SAMLConstants.SAML20P_NS);
+    if (spSsoDesc != null) {
+      if (spSsoDesc.getAttributeConsumingServices() == null
+          || spSsoDesc.getAttributeConsumingServices().isEmpty()) {
+        log.trace("No 'AttributeConsumingServices' found. Added it ...");
+
+        final AttributeConsumingService attributeService =
+            Saml2Utils.createSamlObject(AttributeConsumingService.class);
+        attributeService.setIndex(0);
+        attributeService.setIsDefault(true);
+        final ServiceName serviceName = Saml2Utils.createSamlObject(ServiceName.class);
+        serviceName.setName(new LocalizedString("Default Service", "en"));
+        attributeService.getNames().add(serviceName);
+
+        if (attrList != null && !attrList.isEmpty()) {
+          attributeService.getRequestAttributes().addAll(attrList);
+          log.info("Add  " + attrList.size() + " attributes for 'EntityAttribute': " + entityAttr);
+
+        }
+
+        spSsoDesc.getAttributeConsumingServices().add(attributeService);
+
+      } else {
+        log.debug("Find 'AttributeConsumingServices'. Starting updating process ... ");
+        for (final AttributeConsumingService el : spSsoDesc.getAttributeConsumingServices()) {
+          log.debug("Update 'AttributeConsumingService' with Index: " + el.getIndex());
+
+          // load currently requested attributes
+          final List<String> currentlyReqAttr = new ArrayList<>();
+          for (final RequestedAttribute reqAttr : el.getRequestAttributes()) {
+            currentlyReqAttr.add(reqAttr.getName());
+          }
+
+
+          // check against EntityAttribute List
+          for (final RequestedAttribute entityAttrListEl : attrList) {
+            if (!currentlyReqAttr.contains(entityAttrListEl.getName())) {
+              el.getRequestAttributes().add(entityAttrListEl);
+
+            } else {
+              log.debug("'AttributeConsumingService' already contains attr: "
+                  + entityAttrListEl.getName());
+            }
+
+          }
+
+        }
+
+      }
+
+    } else {
+      log.info("Can ONLY add 'EntityAttributes' to 'SPSSODescriptor'");
+    }
+
+  }
+
+  private List<RequestedAttribute> buildAttributeList(
+      final List<Trible<String, String, Boolean>> attrSet) {
+    final List<RequestedAttribute> requestedAttributes = new ArrayList<>();
+    for (final Trible<String, String, Boolean> el : attrSet) {
+      requestedAttributes
+          .add(PvpAttributeBuilder.buildReqAttribute(el.getFirst(), el.getSecond(), el.getThird()));
+    }
+
+    return requestedAttributes;
+
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
index b5de4b21..3ff78ca8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/validation/metadata/SchemaValidationFilter.java
@@ -1,35 +1,28 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.validation.metadata;
 
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.validation.Schema;
 import javax.xml.validation.Validator;
-
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
 import org.opensaml.common.xml.SAMLSchemaBuilder;
 import org.opensaml.saml2.metadata.provider.FilterException;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
@@ -38,69 +31,65 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.xml.sax.SAXException;
 
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
-
-/**
- * @author tlenz
- *
- */
 public class SchemaValidationFilter implements MetadataFilter {
-	private static final Logger log = LoggerFactory.getLogger(SchemaValidationFilter.class);
-	private boolean isActive = true;
-	
-	public SchemaValidationFilter() {
-	}
-	
-	/**
-	 * 
-	 */
-	public SchemaValidationFilter(boolean useSchemaValidation) {
-		this.isActive = useSchemaValidation;
-	}
-	
-	
-	/* (non-Javadoc)
-	 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
-	 */
-	@Override
-	public void doFilter(XMLObject arg0) throws FilterException {
-		
-		String errString = null;
-		
-		if (isActive) {
-			try {
-				Schema test = SAMLSchemaBuilder.getSAML11Schema();
-				Validator val = test.newValidator();
-				DOMSource source = new DOMSource(arg0.getDOM());		
-				val.validate(source);
-				log.info("Metadata Schema validation check done OK");
-				return;
-			
-			} catch (SAXException e) {
-				if (log.isDebugEnabled() || log.isTraceEnabled())
-					log.warn("Metadata Schema validation FAILED with exception:", e);
-				else
-					log.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
-
-				errString = e.getMessage();
-				
-			} catch (Exception e) {
-				if (log.isDebugEnabled() || log.isTraceEnabled())
-					log.warn("Metadata Schema validation FAILED with exception:", e);
-				else
-					log.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
-				
-				errString = e.getMessage();
-				
-			}
-			
-			throw new FilterException(
-					new SchemaValidationException("pvp2.26", 
-							new Object[] {"Metadata Schema validation FAILED with message: " + errString}));
-						
-		} else		
-			log.info("Metadata Schema validation check is DEACTIVATED!");
-		
-	}
+  private static final Logger log = LoggerFactory.getLogger(SchemaValidationFilter.class);
+  private boolean isActive = true;
+
+  public SchemaValidationFilter() {
+
+  }
+
+  public SchemaValidationFilter(final boolean useSchemaValidation) {
+    this.isActive = useSchemaValidation;
+  }
+
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+   */
+  @Override
+  public void doFilter(final XMLObject arg0) throws FilterException {
+
+    String errString = null;
+
+    if (isActive) {
+      try {
+        final Schema test = SAMLSchemaBuilder.getSAML11Schema();
+        final Validator val = test.newValidator();
+        final DOMSource source = new DOMSource(arg0.getDOM());
+        val.validate(source);
+        log.info("Metadata Schema validation check done OK");
+        return;
+
+      } catch (final SAXException e) {
+        if (log.isDebugEnabled() || log.isTraceEnabled()) {
+          log.warn("Metadata Schema validation FAILED with exception:", e);
+        } else {
+          log.warn("Metadata Schema validation FAILED with message: " + e.getMessage());
+        }
+
+        errString = e.getMessage();
+
+      } catch (final Exception e) {
+        if (log.isDebugEnabled() || log.isTraceEnabled()) {
+          log.warn("Metadata Schema validation FAILED with exception:", e);
+        } else {
+          log.warn("Metadata Schema validation FAILED with message: " + e.getMessage());
+        }
+
+        errString = e.getMessage();
+
+      }
+
+      throw new FilterException(new SchemaValidationException("pvp2.26",
+          new Object[] {"Metadata Schema validation FAILED with message: " + errString}));
+
+    } else {
+      log.info("Metadata Schema validation check is DEACTIVATED!");
+    }
+
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
index f1dd1269..fc1b6ea8 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/AbstractRequestSignedSecurityPolicyRule.java
@@ -1,36 +1,29 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
  *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
  * https://joinup.ec.europa.eu/news/understanding-eupl-v12
  *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
 package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
 
 import javax.xml.namespace.QName;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.validation.Schema;
 import javax.xml.validation.Validator;
-
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
 import org.apache.commons.lang3.StringUtils;
 import org.opensaml.common.SignableSAMLObject;
 import org.opensaml.common.xml.SAMLConstants;
@@ -52,144 +45,154 @@ import org.slf4j.LoggerFactory;
 import org.w3c.dom.Element;
 import org.xml.sax.SAXException;
 
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
-
 /**
+ * Signature Policy for SAML2 redirect-binding.
+ *
  * @author tlenz
  *
  */
 public abstract class AbstractRequestSignedSecurityPolicyRule implements SecurityPolicyRule {
 
-	private static final Logger log = LoggerFactory.getLogger(AbstractRequestSignedSecurityPolicyRule.class);
-	
-	
-	private SignatureTrustEngine trustEngine = null;
-	private QName peerEntityRole = null;
-	/**
-	 * @param peerEntityRole 
-	 * 
-	 */
-	public AbstractRequestSignedSecurityPolicyRule(SignatureTrustEngine trustEngine, QName peerEntityRole) {
-		this.trustEngine = trustEngine;
-		this.peerEntityRole = peerEntityRole;
-		
-	}
-	
-	
-	/**
-	 * Reload the PVP metadata for a given entity
-	 * 
-	 * @param entityID for which the metadata should be refreshed.
-	 * @return true if the refresh was successful, otherwise false
-	 */
-	protected abstract boolean refreshMetadataProvider(String entityID);
-	
-	
-	protected abstract SignableSAMLObject getSignedSAMLObject(XMLObject inboundData);
-	
-	/* (non-Javadoc)
-	 * @see org.opensaml.ws.security.SecurityPolicyRule#evaluate(org.opensaml.ws.message.MessageContext)
-	 */
-	@Override
-	public void evaluate(MessageContext context) throws SecurityPolicyException {
-		try {
-			verifySignature(context);
-			
-		} catch (SecurityPolicyException e) {
-			if (StringUtils.isEmpty(context.getInboundMessageIssuer())) {
-				throw e;
-			
-			}			
-			log.debug("PVP2X message validation FAILED. Reload metadata for entityID: " + context.getInboundMessageIssuer());
-			if (!refreshMetadataProvider(context.getInboundMessageIssuer()))
-				throw e;
-			
-			else {
-				log.trace("PVP2X metadata reload finished. Check validate message again.");					
-				verifySignature(context);
-										
-			}
-			log.trace("Second PVP2X message validation finished");
-			
-		}
-
-		
-	}
-
-	private void verifySignature(MessageContext context) throws SecurityPolicyException {
-		SignableSAMLObject samlObj = getSignedSAMLObject(context.getInboundMessage());			
-		if (samlObj != null && samlObj.getSignature() != null) {
-						
-			SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
-			try {
-				profileValidator.validate(samlObj.getSignature());		    
-				performSchemaValidation(samlObj.getDOM());
-		    
-			} catch (ValidationException e) {
-				log.warn("Signature is not conform to SAML signature profile", e);
-				throw new SecurityPolicyException("Signature is not conform to SAML signature profile");
-		    
-			} catch (SchemaValidationException e) {
-				log.warn("Signature is not conform to SAML signature profile", e);
-				throw new SecurityPolicyException("Signature is not conform to SAML signature profile");
-			
-			}
-			
-			
-			
-			CriteriaSet criteriaSet = new CriteriaSet();
-			criteriaSet.add( new EntityIDCriteria(context.getInboundMessageIssuer()) );
-			criteriaSet.add( new MetadataCriteria(peerEntityRole, SAMLConstants.SAML20P_NS) );
-			criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
-						
-			try {
-				if (!trustEngine.validate(samlObj.getSignature(), criteriaSet)) {
-					throw new SecurityPolicyException("Signature validation FAILED.");
-					
-				}
-				log.debug("PVP message signature valid.");
-				
-			} catch (org.opensaml.xml.security.SecurityException e) {
-				log.info("PVP2x message signature validation FAILED. Message:" + e.getMessage());
-				throw new SecurityPolicyException("Signature validation FAILED.");
-				
-			}
-			
-		} else {
-			throw new SecurityPolicyException("PVP Message is not signed.");
-			
-		}
-				
-	}
-	
-	private void performSchemaValidation(Element source) throws SchemaValidationException {
-			
-		String err = null;
-		try {
-			Schema test = SAMLSchemaBuilder.getSAML11Schema();
-			Validator val = test.newValidator();		
-			val.validate(new DOMSource(source));
-			log.debug("Schema validation check done OK");
-			return;
-			
-		} catch (SAXException e) {
-			err = e.getMessage();
-			if (log.isDebugEnabled() || log.isTraceEnabled())
-				log.warn("Schema validation FAILED with exception:", e);
-			else
-				log.warn("Schema validation FAILED with message: "+ e.getMessage());
-							
-		} catch (Exception e) {
-			err = e.getMessage();
-			if (log.isDebugEnabled() || log.isTraceEnabled())
-				log.warn("Schema validation FAILED with exception:", e);
-			else
-				log.warn("Schema validation FAILED with message: "+ e.getMessage());
-						
-		}
-			 
-		throw new SchemaValidationException("pvp2.22", new Object[]{err});
-			
-	}
+  private static final Logger log =
+      LoggerFactory.getLogger(AbstractRequestSignedSecurityPolicyRule.class);
+
+
+  private SignatureTrustEngine trustEngine = null;
+  private QName peerEntityRole = null;
+
+  /**
+   * Role initializer.
+   *
+   * @param peerEntityRole
+   *
+   */
+  public AbstractRequestSignedSecurityPolicyRule(final SignatureTrustEngine trustEngine,
+      final QName peerEntityRole) {
+    this.trustEngine = trustEngine;
+    this.peerEntityRole = peerEntityRole;
+
+  }
+
+
+  /**
+   * Reload the PVP metadata for a given entity.
+   *
+   * @param entityID for which the metadata should be refreshed.
+   * @return true if the refresh was successful, otherwise false
+   */
+  protected abstract boolean refreshMetadataProvider(String entityID);
+
+
+  protected abstract SignableSAMLObject getSignedSamlObject(XMLObject inboundData);
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * org.opensaml.ws.security.SecurityPolicyRule#evaluate(org.opensaml.ws.message.MessageContext)
+   */
+  @Override
+  public void evaluate(final MessageContext context) throws SecurityPolicyException {
+    try {
+      verifySignature(context);
+
+    } catch (final SecurityPolicyException e) {
+      if (StringUtils.isEmpty(context.getInboundMessageIssuer())) {
+        throw e;
+
+      }
+      log.debug("PVP2X message validation FAILED. Reload metadata for entityID: "
+          + context.getInboundMessageIssuer());
+      if (!refreshMetadataProvider(context.getInboundMessageIssuer())) {
+        throw e;
+      } else {
+        log.trace("PVP2X metadata reload finished. Check validate message again.");
+        verifySignature(context);
+
+      }
+      log.trace("Second PVP2X message validation finished");
+
+    }
+
+
+  }
+
+  private void verifySignature(final MessageContext context) throws SecurityPolicyException {
+    final SignableSAMLObject samlObj = getSignedSamlObject(context.getInboundMessage());
+    if (samlObj != null && samlObj.getSignature() != null) {
+
+      final SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+      try {
+        profileValidator.validate(samlObj.getSignature());
+        performSchemaValidation(samlObj.getDOM());
+
+      } catch (final ValidationException e) {
+        log.warn("Signature is not conform to SAML signature profile", e);
+        throw new SecurityPolicyException("Signature is not conform to SAML signature profile");
+
+      } catch (final SchemaValidationException e) {
+        log.warn("Signature is not conform to SAML signature profile", e);
+        throw new SecurityPolicyException("Signature is not conform to SAML signature profile");
+
+      }
+
+
+
+      final CriteriaSet criteriaSet = new CriteriaSet();
+      criteriaSet.add(new EntityIDCriteria(context.getInboundMessageIssuer()));
+      criteriaSet.add(new MetadataCriteria(peerEntityRole, SAMLConstants.SAML20P_NS));
+      criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+      try {
+        if (!trustEngine.validate(samlObj.getSignature(), criteriaSet)) {
+          throw new SecurityPolicyException("Signature validation FAILED.");
+
+        }
+        log.debug("PVP message signature valid.");
+
+      } catch (final org.opensaml.xml.security.SecurityException e) {
+        log.info("PVP2x message signature validation FAILED. Message:" + e.getMessage());
+        throw new SecurityPolicyException("Signature validation FAILED.");
+
+      }
+
+    } else {
+      throw new SecurityPolicyException("PVP Message is not signed.");
+
+    }
+
+  }
+
+  private void performSchemaValidation(final Element source) throws SchemaValidationException {
+
+    String err = null;
+    try {
+      final Schema test = SAMLSchemaBuilder.getSAML11Schema();
+      final Validator val = test.newValidator();
+      val.validate(new DOMSource(source));
+      log.debug("Schema validation check done OK");
+      return;
+
+    } catch (final SAXException e) {
+      err = e.getMessage();
+      if (log.isDebugEnabled() || log.isTraceEnabled()) {
+        log.warn("Schema validation FAILED with exception:", e);
+      } else {
+        log.warn("Schema validation FAILED with message: " + e.getMessage());
+      }
+
+    } catch (final Exception e) {
+      err = e.getMessage();
+      if (log.isDebugEnabled() || log.isTraceEnabled()) {
+        log.warn("Schema validation FAILED with exception:", e);
+      } else {
+        log.warn("Schema validation FAILED with message: " + e.getMessage());
+      }
+
+    }
+
+    throw new SchemaValidationException("pvp2.22", new Object[] {err});
+
+  }
 
 }
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPAuthRequestSignedRole.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPAuthRequestSignedRole.java
deleted file mode 100644
index 6d5fdff8..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPAuthRequestSignedRole.java
+++ /dev/null
@@ -1,66 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
-
-import java.util.List;
-
-import org.opensaml.common.binding.SAMLMessageContext;
-import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule;
-import org.opensaml.ws.transport.http.HTTPInTransport;
-import org.opensaml.xml.util.DatatypeHelper;
-
-/**
- * @author tlenz
- *
- */
-public class PVPAuthRequestSignedRole extends SAML2AuthnRequestsSignedRule {
-
-	@Override
-    protected boolean isMessageSigned(SAMLMessageContext messageContext) {        
-        // This handles HTTP-Redirect and HTTP-POST-SimpleSign bindings.
-        HTTPInTransport inTransport = (HTTPInTransport) messageContext.getInboundMessageTransport();
-        
-        //Check signature parameter exists only once and is not empty 
-        List<String> sigParam = inTransport.getParameterValues("Signature");
-        boolean isValidSigned = sigParam.size() == 1 && !DatatypeHelper.isEmpty(sigParam.get(0));
-        
-        //Check signature-algorithm parameter exists only once and is not empty
-        List<String> sigAlgParam = inTransport.getParameterValues("SigAlg");
-        boolean isValidSigAlgExists = sigAlgParam.size() == 1 && !DatatypeHelper.isEmpty(sigAlgParam.get(0));
-        
-        //Check signature-content parameter exists only once and is not empty
-        List<String> samlReqParam = inTransport.getParameterValues("SAMLRequest");
-        List<String> samlRespParam = inTransport.getParameterValues("SAMLResponse");        
-        boolean isValidContent = ( ( samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0)) )
-        							|| ( samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0)) ) 
-        						 ) && !(samlReqParam.size() == 1 && samlRespParam.size() == 1)
-        		;
-        
-        return isValidSigned && isValidSigAlgExists && isValidContent;
-               
-    }
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPSignedRequestPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPSignedRequestPolicyRule.java
deleted file mode 100644
index eecaf4f0..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PVPSignedRequestPolicyRule.java
+++ /dev/null
@@ -1,84 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
-
-import javax.xml.namespace.QName;
-
-import org.opensaml.common.SignableSAMLObject;
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-import org.opensaml.xml.XMLObject;
-import org.opensaml.xml.signature.SignatureTrustEngine;
-
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
-
-/**
- * @author tlenz
- *
- */
-public class PVPSignedRequestPolicyRule extends
-		AbstractRequestSignedSecurityPolicyRule {
-
-	private IRefreshableMetadataProvider metadataProvider = null;
-	
-	/**
-	 * @param metadataProvider 
-	 * @param trustEngine
-	 * @param peerEntityRole
-	 */
-	public PVPSignedRequestPolicyRule(MetadataProvider metadataProvider, SignatureTrustEngine trustEngine,
-			QName peerEntityRole) {
-		super(trustEngine, peerEntityRole);
-		if (metadataProvider instanceof IRefreshableMetadataProvider)
-			this.metadataProvider = (IRefreshableMetadataProvider) metadataProvider;
-				
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#refreshMetadataProvider(java.lang.String)
-	 */
-	@Override
-	protected boolean refreshMetadataProvider(String entityID) {
-		if (metadataProvider != null)
-			return metadataProvider.refreshMetadataProvider(entityID);
-		
-		return false;
-		
-	}
-
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#getSignedSAMLObject(org.opensaml.xml.XMLObject)
-	 */
-	@Override
-	protected SignableSAMLObject getSignedSAMLObject(XMLObject inboundData) {
-		if (inboundData instanceof SignableSAMLObject)
-			return (SignableSAMLObject) inboundData;
-		
-		else
-			return null;
-	}
-
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java
new file mode 100644
index 00000000..4eb711f9
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpAuthRequestSignedRole.java
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
+
+import java.util.List;
+import org.opensaml.common.binding.SAMLMessageContext;
+import org.opensaml.saml2.binding.security.SAML2AuthnRequestsSignedRule;
+import org.opensaml.ws.transport.http.HTTPInTransport;
+import org.opensaml.xml.util.DatatypeHelper;
+
+public class PvpAuthRequestSignedRole extends SAML2AuthnRequestsSignedRule {
+
+  @Override
+  protected boolean isMessageSigned(final SAMLMessageContext messageContext) {
+    // This handles HTTP-Redirect and HTTP-POST-SimpleSign bindings.
+    final HTTPInTransport inTransport =
+        (HTTPInTransport) messageContext.getInboundMessageTransport();
+
+    // Check signature parameter exists only once and is not empty
+    final List<String> sigParam = inTransport.getParameterValues("Signature");
+    final boolean isValidSigned = sigParam.size() == 1 && !DatatypeHelper.isEmpty(sigParam.get(0));
+
+    // Check signature-algorithm parameter exists only once and is not empty
+    final List<String> sigAlgParam = inTransport.getParameterValues("SigAlg");
+    final boolean isValidSigAlgExists =
+        sigAlgParam.size() == 1 && !DatatypeHelper.isEmpty(sigAlgParam.get(0));
+
+    // Check signature-content parameter exists only once and is not empty
+    final List<String> samlReqParam = inTransport.getParameterValues("SAMLRequest");
+    final List<String> samlRespParam = inTransport.getParameterValues("SAMLResponse");
+    final boolean isValidContent =
+        ((samlReqParam.size() == 1 && !DatatypeHelper.isEmpty(samlReqParam.get(0)))
+            || (samlRespParam.size() == 1 && !DatatypeHelper.isEmpty(samlRespParam.get(0))))
+            && !(samlReqParam.size() == 1 && samlRespParam.size() == 1);
+
+    return isValidSigned && isValidSigAlgExists && isValidContent;
+
+  }
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java
new file mode 100644
index 00000000..0d108596
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/PvpSignedRequestPolicyRule.java
@@ -0,0 +1,82 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
+
+import javax.xml.namespace.QName;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.metadata.provider.MetadataProvider;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.signature.SignatureTrustEngine;
+
+public class PvpSignedRequestPolicyRule extends AbstractRequestSignedSecurityPolicyRule {
+
+  private IRefreshableMetadataProvider metadataProvider = null;
+
+  /**
+   * EAAF specific signature rule for OpenSAML2 redirect-binding.
+   *
+   * @param metadataProvider SAML2 metadata provider
+   * @param trustEngine SAML2 TrustEngine
+   * @param peerEntityRole Role of the Entity
+   */
+  public PvpSignedRequestPolicyRule(final MetadataProvider metadataProvider,
+      final SignatureTrustEngine trustEngine, final QName peerEntityRole) {
+    super(trustEngine, peerEntityRole);
+    if (metadataProvider instanceof IRefreshableMetadataProvider) {
+      this.metadataProvider = (IRefreshableMetadataProvider) metadataProvider;
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#
+   * refreshMetadataProvider(java.lang.String)
+   */
+  @Override
+  protected boolean refreshMetadataProvider(final String entityID) {
+    if (metadataProvider != null) {
+      return metadataProvider.refreshMetadataProvider(entityID);
+    }
+
+    return false;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.protocols.pvp2x.validation.AbstractRequestSignedSecurityPolicyRule#
+   * getSignedSAMLObject(org.opensaml.xml.XMLObject)
+   */
+  @Override
+  protected SignableSAMLObject getSignedSamlObject(final XMLObject inboundData) {
+    if (inboundData instanceof SignableSAMLObject) {
+      return (SignableSAMLObject) inboundData;
+    } else {
+      return null;
+    }
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SAMLVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SAMLVerificationEngine.java
deleted file mode 100644
index 078e4ac0..00000000
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SAMLVerificationEngine.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/*******************************************************************************
- * Copyright 2017 Graz University of Technology
- * EAAF-Core Components has been developed in a cooperation between EGIZ,  
- * A-SIT Plus, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *  
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-/*******************************************************************************
- *******************************************************************************/
-package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
-
-import javax.xml.namespace.QName;
-import javax.xml.transform.dom.DOMSource;
-import javax.xml.validation.Schema;
-import javax.xml.validation.Validator;
-
-import org.apache.commons.lang3.StringUtils;
-import org.opensaml.common.xml.SAMLConstants;
-import org.opensaml.common.xml.SAMLSchemaBuilder;
-import org.opensaml.saml2.core.RequestAbstractType;
-import org.opensaml.saml2.core.StatusResponseType;
-import org.opensaml.saml2.metadata.IDPSSODescriptor;
-import org.opensaml.saml2.metadata.SPSSODescriptor;
-import org.opensaml.security.MetadataCriteria;
-import org.opensaml.security.SAMLSignatureProfileValidator;
-import org.opensaml.xml.security.CriteriaSet;
-import org.opensaml.xml.security.credential.UsageType;
-import org.opensaml.xml.security.criteria.EntityIDCriteria;
-import org.opensaml.xml.security.criteria.UsageCriteria;
-import org.opensaml.xml.signature.SignatureTrustEngine;
-import org.opensaml.xml.validation.ValidationException;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-import org.w3c.dom.Element;
-import org.xml.sax.SAXException;
-
-import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPVPMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
-import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileRequest;
-import at.gv.egiz.eaaf.modules.pvp2.impl.message.PVPSProfileResponse;
-
-@Service("SAMLVerificationEngine")
-public class SAMLVerificationEngine {
-	private static final Logger log = LoggerFactory.getLogger(SAMLVerificationEngine.class);	
-	
-	
-	@Autowired(required=true) IPVPMetadataProvider metadataProvider;
-	
-	public void verify(InboundMessage msg, SignatureTrustEngine sigTrustEngine ) throws org.opensaml.xml.security.SecurityException, Exception {
-		try {		
-			if (msg instanceof PVPSProfileRequest &&  
-					((PVPSProfileRequest)msg).getSamlRequest() instanceof RequestAbstractType)
-				verifyRequest(((RequestAbstractType)((PVPSProfileRequest)msg).getSamlRequest()), sigTrustEngine);
-		
-			else
-				verifyIDPResponse(((PVPSProfileResponse)msg).getResponse(), sigTrustEngine);
-			
-		} catch (InvalidProtocolRequestException e) {
-			if (StringUtils.isEmpty(msg.getEntityID())) {
-				throw e;
-			
-			}			
-			log.debug("PVP2X message validation FAILED. Relead metadata for entityID: " + msg.getEntityID());
-						
-			if (metadataProvider == null || 
-					!(metadataProvider instanceof IRefreshableMetadataProvider) ||   
-					!((IRefreshableMetadataProvider)metadataProvider).refreshMetadataProvider(msg.getEntityID()))
-				throw e;
-			
-			else {
-				log.trace("PVP2X metadata reload finished. Check validate message again.");
-					
-				if (msg instanceof PVPSProfileRequest && 
-						((PVPSProfileRequest)msg).getSamlRequest() instanceof RequestAbstractType)
-					verifyRequest(((RequestAbstractType)((PVPSProfileRequest)msg).getSamlRequest()), sigTrustEngine);
-				
-				else
-					verifyIDPResponse(((PVPSProfileResponse)msg).getResponse(), sigTrustEngine);
-										
-			}
-			log.trace("Second PVP2X message validation finished");
-		}		
-	}
-
-	public void verifySLOResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException {
-		verifyResponse(samlObj, sigTrustEngine, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		
-	}
-	
-	public void verifyIDPResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException{
-		verifyResponse(samlObj, sigTrustEngine, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
-		
-	}
-	
-	private void verifyResponse(StatusResponseType samlObj, SignatureTrustEngine sigTrustEngine, QName defaultElementName)  throws InvalidProtocolRequestException{
-		SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
-		try {
-		    profileValidator.validate(samlObj.getSignature());
-		    performSchemaValidation(samlObj.getDOM());
-		    
-		} catch (ValidationException e) {
-			 log.warn("Signature is not conform to SAML signature profile", e);
-			 throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		
-		} catch (SchemaValidationException e) {			
-			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
-		
-		}
-
-		CriteriaSet criteriaSet = new CriteriaSet();
-		criteriaSet.add( new EntityIDCriteria(samlObj.getIssuer().getValue()) );
-		criteriaSet.add( new MetadataCriteria(defaultElementName, SAMLConstants.SAML20P_NS) );
-		criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
-
-		try {
-		    if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) {
-		    	throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		    }
-		} catch (org.opensaml.xml.security.SecurityException e) {
-		    log.warn("PVP2x message signature validation FAILED.", e);
-		    throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		}
-	}
-	
-	private void verifyRequest(RequestAbstractType samlObj, SignatureTrustEngine sigTrustEngine ) throws InvalidProtocolRequestException {
-		SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
-		try {
-		    profileValidator.validate(samlObj.getSignature());		    
-		    performSchemaValidation(samlObj.getDOM());
-		    
-		} catch (ValidationException e) {
-		    log.warn("Signature is not conform to SAML signature profile", e);
-		    throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		    
-		} catch (SchemaValidationException e) {			
-			throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
-			
-		}
-
-		CriteriaSet criteriaSet = new CriteriaSet();
-		criteriaSet.add( new EntityIDCriteria(samlObj.getIssuer().getValue()) );
-		criteriaSet.add( new MetadataCriteria(SPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS) );
-		criteriaSet.add( new UsageCriteria(UsageType.SIGNING) );
-
-		try {
-		    if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) {
-		        throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		    }
-		} catch (org.opensaml.xml.security.SecurityException e) {
-			log.warn("PVP2x message signature validation FAILED.", e);
-			throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
-		}
-	}
-		
-	protected void performSchemaValidation(Element source) throws SchemaValidationException {
-		
-		String err = null;
-		try {
-			Schema test = SAMLSchemaBuilder.getSAML11Schema();
-			Validator val = test.newValidator();		
-			val.validate(new DOMSource(source));
-			log.debug("Schema validation check done OK");
-			return;
-		
-		} catch (SAXException e) {
-			err = e.getMessage();
-			if (log.isDebugEnabled() || log.isTraceEnabled())
-				log.warn("Schema validation FAILED with exception:", e);
-			else
-				log.warn("Schema validation FAILED with message: "+ e.getMessage());
-						
-		} catch (Exception e) {
-			err = e.getMessage();
-			if (log.isDebugEnabled() || log.isTraceEnabled())
-				log.warn("Schema validation FAILED with exception:", e);
-			else
-				log.warn("Schema validation FAILED with message: "+ e.getMessage());
-						
-		}
-		
-		throw new SchemaValidationException("pvp2.22", new Object[]{err});
-		
-	}
-	
-}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
new file mode 100644
index 00000000..64eb5247
--- /dev/null
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/java/at/gv/egiz/eaaf/modules/pvp2/impl/verification/SamlVerificationEngine.java
@@ -0,0 +1,218 @@
+/*
+ * Copyright 2017 Graz University of Technology EAAF-Core Components has been developed in a
+ * cooperation between EGIZ, A-SIT Plus, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by the European
+ * Commission - subsequent versions of the EUPL (the "Licence"); You may not use this work except in
+ * compliance with the Licence. You may obtain a copy of the Licence at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software distributed under the Licence
+ * is distributed on an "AS IS" basis, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express
+ * or implied. See the Licence for the specific language governing permissions and limitations under
+ * the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text file for details on the
+ * various modules and licenses. The "NOTICE" text file is part of the distribution. Any derivative
+ * works that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.gv.egiz.eaaf.modules.pvp2.impl.verification;
+
+import javax.xml.namespace.QName;
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.Validator;
+import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IPvpMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
+import at.gv.egiz.eaaf.modules.pvp2.exception.SchemaValidationException;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.InboundMessage;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileRequest;
+import at.gv.egiz.eaaf.modules.pvp2.impl.message.PvpSProfileResponse;
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.common.xml.SAMLConstants;
+import org.opensaml.common.xml.SAMLSchemaBuilder;
+import org.opensaml.saml2.core.RequestAbstractType;
+import org.opensaml.saml2.core.StatusResponseType;
+import org.opensaml.saml2.metadata.IDPSSODescriptor;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.security.MetadataCriteria;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.security.CriteriaSet;
+import org.opensaml.xml.security.credential.UsageType;
+import org.opensaml.xml.security.criteria.EntityIDCriteria;
+import org.opensaml.xml.security.criteria.UsageCriteria;
+import org.opensaml.xml.signature.SignatureTrustEngine;
+import org.opensaml.xml.validation.ValidationException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+@Service("SAMLVerificationEngine")
+public class SamlVerificationEngine {
+  private static final Logger log = LoggerFactory.getLogger(SamlVerificationEngine.class);
+
+
+  @Autowired(required = true)
+  IPvpMetadataProvider metadataProvider;
+
+  /**
+   * Verify signature of a signed SAML2 object.
+   *
+   * @param msg SAML2 message
+   * @param sigTrustEngine TrustEngine
+   * @throws org.opensaml.xml.security.SecurityException In case of invalid signature
+   * @throws Exception In case of a general error
+   */
+  public void verify(final InboundMessage msg, final SignatureTrustEngine sigTrustEngine)
+      throws org.opensaml.xml.security.SecurityException, Exception {
+    try {
+      if (msg instanceof PvpSProfileRequest
+          && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) {
+        verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()),
+            sigTrustEngine);
+      } else {
+        verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine);
+      }
+
+    } catch (final InvalidProtocolRequestException e) {
+      if (StringUtils.isEmpty(msg.getEntityID())) {
+        throw e;
+
+      }
+      log.debug(
+          "PVP2X message validation FAILED. Relead metadata for entityID: " + msg.getEntityID());
+
+      if (metadataProvider == null || !(metadataProvider instanceof IRefreshableMetadataProvider)
+          || !((IRefreshableMetadataProvider) metadataProvider)
+              .refreshMetadataProvider(msg.getEntityID())) {
+        throw e;
+      } else {
+        log.trace("PVP2X metadata reload finished. Check validate message again.");
+
+        if (msg instanceof PvpSProfileRequest
+            && ((PvpSProfileRequest) msg).getSamlRequest() instanceof RequestAbstractType) {
+          verifyRequest(((RequestAbstractType) ((PvpSProfileRequest) msg).getSamlRequest()),
+              sigTrustEngine);
+        } else {
+          verifyIdpResponse(((PvpSProfileResponse) msg).getResponse(), sigTrustEngine);
+        }
+
+      }
+      log.trace("Second PVP2X message validation finished");
+    }
+  }
+
+  public void verifySloResponse(final StatusResponseType samlObj,
+      final SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException {
+    verifyResponse(samlObj, sigTrustEngine, SPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+  }
+
+  public void verifyIdpResponse(final StatusResponseType samlObj,
+      final SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException {
+    verifyResponse(samlObj, sigTrustEngine, IDPSSODescriptor.DEFAULT_ELEMENT_NAME);
+
+  }
+
+  private void verifyResponse(final StatusResponseType samlObj,
+      final SignatureTrustEngine sigTrustEngine, final QName defaultElementName)
+      throws InvalidProtocolRequestException {
+    final SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+    try {
+      profileValidator.validate(samlObj.getSignature());
+      performSchemaValidation(samlObj.getDOM());
+
+    } catch (final ValidationException e) {
+      log.warn("Signature is not conform to SAML signature profile", e);
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+
+    } catch (final SchemaValidationException e) {
+      throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
+
+    }
+
+    final CriteriaSet criteriaSet = new CriteriaSet();
+    criteriaSet.add(new EntityIDCriteria(samlObj.getIssuer().getValue()));
+    criteriaSet.add(new MetadataCriteria(defaultElementName, SAMLConstants.SAML20P_NS));
+    criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+    try {
+      if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) {
+        throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+      }
+    } catch (final org.opensaml.xml.security.SecurityException e) {
+      log.warn("PVP2x message signature validation FAILED.", e);
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+    }
+  }
+
+  private void verifyRequest(final RequestAbstractType samlObj,
+      final SignatureTrustEngine sigTrustEngine) throws InvalidProtocolRequestException {
+    final SAMLSignatureProfileValidator profileValidator = new SAMLSignatureProfileValidator();
+    try {
+      profileValidator.validate(samlObj.getSignature());
+      performSchemaValidation(samlObj.getDOM());
+
+    } catch (final ValidationException e) {
+      log.warn("Signature is not conform to SAML signature profile", e);
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+
+    } catch (final SchemaValidationException e) {
+      throw new InvalidProtocolRequestException("pvp2.22", new Object[] {e.getMessage()});
+
+    }
+
+    final CriteriaSet criteriaSet = new CriteriaSet();
+    criteriaSet.add(new EntityIDCriteria(samlObj.getIssuer().getValue()));
+    criteriaSet
+        .add(new MetadataCriteria(SPSSODescriptor.DEFAULT_ELEMENT_NAME, SAMLConstants.SAML20P_NS));
+    criteriaSet.add(new UsageCriteria(UsageType.SIGNING));
+
+    try {
+      if (!sigTrustEngine.validate(samlObj.getSignature(), criteriaSet)) {
+        throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+      }
+    } catch (final org.opensaml.xml.security.SecurityException e) {
+      log.warn("PVP2x message signature validation FAILED.", e);
+      throw new InvalidProtocolRequestException("pvp2.21", new Object[] {});
+    }
+  }
+
+  protected void performSchemaValidation(final Element source) throws SchemaValidationException {
+
+    String err = null;
+    try {
+      final Schema test = SAMLSchemaBuilder.getSAML11Schema();
+      final Validator val = test.newValidator();
+      val.validate(new DOMSource(source));
+      log.debug("Schema validation check done OK");
+      return;
+
+    } catch (final SAXException e) {
+      err = e.getMessage();
+      if (log.isDebugEnabled() || log.isTraceEnabled()) {
+        log.warn("Schema validation FAILED with exception:", e);
+      } else {
+        log.warn("Schema validation FAILED with message: " + e.getMessage());
+      }
+
+    } catch (final Exception e) {
+      err = e.getMessage();
+      if (log.isDebugEnabled() || log.isTraceEnabled()) {
+        log.warn("Schema validation FAILED with exception:", e);
+      } else {
+        log.warn("Schema validation FAILED with message: " + e.getMessage());
+      }
+
+    }
+
+    throw new SchemaValidationException("pvp2.22", new Object[] {err});
+
+  }
+
+}
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
index 9c60d724..8bc7508c 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -1 +1 @@
-at.gv.egiz.eaaf.modules.pvp2.PVP2SProfileCoreSpringResourceProvider
\ No newline at end of file
+at.gv.egiz.eaaf.modules.pvp2.Pvp2SProfileCoreSpringResourceProvider
\ No newline at end of file
diff --git a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
index 2cbcce20..ee4d3864 100644
--- a/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
+++ b/eaaf_modules/eaaf_module_pvp2_core/src/main/resources/eaaf_pvp.beans.xml
@@ -1,30 +1,25 @@
 <?xml version="1.0" encoding="UTF-8"?>
-<!--
- -->
-
-<!--
- -->
 
 <beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:context="http://www.springframework.org/schema/context"
-	xmlns:tx="http://www.springframework.org/schema/tx"
-	xmlns:aop="http://www.springframework.org/schema/aop"
-	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
-		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
-		
-	<bean id="PVPMetadataBuilder"
-			class="at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPMetadataBuilder" />
-			
-	<bean id="PVPPOSTBinding"
-			class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding" />	
-			
-	<bean id="PVPRedirectBinding"
-			class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding" />	
-			
-	<bean id="PVPSOAPBinding"
-			class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.SoapBinding" />
-												
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <bean id="PVPMetadataBuilder"
+    class="at.gv.egiz.eaaf.modules.pvp2.impl.builder.PvpMetadataBuilder" />
+
+  <bean id="PVPPOSTBinding"
+    class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.PostBinding" />
+
+  <bean id="PVPRedirectBinding"
+    class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.RedirectBinding" />
+
+  <bean id="PVPSOAPBinding"
+    class="at.gv.egiz.eaaf.modules.pvp2.impl.binding.SoapBinding" />
+
 </beans>
\ No newline at end of file