refactor(core): move all project libs into sub-project 'modules'

# Conflicts:
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/2.5.0/eidas-parent-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.0.0/eidas-commons-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.1.0/eidas-commons-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.1.0/eidas-commons-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.2.1-egiz/eidas-commons-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.3.0/eidas-commons-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.4.0/eidas-commons-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.4.0/eidas-commons-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.5.0/eidas-commons-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.3.0/eidas-jcache-ignite-specific-communication-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.3.0/eidas-jcache-ignite-specific-communication-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.4.0/eidas-jcache-ignite-specific-communication-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.4.0/eidas-jcache-ignite-specific-communication-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.5.0/eidas-jcache-ignite-specific-communication-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.3.0/eidas-jcache-ignite-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.3.0/eidas-jcache-ignite-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.4.0/eidas-jcache-ignite-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.4.0/eidas-jcache-ignite-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.5.0/eidas-jcache-ignite-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.0.0/eidas-light-commons-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.1.0/eidas-light-commons-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.1.0/eidas-light-commons-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.2.1-egiz/eidas-light-commons-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.3.0/eidas-light-commons-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.4.0/eidas-light-commons-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.4.0/eidas-light-commons-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.5.0/eidas-light-commons-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.0.0/eidas-parent-2.0.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.1.0/eidas-parent-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.2.1-egiz/eidas-parent-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.3.0/eidas-parent-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.4.0/eidas-parent-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.5.0/eidas-parent-2.5.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.0.0/eidas-specific-communication-definition-2.0.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.1.0/eidas-specific-communication-definition-2.1.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.1.0/eidas-specific-communication-definition-2.1.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.2.1-egiz/eidas-specific-communication-definition-2.2.1-egiz.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.3.0/eidas-specific-communication-definition-2.3.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.4.0/eidas-specific-communication-definition-2.4.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.4.0/eidas-specific-communication-definition-2.4.0.pom
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-javadoc.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0-sources.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.jar
#	modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.5.0/eidas-specific-communication-definition-2.5.0.pom
#	modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java
#	modules/authmodule_id-austria/checks/spotbugs-exclude.xml
#	modules/authmodule_id-austria/pom.xml
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthConstants.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaAuthenticationSpringResourceProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/IdAustriaEidasProxyAuthenticationModulImpl.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/builder/attributes/EidasConnecorUniqueIdAttributeBuilder.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthMessageSource.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthMetadataConfiguration.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/config/IdAustriaAuthRequestBuilderConfiguration.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthMetadataController.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/controller/IdAustriaAuthSignalController.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/ReceiveFromIdAustriaSystemTask.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/tasks/RequestIdAustriaSystemTask.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/IdAustriaAuthCredentialProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/IdAustriaAuthMetadataProvider.java
#	modules/authmodule_id-austria/src/main/java/at/asitplus/eidas/specific/modules/auth/idaustria/utils/Utils.java
#	modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
#	modules/authmodule_id-austria/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
#	modules/authmodule_id-austria/src/main/resources/messages/idaustria_auth_messages.properties
#	modules/authmodule_id-austria/src/main/resources/process/id_austria.Authentication.process.xml
#	modules/authmodule_id-austria/src/main/resources/spring/id_austria_auth.beans.xml
#	modules/authmodule_id-austria/src/main/resources/spring/id_austria_task.beans.xml
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaAuthSpringResourceProviderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/IdAustriaEidasProxyAuthenticationModulImplTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/builder/attributes/EidasConnecorUniqueIdAttributeBuilderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/config/IdAustriaAuthMessageSourceTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthMetadataControllerFirstTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/controller/IdAustriaAuthSignalControllerTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/ReceiveAuthnResponseTaskTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/task/RequestIdAustriaSystemTaskTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthCredentialProviderTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderFirstTest.java
#	modules/authmodule_id-austria/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/utils/IdAustriaAuthMetadataProviderSecondTest.java
#	modules/authmodule_id-austria/src/test/resources/config/junit.jks
#	modules/authmodule_id-austria/src/test/resources/config/junit_config_1.properties
#	modules/authmodule_id-austria/src/test/resources/config/junit_test.jks
#	modules/authmodule_id-austria/src/test/resources/config/junit_test_no_trust_certs.jks
#	modules/authmodule_id-austria/src/test/resources/config/pvp.jks
#	modules/authmodule_id-austria/src/test/resources/config/pvp.p12
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_bpk_without_prefix.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_minimum.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_eid_sector_attr.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_jur.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_with_mandate_nat.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_EID_wrong_data.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_with_wrong_destination_endpoint.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_classpath_entityid.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_empty_subcode.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_userstop.xml
#	modules/authmodule_id-austria/src/test/resources/data/Response_without_sig_with_error_without_subcode.xml
#	modules/authmodule_id-austria/src/test/resources/data/eidas_node_siging.crt
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_classpath_entity.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_no_sig.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_no_sig2.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_sig_notvalid.xml
#	modules/authmodule_id-austria/src/test/resources/data/idp_metadata_sig_valid_wrong_alg.xml
#	modules/authmodule_id-austria/src/test/resources/data/junit_keystore_metadata.crt
#	modules/authmodule_id-austria/src/test/resources/data/junit_keystore_signing.crt
#	modules/authmodule_id-austria/src/test/resources/data/moa_sig_signing.crt
#	modules/authmodule_id-austria/src/test/resources/data/pvp_postbinding_template.html
#	modules/authmodule_id-austria/src/test/resources/data/sp_metadata_junit.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_basic_test.xml
#	modules/authmodule_id-austria/src/test/resources/spring/SpringTest-context_lazy.xml
#	modules/eidas_proxy-sevice/checks/spotbugs-exclude.xml
#	modules/eidas_proxy-sevice/pom.xml
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/EidasProxyMessageSource.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceConstants.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/MsProxyServiceSpringResourceProvider.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/exception/EidasProxyServiceException.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/EidasProxyServiceController.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServiceAuthenticationAction.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/protocol/ProxyServicePendingRequest.java
#	modules/eidas_proxy-sevice/src/main/java/at/asitplus/eidas/specific/modules/msproxyservice/utils/EidasProxyServiceUtils.java
#	modules/eidas_proxy-sevice/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
#	modules/eidas_proxy-sevice/src/main/resources/messages/eidasproxy_messages.properties
#	modules/eidas_proxy-sevice/src/main/resources/spring/eidas_proxy-service.beans.xml
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/EidasProxyMessageSourceTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/MsProxyServiceSpringResourceProviderTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/EidasProxyServiceControllerTest.java
#	modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/auth/idaustria/test/protocol/ProxyServiceAuthenticationActionTest.java
#	modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
#	modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml
#	modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
#	modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
#	modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml

16 files changed, 4395 insertions, 0 deletions

diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
new file mode 100644
index 00000000..aef290f5
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EidasAuthSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final EidasAuthenticationSpringResourceProvider test =
+        new EidasAuthenticationSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+ 
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          EidasAuthenticationSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+    }
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
new file mode 100644
index 00000000..86af87ad
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
@@ -0,0 +1,121 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class EidasAuthenticationModulImplTest {
+
+  @Autowired ModuleRegistration moduleReg; 
+  @Autowired ResourceLoader loader;
+  
+  private final ExecutionContext executionContext = new ExecutionContextImpl();
+  private DummySpConfiguration oaParam;
+  private TestRequestImpl pendingReq;
+  private EidasAuthenticationModulImpl authProcess = new EidasAuthenticationModulImpl();
+
+  /**
+   * jUnit class initializer.
+   * 
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+    final String current = new java.io.File(".").toURI().toString();
+    System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+  }
+  
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void initialize() {
+    Map<String, String> configMap = new HashMap<String, String>();
+    configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test");    
+    IConfiguration basicConfig = new DummyConfiguration();
+    oaParam = new DummySpConfiguration(configMap, basicConfig);
+    pendingReq = new TestRequestImpl();    
+    pendingReq.setSpConfig(oaParam);
+  }
+
+  @Test
+  public void checkProcessDefinition() {
+    Assert.assertNotNull("AuthModule is null", authProcess);
+    Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions());
+    
+    for (String el : authProcess.getProcessDefinitions()) {
+      Resource res = loader.getResource(el);
+      Assert.assertTrue("AuthProcess description not extist", res.exists());
+      
+    }    
+  }
+  
+  @Test
+  public void countrySelected() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2));    
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNotNull("Process is null", result);
+    Assert.assertEquals("Process Id not match", "eIDASAuthentication_v2", result);
+
+  }
+  
+  @Test
+  public void noCountryValid() throws Exception {
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);
+    
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+  @Test
+  public void selectCountryWrongType() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1);
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+  @Test
+  public void selectCountryEmpty() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "");
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
new file mode 100644
index 00000000..1051bd9f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed
+ * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License. You may
+ * obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses. The "NOTICE" text file
+ * is part of the distribution. Any derivative works that you distribute must
+ * include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+//import java.security.MessageDigest;
+//
+//import org.apache.commons.lang3.StringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//import org.springframework.util.Base64Utils;
+//
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.eIDASAuthenticationException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.eIDASResponseUtils;
+//import at.gv.egiz.eaaf.core.impl.data.Trible;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration("/SpringTest-context_basic_test.xml")
+//public class EidasDataStoreTest {
+//
+//  @Autowired
+//  private EidasDataStore dataStore;
+//
+//  private static final String P1_TRANSID = "123456789";
+//  private static final String P1_eIDASID =
+//      "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1";
+//
+//  private static final String P2_TRANSID = "987654321";
+//  private static final String P2_eIDASID =
+//      "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+//
+//  @Test
+//  public void dummyTest() {
+//
+//  }
+//
+//  @Test
+//  public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException {
+//    Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID);
+//    String ernbId = createHashFromUniqueId(eidasId.getThird());
+//    dataStore.storeNationalId(
+//        P1_TRANSID,
+//        eidasId,
+//        ernbId);
+//
+//    if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+//        && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+//      throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//    
+//    }
+//
+//    if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+//        && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+//      throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+//    }
+//
+//  }
+//
+//  @Test
+//  public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException {
+//    Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID);
+//    String ernbId = createHashFromUniqueId(eidasId.getThird());
+//    dataStore.storeNationalId(
+//        P2_TRANSID,
+//        eidasId,
+//        ernbId);
+//
+//    if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+//        && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+//      throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//    
+//    }
+//
+//    if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+//        && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+//      throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+//    
+//    }
+//
+//  }
+//
+//  private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
+//    try {
+//      MessageDigest md = MessageDigest.getInstance("SHA-256");
+//      byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+//      String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+//      return hashBase64;
+//
+//    } catch (Exception ex) {
+//      throw new eIDASAuthenticationException("internal.03", new Object[] {}, ex);
+//
+//    }
+//  }
+//}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
new file mode 100644
index 00000000..0d9d4fb8
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -0,0 +1,244 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@EnableWebMvc
+public class EidasSignalServletTest {
+
+  @Autowired private MsConnectorDummyConfigMap basicConfig;
+  @Autowired private EidasSignalServlet controller;
+  @Autowired private IRequestStorage storage;
+  @Autowired private ITransactionStorage transStore;
+  @Autowired private DummyProtocolAuthService protAuthService;
+  @Autowired private DummySpecificCommunicationService connector;
+  
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+   
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+   
+    connector.setiLightResponse(null);
+    
+    
+  }
+  
+  @Test
+  public void noResponsToken() throws IOException, EaafException {
+    //set-up
+         
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void unknownResponseToken() throws IOException, EaafException {
+    //set-up
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        RandomStringUtils.randomAlphanumeric(10));
+         
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withRelayState() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String relayState = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(relayState);
+    storage.storePendingRequest(pendingReq);
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .relayState(relayState);
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("wrong eIDAS response", eidasResp, 
+        httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    
+    Assert.assertNotNull("missing error", protAuthService.getException());    
+    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(pendingReqId);
+    storage.storePendingRequest(pendingReq);
+    
+    String inResponseTo = "_".concat(Random.nextHexRandom16());
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo(inResponseTo)
+        .subjectNameIdFormat("afaf");
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(pendingReqId);
+    storage.storePendingRequest(pendingReq);
+            
+    String inResponseTo = "_".concat(Random.nextHexRandom16());
+    transStore.put(inResponseTo, pendingReqId, -1);
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo(inResponseTo)
+        .subjectNameIdFormat("afaf");
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("wrong eIDAS response", eidasResp, 
+        httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    
+    Assert.assertNotNull("missing error", protAuthService.getException());    
+    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
new file mode 100644
index 00000000..4d9ae035
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -0,0 +1,439 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyList;
+import static org.mockito.Mockito.when;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+import java.util.List;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.joda.time.DateTime;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import szrservices.GetBPKFromStammzahlEncryptedResponse;
+import szrservices.GetBPKFromStammzahlEncryptedResponseType;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+import szrservices.SignContentEntry;
+import szrservices.SignContentResponse;
+import szrservices.SignContentResponseType;
+import szrservices.TravelDocumentType;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class SzrClientTest {
+  private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
+
+  @Autowired SzrClient szrClient;
+  @Autowired MsConnectorDummyConfigMap basicConfig;
+
+  private static ObjectMapper mapper = new ObjectMapper();
+  
+  private static final String givenName = "Franz";
+  private static final String familyName = "Mustermann";
+  private static final String dateOfBirth = "1989-05-05";
+  private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
+  private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+  private SZR szrMock = null;
+  ErnbEidData eidData = null;
+
+  @Rule
+  public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * Initialize jUnit test.
+   */
+  @Before
+  public void initializer() {
+    if (szrMock == null) {
+      szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+
+    }
+    
+    eidData = new ErnbEidData();
+    eidData.setFamilyName(familyName);
+    eidData.setGivenName(givenName);
+    eidData.setDateOfBirth(new DateTime());
+    eidData.setCitizenCountryCode("IS");
+    eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
+      
+  }
+
+  
+  
+
+  @Test
+  public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException {
+    final GetBPKFromStammzahlEncryptedResponse szrResponse = new GetBPKFromStammzahlEncryptedResponse();
+    final GetBPKFromStammzahlEncryptedResponseType result1 = new GetBPKFromStammzahlEncryptedResponseType();
+    szrResponse.getOut().add(result1);
+
+    result1.setKey(RandomStringUtils.randomAlphanumeric(20));
+
+    //    when(szrMock.getBPKFromStammzahlEncrypted(anyList()))
+    //        .thenReturn(Arrays.asList(result1));
+    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(result1.getKey());
+
+    String stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
+
+    Assert.assertEquals("bcBind not match", result1.getKey(), stammzahlEncrypted);
+
+    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null);
+    try {
+      stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+    }
+  }
+
+  @Test
+  public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException {
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws")));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+    
+  }
+
+  @Test
+  public void eidasBindNull() throws SZRException_Exception {
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null);
+    
+    try {      
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }    
+  }
+  
+  @Test
+  public void eidasBindInvalidResponse() throws SZRException_Exception {
+    final SignContentEntry result2 = new SignContentEntry();
+    final SignContentResponseType content1 = new SignContentResponseType();
+    content1.getOut().add(result2);
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+    
+    try {
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }
+  }
+  
+  public void eidasBindEmptyResponse() throws SZRException_Exception {
+    final SignContentEntry result2 = new SignContentEntry();
+    final SignContentResponseType content1 = new SignContentResponseType();
+    content1.getOut().add(result2);
+    result2.setKey("bcBindReq");
+    result2.setValue("");
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+    
+    try {
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }    
+  }
+  
+  @Test
+  public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException, 
+      JsonProcessingException, JoseException {
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+       
+  }
+
+  @Test
+  public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException, 
+      JsonMappingException, JsonProcessingException {
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true");
+    
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+
+  }
+  
+  @Test
+  public void getIdentityLinkRawModeValidResponse()
+      throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
+      EidasSAuthenticationException, JAXBException {
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+    try {
+      log.debug("Starting connecting SZR Gateway");
+      final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(getPersonInfo());
+
+      Assert.assertNotNull(result);
+      Assert.assertNotNull(result.getAssertion());
+
+      final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result.getAssertion())
+          .parseIdentityLink();
+      Assert.assertNotNull(identityLink);
+
+      System.out.println(identityLink.getSerializedSamlAssertion());
+
+      checkElement("Mustermann", identityLink.getFamilyName());
+      checkElement("Hans", identityLink.getGivenName());
+      checkElement("1989-05-05", identityLink.getDateOfBirth());
+      checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType());
+      checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue());
+      Assert.assertNotNull(identityLink.getSerializedSamlAssertion());
+      Assert.assertNotNull(identityLink.getSamlAssertion());
+
+    } catch (final SzrCommunicationException e) {
+      Assert.fail();
+
+    }
+
+  }
+
+  @Test
+  public void getIdentityLinkRawModeErrorTravelerDocExists()
+      throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
+      EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException {
+    setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml");
+
+    try {
+      log.debug("Starting connecting SZR Gateway");
+      szrClient.getIdentityLinkInRawMode(getPersonInfo());
+      Assert.fail();
+
+    } catch (final SzrCommunicationException e) {
+      checkElement("ernb.02", e.getErrorId());
+      Assert.assertNotNull(e.getCause());
+      org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause());
+      Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault());
+      checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode());
+      checkElement(
+          "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
+          ((SOAPFaultException) e.getCause()).getFault().getFaultString());
+
+    }
+
+  }
+
+  @Ignore
+  @Test
+  public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+    final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig
+        .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"));
+
+    if (bPK.isEmpty()) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
+    }
+    for (final String b : bPK) {
+      if (StringUtils.isEmpty(b)) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
+      }
+    }
+
+  }
+
+  private void checkElement(String expected, String value) {
+    Assert.assertNotNull(value);
+    Assert.assertEquals(expected, value);
+
+  }
+
+  private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+    final JAXBContext jaxbContext = JAXBContext
+        .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+                     org.w3._2000._09.xmldsig.ObjectFactory.class,
+                     at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+    final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+    final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+        .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+    when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+  }
+
+  private void setSzrExceptionIdentityLink(String responseXmlPath)
+      throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception {
+    final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath));
+    final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344");
+    final SoapFault fault = new SoapFault(
+        "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
+        qName);
+    fault.setRole("urn:SZRServices");
+    fault.setDetail(detailerror);
+    when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault);
+
+  }
+
+  private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+    try {
+      final MessageDigest md = MessageDigest.getInstance("SHA-256");
+      final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+      final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+      return hashBase64;
+
+    } catch (final Exception ex) {
+      throw new EidasSAuthenticationException("internal.03", new Object[]{}, ex);
+
+    }
+  }
+
+  private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    final TravelDocumentType eDocument = new TravelDocumentType();
+
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    personInfo.setTravelDocument(eDocument);
+
+    // parse some eID attributes
+    final Triple<String, String, String> eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+    final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+    final String citizenCountry = eIdentifier.getFirst();
+
+    // person information
+    personName.setFamilyName(familyName);
+    personName.setGivenName(givenName);
+    naturalPerson.setDateOfBirth(dateOfBirth);
+    eDocument.setIssuingCountry(citizenCountry);
+    eDocument.setDocumentNumber(uniqueId);
+
+    // eID document information
+    eDocument.setDocumentType(basicConfig
+                                  .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+                                                         Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+    return personInfo;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
new file mode 100644
index 00000000..1e7ff369
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
@@ -0,0 +1,236 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.util.encoders.Base64;
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZRException_Exception;
+import szrservices.TravelDocumentType;
+
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {
+    //"classpath:/application.properties",
+    "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+    })
+public class SzrClientTestProduction {
+  private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
+
+  @Autowired
+  SzrClient szrClient;
+  @Autowired
+  IConfiguration basicConfig;
+
+  private static final String givenName = "Franz";
+  private static final String familyName = "Mustermann";
+  // private static final String dateOfBirth = "1989-05-05";
+  private static final String dateOfBirth = "1989-05-04";
+  private static final String eIDASeID = "IS/AT/1234ffgsdfg56789ABCDEF";
+
+  private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+  @Test
+  public void dummyTest() {
+
+  }
+
+  @Test
+  public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException {    
+    String vsz = szrClient.getEncryptedStammzahl(getPersonInfo());   
+    Assert.assertNotNull("vsz", vsz);
+        
+  }
+
+  @Test
+  public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException {    
+    String vsz = RandomStringUtils.randomAlphanumeric(10);
+    String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes());
+    String eidStatus = "urn:eidgvat:eid.status.eidas";
+    ErnbEidData eidData = new ErnbEidData();
+    eidData.setFamilyName(familyName);
+    eidData.setGivenName(givenName);
+    eidData.setDateOfBirth(new DateTime());
+    eidData.setCitizenCountryCode("IS");
+    eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+    
+    
+    String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData);   
+    
+    Assert.assertNotNull("eidasBind", eidasBind);
+        
+  }
+  
+  
+  @Test
+  public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException,
+      NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException {
+    log.debug("Starting connecting SZR Gateway");
+    final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
+        getPersonInfo());
+
+    final Element idlFromSzr = (Element) result.getAssertion();
+    final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
+
+    if (identityLink == null) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO IDL object" });
+    }
+
+    System.out.println(identityLink.getSerializedSamlAssertion());
+
+    if (StringUtils.isEmpty(identityLink.getFamilyName())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO FamilyName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getGivenName())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO GivenName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO DateOfBirthName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getIdentificationType())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseIdType from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getIdentificationValue())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseId from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO serialized IDL" });
+    }
+
+    if (identityLink.getSamlAssertion() == null) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO raw IDL" });
+    }
+
+  }
+
+
+  @Ignore
+  @Test
+  public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+    final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET,
+        basicConfig.getBasicConfiguration(
+            Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+            "no VKZ defined"));
+
+    if (bPK.isEmpty()) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
+    }
+    for (String b : bPK) {
+      if (StringUtils.isEmpty(b)) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
+      }
+    }
+
+  }
+
+  private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+    try {
+      final MessageDigest md = MessageDigest.getInstance("SHA-256");
+      final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+      final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+      return hashBase64;
+
+    } catch (final Exception ex) {
+      throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex);
+
+    }
+  }
+
+  private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    final TravelDocumentType eDocument = new TravelDocumentType();
+
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    personInfo.setTravelDocument(eDocument);
+
+    // parse some eID attributes
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+    final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+    final String citizenCountry = eIdentifier.getFirst();
+
+    // person information
+    personName.setFamilyName(familyName);
+    personName.setGivenName(givenName);
+    naturalPerson.setDateOfBirth(dateOfBirth);
+    eDocument.setIssuingCountry(citizenCountry);
+    eDocument.setDocumentNumber(uniqueId);
+
+    // eID document information
+    eDocument.setDocumentType(basicConfig.getBasicConfiguration(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+        Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+    return personInfo;
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
new file mode 100644
index 00000000..d2b0c1ae
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
@@ -0,0 +1,58 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.util.Collection;
+
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+public class DummySpecificCommunicationService implements SpecificCommunicationService {
+
+  private ILightRequest lightRequest;
+  private ILightResponse lightResponse;
+
+  @Override
+  public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException {
+    this.lightRequest = lightRequest;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    return lightRequest;
+  }
+
+  @Override
+  public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException {
+    this.lightResponse = lightResponse;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    return lightResponse;
+  }
+
+  public ILightRequest getiLightRequest() {
+    return lightRequest;
+  }
+
+  public void setiLightRequest(ILightRequest lightReques) {
+    this.lightRequest = lightReques;
+  }
+
+  public ILightResponse getiLightResponse() {
+    return lightResponse;
+  }
+
+  public void setiLightResponse(ILightResponse lightResponse) {
+    this.lightResponse = lightResponse;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
new file mode 100644
index 00000000..7aab1f3e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -0,0 +1,492 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.powermock.api.mockito.PowerMockito.when;
+
+import java.net.URISyntaxException;
+import java.security.KeyStore;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.annotation.Nonnull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.JwsHeaderParam;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SignContentEntry;
+import szrservices.SignContentResponseType;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskEidNewTest {
+
+  @Autowired(required = true)
+  private CreateIdentityLinkTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+
+  @Autowired
+  EaafKeyStoreFactory keyStoreFactory;
+
+  @Autowired
+  private IRequestStorage requestStorage;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private SZR szrMock;
+
+  private static final String PW = "f/+saJBc3a}*/T^s";
+  private static final String ALIAS = "connectorkeypair";
+
+  private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays
+      .asList(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+          AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+  private static ObjectMapper mapper = new ObjectMapper();
+  
+  private AuthenticationResponse response;
+  
+  @Rule
+  public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+    pendingReq = new TestRequestImpl();
+
+    response = buildDummyAuthResponse(false);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+    
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+    szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+  }
+
+  @Test
+  public void successfulProcessWithDeInfos() throws Exception {
+    //initialize test
+    response = buildDummyAuthResponse(true);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+    
+    String vsz = RandomStringUtils.randomNumeric(10);
+    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+    val signContentResp = new SignContentResponseType();
+    final SignContentEntry signContentEntry = new SignContentEntry();
+    signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+    signContentResp.getOut().add(signContentEntry);
+    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNotNull("AuthBlock", authBlock);
+    
+    Assert.assertTrue("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    
+    // check authblock signature
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    
+    
+    // check vsz request
+    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);        
+    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+    
+    Boolean param5 = argument5.getValue();
+    Assert.assertTrue("insertERnP flag", param5);    
+    PersonInfoType person = argument4.getValue();
+    Assert.assertEquals("FamilyName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), 
+        person.getPerson().getName().getFamilyName());
+    Assert.assertEquals("GivenName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), 
+        person.getPerson().getName().getGivenName());
+    Assert.assertEquals("DateOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+            .toString().split("T")[0], 
+        person.getPerson().getDateOfBirth());
+    
+    Assert.assertEquals("PlaceOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), 
+        person.getPerson().getPlaceOfBirth());    
+    Assert.assertEquals("BirthName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), 
+        person.getPerson().getAlternativeName().getFamilyName());
+    
+    Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+    Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+    
+    Assert.assertEquals("Identifier", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+            .toString().split("/")[2], 
+        person.getTravelDocument().getDocumentNumber());
+           
+    // check bcBind singing request
+    ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class);
+    ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class);
+    ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class);
+    verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture());
+    Boolean param1 = argument1.getValue();
+    Assert.assertFalse("addCert flag", param1);
+    
+    List<JwsHeaderParam> param2 = argument2.getValue();
+    Assert.assertNotNull("JWS Headers", param2); 
+    Assert.assertFalse("JWS Headers empty", param2.isEmpty());
+    Assert.assertEquals("Wrong JWS header size", 1, param2.size());
+    Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey());
+    Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue());
+    
+    List<SignContentEntry> param3 = argument3.getValue();
+    Assert.assertNotNull("sign Payload", param3);
+    Assert.assertEquals("wrong sign-payload size", 1, param3.size());    
+    Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());    
+    JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes());
+    Assert.assertNotNull("bcbind req", bcBind);
+    
+    Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText());
+    Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", 
+        bcBind.get("urn:eidgvat:attributes.eid.status").asText());
+    Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys"));
+    Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());    
+    Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements();
+    Assert.assertTrue("No PubKey", pubKeys.hasNext());
+    Assert.assertEquals("Wrong pubKey", 
+        "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y"
+        + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN"
+        + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No"
+        + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", 
+        pubKeys.next().asText());
+    Assert.assertFalse("More than one PubKey", pubKeys.hasNext());
+    
+  }
+
+  @Test
+  public void successfulProcessWithStandardInfos() throws Exception {
+    //initialize test    
+    String vsz = RandomStringUtils.randomNumeric(10);
+    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+    val signContentResp = new SignContentResponseType();
+    final SignContentEntry signContentEntry = new SignContentEntry();
+    signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+    signContentResp.getOut().add(signContentEntry);
+    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    // check authblock signature
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNotNull("AuthBlock", authBlock);
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText());
+    
+    Assert.assertTrue("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+      
+    // check vsz request
+    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);        
+    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+    
+    Boolean param5 = argument5.getValue();
+    Assert.assertTrue("insertERnP flag", param5);    
+    PersonInfoType person = argument4.getValue();
+    Assert.assertEquals("FamilyName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), 
+        person.getPerson().getName().getFamilyName());
+    Assert.assertEquals("GivenName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), 
+        person.getPerson().getName().getGivenName());
+    Assert.assertEquals("DateOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+            .toString().split("T")[0], 
+        person.getPerson().getDateOfBirth());
+    
+    Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());     
+    Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+    
+    Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+    Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+    
+    Assert.assertEquals("Identifier", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+            .toString().split("/")[2], 
+        person.getTravelDocument().getDocumentNumber());
+           
+   
+  }
+  
+  @Test
+  public void getStammzahlEncryptedExceptionTest() throws Exception {
+    try {
+      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
+      task.execute(pendingReq, executionContext);
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+          "IdentityLink generation for foreign person " + "FAILED.");
+      Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+          "ernb.01");
+      Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("Stammzahl response empty"));
+    }
+  }
+
+  @Test
+  public void signContentExceptionTest() throws Exception {
+    try {
+      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
+      when(szrMock, "signContent", any(), any(), any()).thenReturn(null);
+      task.execute(pendingReq, executionContext);
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+          "IdentityLink generation for foreign person " + "FAILED.");
+      Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+          "ernb.01");
+      Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("BcBind response empty"));
+    }
+  }
+
+  private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
+    // read Connector wide config data TODO connector wide!
+    String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
+    String keyStorePw = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD);
+    String keyStorePath = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH);
+    String keyStoreType = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE);
+
+
+    //build new KeyStore configuration
+    KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration();
+    keyStoreConfiguration.setFriendlyName("jUnit test");
+
+    keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath);
+    keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw);
+    keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType));
+    keyStoreConfiguration.setKeyStoreName(keyStoreName);
+
+    //build new KeyStore based on configuration
+    return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration);
+
+  }
+
+  @Nonnull
+  private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+    final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
+    final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_BIRTHNAME).first();
+   
+    final Builder attributeMap = ImmutableAttributeMap.builder();
+    attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
+    attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
+    attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
+    attributeMap.put(attributeDef4, "2001-01-01");
+    if (withAll) {
+      attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+      attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
+      
+    }
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+        .attributes(attributeMap.build())
+        .build();
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
new file mode 100644
index 00000000..a9d2f332
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -0,0 +1,464 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+
+import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.annotation.Nonnull;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskTest {
+
+  @Autowired(required = true)
+  private CreateIdentityLinkTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+
+  @Autowired
+  EaafKeyStoreFactory keyStoreFactory;
+
+  @Autowired
+  private IRequestStorage requestStorage;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private SZR szrMock;
+  
+  private AuthenticationResponse response;
+  private Map<String, String> spConfig;
+  
+  @Rule
+  public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false");
+    
+    spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+    pendingReq = new TestRequestImpl();
+
+    response = buildDummyAuthResponse();
+
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+    szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+  }
+
+    
+  @Test
+  public void buildIdentityLink() throws Exception {
+    //initialize test   
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+     
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+    checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+    checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+    checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+    checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+    checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());    
+   
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithWbpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+   
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithEidasBpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");
+    spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+   
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+    checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());
+    checkElement("Martina", authProcessData.getIdentityLink().getGivenName());
+    checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());
+    checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+    checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+    
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithUnknownBpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("unknown bPKType not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "builder.33", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+
+    }      
+  }
+  
+  @Test
+  public void noBpkResult() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    GetBPKResponse getBpkResp = new GetBPKResponse();
+    org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+    
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("unknown bPKType not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "ernb.01", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      
+    }      
+  }
+  
+  @Test
+  public void bPKFromSzr() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    String bpk = RandomStringUtils.randomAlphanumeric(10);
+    GetBPKResponse getBpkResp = new GetBPKResponse();
+    getBpkResp.getGetBPKReturn().add(bpk);
+    org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+    
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+    
+    //execute test
+      task.execute(pendingReq, executionContext);
+     
+      
+      //validate state    
+      // check if pendingRequest was stored
+      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+      Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+      
+      //check data in session
+      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+      Assert.assertNotNull("AuthProcessData", authProcessData);
+      Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+      String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+      Assert.assertNull("AuthBlock", authBlock);
+      
+      Assert.assertFalse("EID process", authProcessData.isEidProcess());
+      Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+      Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+      Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+          authProcessData.getQaaLevel());
+      
+      Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+      Assert.assertEquals("wrong bPK", bpk, 
+          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+  }
+  
+  @Test
+  public void buildDummyIdl() throws Exception {
+    //initialize test
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true");
+    
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+        
+  }
+
+  private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+    final JAXBContext jaxbContext = JAXBContext
+        .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+                     org.w3._2000._09.xmldsig.ObjectFactory.class,
+                     at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+    final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+    final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+        .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+    org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+  }
+  private void checkElement(String expected, String value) {
+    Assert.assertNotNull(value);
+    Assert.assertEquals(expected, value);
+
+  }
+  
+  @Nonnull
+  private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
+    final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+        .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+        .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+        .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode("200")
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+        .attributes(attributeMap)
+        .build();
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
new file mode 100644
index 00000000..763d7d39
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -0,0 +1,670 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertNull;
+
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskTest {
+
+  @Autowired(required = true)
+  private GenerateAuthnRequestTask task;
+  @Autowired(required = true)
+  private DummySpecificCommunicationService commService;
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Map<String, String> spConfig;
+    
+  
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", 
+        RandomStringUtils.randomAlphabetic(10));
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", 
+        "http://test/" + RandomStringUtils.randomAlphabetic(5));  
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat");        
+    basicConfig.removeConfigValue(Constants.CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR);    
+    
+  }
+  
+  @Test
+  public void missingIssuer() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");   
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Issuer not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+     
+    }
+  }
+  
+  @Test
+  public void missingForwardUrl() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");   
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Forward-URL not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }
+  }
+   
+  @Test
+  public void selectUnknownStage() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String stage = RandomStringUtils.randomAlphabetic(5);
+    executionContext.put("selectedEnvironment", stage);
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Forward-URL not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_URL + "." + stage, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }
+  }
+  
+  @Test
+  public void selectQsEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "qs");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void selectTestEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "test");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void selectDevEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "dev");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void noCountryCode() {
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No countryCode not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
+      org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
+          .getOriginalException(), "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
+          .getErrorId());
+
+    }
+  }
+
+  @Test
+  public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs");
+    
+
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());    
+    Assert.assertNull("msConnector Staging", 
+        pendingReq.getRawData(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class));
+    
+  }
+      
+  @Test
+  public void withMsConnectorStaging() throws TaskExecutionException,
+      SpecificCommunicationException {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs");
+    
+    String msConnectorStage = RandomStringUtils.randomAlphanumeric(10);
+    basicConfig.putConfigValue(Constants.CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR, msConnectorStage);
+    
+
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state    
+    Assert.assertEquals("msConnector Staging", msConnectorStage,
+        pendingReq.getRawData(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class));
+    
+    
+    
+  }
+  
+  @Test
+  public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException {
+    String cc = RandomStringUtils.randomAlphabetic(2);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc);
+    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderNames", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("wrong issuer", 
+        basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer());
+    Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());    
+    assertNull("NameIdPolicy not null", eidasReq.getNameIdFormat());
+    
+  }
+
+  @Test
+  public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+            
+    String nameIdFormat = RandomStringUtils.randomAlphabetic(10);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat", nameIdFormat);
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertNotNull("ProviderName found", eidasReq.getProviderName());
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    Assert.assertEquals("NameIdFormat", nameIdFormat, eidasReq.getNameIdFormat());
+    
+  }
+  
+  @Test
+  public void publicSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId found", "myNode", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void privateSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
+    
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "Austria", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "Austria", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+        
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing template not detected");
+             
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ", 
+          ((GuiBuildException) e.getOriginalException()).getMessage());
+      
+    }    
+  }
+  
+  @Test
+  public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, "http://junit.sp");
+
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "Wr8LrrVf5SYneblOlZdZNaLQQCCgzklfKQvyeZjBx10=", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+  @Test
+  public void privateSPWithoutRequestIdHashing() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
+
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "false");
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", requesterId, eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+  @Test
+  public void withoutProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertNull("ProviderName found", eidasReq.getProviderName());
+    Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
new file mode 100644
index 00000000..ba77610a
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -0,0 +1,253 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.annotation.Nonnull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class ReceiveEidasResponseTaskTest {
+
+  @Autowired(required = true)
+  private ReceiveAuthnResponseTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+  
+  @Autowired private IRequestStorage storage;
+  
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+  }
+  
+  @Test
+  public void missingEidasResponse() {    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No eIDAS response not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "eidas.01", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void notSuccessEidasResponse() throws URISyntaxException {    
+    String statusCode = RandomStringUtils.randomAlphabetic(10);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, 
+        buildDummyAuthResponse(statusCode));
+    
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No eIDAS response not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "eidas.02", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }        
+  }
+    
+  @Test
+  public void successAndForward() throws URISyntaxException, TaskExecutionException, 
+      PendingReqIdValidationException, EaafStorageException {    
+    
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");  
+        
+    String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(
+        MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, alternativReturnEndpoint);
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+            
+    //validate state    
+    Assert.assertEquals("msConnectorStage", true, 
+        (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING));
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(alternativReturnEndpoint));
+    
+        
+  }
+  
+  @Test
+  public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    @Nonnull
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
+        
+    Assert.assertEquals("msConnectorStage", false, 
+        (Boolean) executionContext.get(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING));    
+  }
+  
+  @Test
+  public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
+    
+    @Nonnull      
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
+        
+  }
+  
+  
+  
+  @Nonnull
+  private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
+    final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+        .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+        .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+        .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(statusCode)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .attributes(attributeMap)
+        .build();
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
new file mode 100644
index 00000000..ad38e371
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
@@ -0,0 +1,139 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class JoseUtilsTest {
+  
+  @Autowired private EaafKeyStoreFactory keyStoreFactory;
+  
+  private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
+      Arrays.asList(
+          AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+          AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+  
+  @Test
+  public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    try {
+      JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");
+      Assert.fail("missing Key not detected");
+      
+    } catch (EaafException e) {      
+      Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId());
+      
+    }
+  }
+  
+  @Test
+  public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest");
+   
+    Assert.assertNotNull("signed message", result);
+    Assert.assertFalse("signed msg empty", result.isEmpty());
+    
+
+    //validate
+    List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        AUTH_ALGORITHM_WHITELIST_SIGNING
+            .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+    
+    Assert.assertTrue("sig. verify", verify.isValid());
+    Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+        
+  }
+  
+  @Test
+  public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest");
+   
+    Assert.assertNotNull("signed message", result);
+    Assert.assertFalse("signed msg empty", result.isEmpty());
+    
+
+    //validate
+    List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        AUTH_ALGORITHM_WHITELIST_SIGNING
+            .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+    
+    Assert.assertTrue("sig. verify", verify.isValid());
+    Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+        
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
new file mode 100644
index 00000000..9bb51cd9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -0,0 +1,460 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.joda.time.DateTime;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasAttributePostProcessingTest {
+
+  @Autowired
+  private CcSpecificEidProcessingService postProcessor;
+
+  // lower case
+  private static final String P1_eIDASID =
+      "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
+  private static final String P1_GIVENNAME = "Max";
+  private static final String P1_FAMILYNAME = "Mustermann";
+  private static final DateTime P1_DATEOFBIRTH = DateTime.now();
+  private static final String P1_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P1_BIRTHNAME = "Musterkind";
+
+  // mixed
+  private static final String P3_eIDASID =
+      "DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25";
+  private static final String P3_GIVENNAME = "Max";
+  private static final String P3_FAMILYNAME = "Mustermann";
+  private static final DateTime P3_DATEOFBIRTH = DateTime.now();
+  private static final String P3_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P3_BIRTHNAME = "Musterkind";
+
+  // upper case
+  private static final String P4_eIDASID =
+      "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25";
+  private static final String P4_GIVENNAME = "Max";
+  private static final String P4_FAMILYNAME = "Mustermann";
+  private static final DateTime P4_DATEOFBIRTH = DateTime.now();
+  private static final String P4_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P4_BIRTHNAME = "Musterkind";
+
+  // To long identifier
+  private static final String P5_eIDASID =
+      "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251";
+  private static final String P5_GIVENNAME = "Max";
+  private static final String P5_FAMILYNAME = "Mustermann";
+  private static final DateTime P5_DATEOFBIRTH = DateTime.now();
+  private static final String P5_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P5_BIRTHNAME = "Musterkind";
+
+  // to short identifier
+  private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+  private static final String P6_GIVENNAME = "Max";
+  private static final String P6_FAMILYNAME = "Mustermann";
+  private static final DateTime P6_DATEOFBIRTH = DateTime.now();
+  private static final String P6_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P6_BIRTHNAME = "Musterkind";
+
+  // no hex encoded identifier
+  private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+  private static final String P7_GIVENNAME = "Max";
+  private static final String P7_FAMILYNAME = "Mustermann";
+  private static final DateTime P7_DATEOFBIRTH = DateTime.now();
+  private static final String P7_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P7_BIRTHNAME = "Musterkind";
+
+  private static final String P2_eIDASID =
+      "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+  private static final String P2_GIVENNAME = "Max";
+  private static final String P2_FAMILYNAME = "Mustermann";
+  private static final DateTime P2_DATEOFBIRTH = DateTime.now();
+  private static final String P2_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P2_BIRTHNAME = "Musterkind";
+
+  /**
+   * jUnit class initializer.
+   * 
+   * @throws IOException In case of an error
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+    final String current = new java.io.File(".").toURI().toString();
+    System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+  }
+
+  @Test
+  public void deWithHexLowerCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P1_eIDASID,
+              P1_FAMILYNAME,
+              P1_GIVENNAME,
+              P1_DATEOFBIRTH,
+              P1_PLACEOFBIRTH,
+              P1_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P1_FAMILYNAME,
+          P1_GIVENNAME,
+          P1_DATEOFBIRTH,
+          P1_PLACEOFBIRTH,
+          P1_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexMixedCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P3_eIDASID,
+              P3_FAMILYNAME,
+              P3_GIVENNAME,
+              P3_DATEOFBIRTH,
+              P3_PLACEOFBIRTH,
+              P3_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P3_FAMILYNAME,
+          P3_GIVENNAME,
+          P3_DATEOFBIRTH,
+          P3_PLACEOFBIRTH,
+          P3_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexUpperCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P4_eIDASID,
+              P4_FAMILYNAME,
+              P4_GIVENNAME,
+              P4_DATEOFBIRTH,
+              P4_PLACEOFBIRTH,
+              P4_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P4_FAMILYNAME,
+          P4_GIVENNAME,
+          P4_DATEOFBIRTH,
+          P4_PLACEOFBIRTH,
+          P4_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexTooLongCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P5_eIDASID,
+              P5_FAMILYNAME,
+              P5_GIVENNAME,
+              P5_DATEOFBIRTH,
+              P5_PLACEOFBIRTH,
+              P5_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Too long input accepted");
+  }
+
+  @Test
+  public void deWithHexTooShortCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P6_eIDASID,
+              P6_FAMILYNAME,
+              P6_GIVENNAME,
+              P6_DATEOFBIRTH,
+              P6_PLACEOFBIRTH,
+              P6_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Too short input accepted");
+  }
+
+  @Test
+  public void deWithNoHexCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P7_eIDASID,
+              P7_FAMILYNAME,
+              P7_GIVENNAME,
+              P7_DATEOFBIRTH,
+              P7_PLACEOFBIRTH,
+              P7_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Not hex encoded input accepted");
+  }
+
+  @Test
+  public void eeTestCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void eeTestFamilyNameMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              null,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("FamilyName missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestGivenNameMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              null,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("GivenName missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestDateOfBirthMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              null,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("DateOfBirth missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestIdMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              null,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("eIDAS-Id missing input accepted");
+
+  }
+
+  private Map<String, Object> generateInputData(String id, String familyName, String givenName,
+      DateTime dateOfBirth, String placeOfBirth, String birthName) {
+    final Map<String, Object> result = new HashMap<>();
+    result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
+    result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
+    result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
+    result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
+    result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
+    result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName);
+    return result;
+
+  }
+
+  private void validate(ErnbEidData result, String id, String familyName, String givenName,
+      DateTime dateOfBirth, String placeOfBirth, String birthName) {
+    if (!result.getPseudonym().equals(id)) {
+      fail(result.getPseudonym() + "is not equal to " + id);
+    }
+
+    if (!result.getFamilyName().equals(familyName)) {
+      fail(result.getFamilyName() + "is not equal to " + familyName);
+    }
+
+    if (!result.getGivenName().equals(givenName)) {
+      fail(result.getGivenName() + "is not equal to " + givenName);
+    }
+
+    if (!result.getDateOfBirth().equals(dateOfBirth)) {
+      fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth);
+    }
+
+    if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth
+        .toDate()))) {
+      fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(
+          dateOfBirth.toDate()));
+    }
+
+    if (!result.getPlaceOfBirth().equals(placeOfBirth)) {
+      fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth);
+    }
+
+    if (!result.getBirthName().equals(birthName)) {
+      fail(result.getBirthName() + "is not equal to " + birthName);
+    }
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
new file mode 100644
index 00000000..7ac41500
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -0,0 +1,155 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingFirstTest {
+
+  @Autowired
+  private IConfigurationWithSP basicConfig;
+  @Autowired
+  private CcSpecificEidProcessingService preProcessor;
+
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Builder authnRequestBuilder;
+
+  /**
+   * jUnit class initializer.
+   * 
+   * @throws IOException In case of an error
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+//    final String current = new java.io.File(".").toURI().toString();
+//    System.setProperty("eidas.ms.configuration", 
+//        current + "src/test/resources/config/junit_config_de_attributes.properties");
+
+  }
+
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    authnRequestBuilder = LightRequest.builder();
+    authnRequestBuilder.id(UUID.randomUUID().toString());
+    authnRequestBuilder.issuer("Test");
+    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+
+  }
+
+  @Test
+  public void prePreProcessGeneric() throws EidPostProcessingException {
+    final String testCountry = "XX";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+
+  @Test
+  public void prePreProcessGenericNoCountryCode() throws EidPostProcessingException {
+    final String testCountry = "XX";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(null, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+
+  @Test
+  public void prePreProcessDE() throws EidPostProcessingException {
+
+    final String testCountry = "DE";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+  }
+    
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
new file mode 100644
index 00000000..9ee38296
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -0,0 +1,157 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingSecondTest {
+
+  @Autowired
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  private CcSpecificEidProcessingService preProcessor;
+
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Builder authnRequestBuilder;
+
+
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    authnRequestBuilder = LightRequest.builder();
+    authnRequestBuilder.id(UUID.randomUUID().toString());
+    authnRequestBuilder.issuer("Test");
+    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true");
+    
+  }
+
+  @Test
+  public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException {
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+    
+    final String testCountry = "DE";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+  }
+
+
+  /*
+   * Set ProviderName according to general configuration
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException {
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "false");
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+    Assert.assertNull("RequesterId", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
+  /* 
+   * Always set requesterId and providername in case of country LU
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException {
+
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        "myNode", lightReq.getProviderName());
+    Assert.assertEquals("RequesterId is not Static",
+        "myNode", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
new file mode 100644
index 00000000..b1f1b164
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -0,0 +1,333 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.attribute.impl.StringAttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class EidasResponseValidatorTest {
+
+  @Autowired private MsConnectorDummyConfigMap basicConfig;
+  @Autowired protected EidasAttributeRegistry attrRegistry;
+  
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+  }
+  
+  
+  @Test
+  public void loaFromResponseToLow() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_LOW,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "XX";
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void noEidasSpCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = null;
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Destination country does not match to SP country", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void noEidasResponseCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = null;
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Citizen country does not match to eIDAS-node country that generates the response", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void wrongEidasResponseCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "XX";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Citizen country does not match to eIDAS-node country that generates the response", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void missingPersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        null, 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void moreThanOnePersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        null, 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        true);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void emptyPersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "", 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Wrong identifier format", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void validResponse() throws URISyntaxException, EidasValidationException {
+    //set-up
+    
+    String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+
+    EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry);
+    
+  }
+  
+  
+  private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) 
+      throws URISyntaxException {
+    
+        
+    final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+
+    final Builder attributeMap = ImmutableAttributeMap.builder();
+    if (personalId != null) {
+      if (moreThanOnePersonalId) {
+        ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), 
+            new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10)));
+        attributeMap.put(personIdattributeDef, values); 
+        
+      } else {
+        attributeMap.put(personIdattributeDef, personalId);
+        
+      }      
+    }
+    
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(loa)
+        .attributes(attributeMap.build())
+        .build();
+  }
+}
+