Merge branch 'feature/ms_proxy_service' into 'nightlybuild'

add basic implementation of eIDAS-Node Proxy-Service request-controller

See merge request egiz/eidas_at_proxy!20

14 files changed, 3069 insertions, 0 deletions

diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java
new file mode 100644
index 00000000..fc4ad2b6
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/EidasProxyMessageSourceTest.java
@@ -0,0 +1,50 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.msproxyservice.EidasProxyMessageSource;
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_test.xml",
+    "/spring/SpringTest-context_basic_mapConfig.xml",
+  })
+public class EidasProxyMessageSourceTest {
+
+  @Autowired
+  private ResourceLoader loader;
+  @Autowired(required = false)
+  private List<IMessageSourceLocation> messageSources;
+
+  @Test
+  public void checkMessageSources() {
+    Assert.assertNotNull("No messageSource", messageSources);
+    Assert.assertFalse("No message source", messageSources.isEmpty());
+    
+    boolean found = false;
+    
+    for (final IMessageSourceLocation messageSource : messageSources) {
+      found = found ? found : messageSource instanceof EidasProxyMessageSource;
+
+      Assert.assertNotNull("No sourcePath", messageSource.getMessageSourceLocation());
+      for (final String el : messageSource.getMessageSourceLocation()) {
+        final Resource messages = loader.getResource(el + ".properties");
+        Assert.assertTrue("Source not exist", messages.exists());
+
+      }
+    }
+    
+    Assert.assertTrue("Internal messagesource not found", found);
+    
+  }
+}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java
new file mode 100644
index 00000000..9a690664
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/MsProxyServiceSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class MsProxyServiceSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final MsProxyServiceSpringResourceProvider test =
+        new MsProxyServiceSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+ 
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          MsProxyServiceSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+    }
+  }
+
+}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java
new file mode 100644
index 00000000..dfa4e264
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerBorisTest.java
@@ -0,0 +1,197 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.List;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_test.xml",
+    "/spring/SpringTest-context_basic_mapConfig2.xml",
+  })
+@EnableWebMvc
+public class EidasProxyServiceControllerBorisTest {
+
+  @Autowired private EidasProxyServiceController controller;
+  
+  @Autowired private DummySpecificCommunicationService proxyService;
+  @Autowired private DummyProtocolAuthService authService;
+  @Autowired private EidasAttributeRegistry attrRegistry;
+  @Autowired private ApplicationContext context;
+  
+  @Autowired MsConnectorDummyConfigMap config;
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  
+  private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+       
+    proxyService.setiLightRequest(null);
+    proxyService.setError(null);
+            
+    config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", 
+        "http://eidas.proxy/endpoint");
+    
+    springManagedSpecificConnectorCommunicationService =
+        (SpecificCommunicationService) context.getBean(
+            SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+                .toString());
+    
+  }  
+  
+  @Test
+  public void validAuthnRequestWithBorisAttributeLegal() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String issuer = RandomStringUtils.randomAlphabetic(10);
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                "eJusticeLegalPersonRole").first())
+            .build());
+       
+    proxyService.setiLightRequest(authnReqBuilder.build());
+   
+
+    // set default mandate configuration    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+   
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size());
+    assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0));      
+    assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode());    
+    
+    assertEquals("requested IDA attributes", 10, spConfig.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithBorisAttributeNat() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String issuer = RandomStringUtils.randomAlphabetic(10);
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                "eJusticeNaturalPersonRole").first())
+            .build());
+       
+    proxyService.setiLightRequest(authnReqBuilder.build());
+   
+
+    // set default mandate configuration    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+   
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size());
+    assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0));      
+    assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode());    
+    
+    assertEquals("requested IDA attributes", 6, spConfig.getRequestedAttributes().size());    
+
+  }
+  
+}
+
+
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
new file mode 100644
index 00000000..5894ea45
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/EidasProxyServiceControllerTest.java
@@ -0,0 +1,852 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.net.URLDecoder;
+import java.text.MessageFormat;
+import java.util.Arrays;
+import java.util.List;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.opensaml.saml.saml2.core.StatusCode;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.core.config.ServiceProviderConfiguration;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
+import at.asitplus.eidas.specific.modules.msproxyservice.MsProxyServiceConstants;
+import at.asitplus.eidas.specific.modules.msproxyservice.exception.EidasProxyServiceException;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.EidasProxyServiceController;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions.SpMandateModes;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_test.xml",
+    "/spring/SpringTest-context_basic_mapConfig.xml",
+  })
+@EnableWebMvc
+public class EidasProxyServiceControllerTest {
+
+  @Autowired private EidasProxyServiceController controller;
+  
+  @Autowired private DummySpecificCommunicationService proxyService;
+  @Autowired private DummyProtocolAuthService authService;
+  @Autowired private EidasAttributeRegistry attrRegistry;
+  @Autowired private ApplicationContext context;
+  
+  @Autowired MsConnectorDummyConfigMap config;
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  
+  private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    httpReq = new MockHttpServletRequest("POST", "http://localhost/ms_connector/eidas/light/idp/redirect");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+       
+    proxyService.setiLightRequest(null);
+    proxyService.setError(null);
+            
+    config.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", 
+        "http://eidas.proxy/endpoint");
+    
+    springManagedSpecificConnectorCommunicationService =
+        (SpecificCommunicationService) context.getBean(
+            SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+                .toString());
+    
+  }
+  
+  @Test
+  public void generateErrorResponseWrongPendingReq() throws Throwable {    
+    Assert.assertFalse("wrong statusCode", controller.generateErrorMessage(
+        new EaafException("1000"), 
+        httpReq, httpResp, null));    
+    
+  }
+  
+  @Test
+  public void generateErrorResponse() throws Throwable {    
+    ProxyServicePendingRequest pendingReq = new ProxyServicePendingRequest();
+    pendingReq.initialize(httpReq, config);
+    
+    LightRequest.Builder eidasRequestBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requesterId(RandomStringUtils.randomAlphanumeric(10))
+        .providerName(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    // execute test
+    Assert.assertTrue("wrong statusCode", controller.generateErrorMessage(
+        new EaafException("1000"), 
+        httpReq, httpResp, 
+        pendingReq));    
+    
+    // validate state
+    assertNotNull("not redirct Header", httpResp.getHeader("Location"));
+    assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));    
+    String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
+    
+    ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token, "UTF-8"), 
+        ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));    
+    
+    assertNotNull("responseId", resp.getId());
+    assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
+    assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
+    
+    assertNotNull("subjectNameId", resp.getSubject());
+    assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());  
+    assertTrue("not attributes", resp.getAttributes().isEmpty());    
+
+    assertEquals("StatusCode", StatusCode.RESPONDER, resp.getStatus().getStatusCode());
+    //assertEquals("SubStatusCode", "", resp.getStatus().getSubStatusCode());
+    //assertEquals("StatusMsg", "", resp.getStatus().getStatusMessage());
+    
+  }
+  
+  @Test
+  public void missingEidasToken() {       
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.02", exception.getErrorId());
+   
+  }
+  
+  @Test
+  public void wrongEidasTokenWithNullpointerException() {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.11", exception.getErrorId());
+   
+  }
+  
+  @Test
+  public void wrongEidasTokenCacheCommunicationError() {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    proxyService.setError(new SpecificCommunicationException(RandomStringUtils.randomAlphanumeric(10)));
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.03", exception.getErrorId());
+    Assert.assertTrue("Wrong exception", (exception.getCause() instanceof SpecificCommunicationException));
+    
+  }
+    
+  @Test
+  public void missingServiceProviderCountry() {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.07", exception.getErrorId());
+    
+  }
+    
+  @Test
+  public void requestingLegalAndNaturalPerson() {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+            .build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.08", exception.getErrorId());
+    
+  }
+  
+  @Test
+  public void requestLegalPersonButNoMandates() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+  //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.09", exception.getErrorId());  
+  
+  }
+  
+  @Test
+  public void validAuthnRequest() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_BIRTHNAME).first())
+            .build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    Assert.assertNotNull("pendingRequest", authService.getPendingReq());
+    Assert.assertTrue("wrong pendingRequest", authService.getPendingReq() instanceof ProxyServicePendingRequest);
+    ProxyServicePendingRequest pendingReq = (ProxyServicePendingRequest) authService.getPendingReq();        
+    Assert.assertNotNull("missing uniqueSpId", pendingReq.getSpEntityId());        
+    Assert.assertNotNull("missing eidasReq", pendingReq.getEidasRequest());
+    
+    Assert.assertFalse("isPassive", pendingReq.isPassiv());
+    Assert.assertTrue("isPassive", pendingReq.forceAuth());
+    Assert.assertFalse("isPassive", pendingReq.isAuthenticated());
+    Assert.assertFalse("isPassive", pendingReq.isAbortedByUser());
+    Assert.assertTrue("isPassive", pendingReq.isNeedAuthentication());
+
+    Assert.assertNotNull("missing spConfig", pendingReq.getServiceProviderConfiguration());
+    ServiceProviderConfiguration spConfig = 
+        pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    Assert.assertNotNull("uniqueId", spConfig.getUniqueIdentifier());
+    Assert.assertEquals("uniqueId wrong pattern", 
+        authnReqBuilder.build().getIssuer(), 
+        spConfig.getUniqueIdentifier());    
+    Assert.assertEquals("friendlyName wrong pattern", 
+        MessageFormat.format(MsProxyServiceConstants.TEMPLATE_SP_UNIQUE_ID, spCountryCode, "public"), 
+        spConfig.getFriendlyName());
+    
+    Assert.assertEquals("uniqueId not match to pendingReq", 
+        pendingReq.getSpEntityId(), spConfig.getUniqueIdentifier());
+    Assert.assertNotNull("bpkTarget", spConfig.getAreaSpecificTargetIdentifier());
+    Assert.assertEquals("wrong bPK Target", 
+        EaafConstants.URN_PREFIX_EIDAS + "AT+" + spCountryCode, 
+        spConfig.getAreaSpecificTargetIdentifier());
+    
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+        
+    assertEquals("requested IDA attributes", 4, spConfig.getRequestedAttributes().size());
+    
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesDefaultProfilesNat() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfilesNat.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesNat.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+    
+    assertEquals("requested IDA attributes", 6, spConfig.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesDefaultProfilesJur() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfilesJur.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfilesJur.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+    
+    assertEquals("requested IDA attributes", 9, spConfig.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesDefaultNoJurProfiles() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+    
+    //validate state
+    EidasProxyServiceException exception = assertThrows(EidasProxyServiceException.class,
+        () -> controller.receiveEidasAuthnRequest(httpReq, httpResp));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.10", exception.getErrorId());
+        
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesDefaultNoNatProfiles() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, ""); 
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, "");
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+    
+    assertEquals("requested IDA attributes", 3, spConfig.getRequestedAttributes().size());
+        
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificNoMandates() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    
+    String issuer = RandomStringUtils.randomAlphabetic(10);    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "false");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertTrue("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("MandateMode", SpMandateModes.NONE, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificMandatesNat() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    
+    String issuer = "https://apps.egiz.gv.at/EidasNode//ConnectorMetadata";    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "false");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.NATURAL, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestIssueSpecificMandatesJur() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    
+    String issuer = RandomStringUtils.randomAlphabetic(10);    
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first()).build());
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+    
+    
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    // set specific mandate configuration
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+    
+    List<String> mandateProfiles = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(mandateProfiles, ","));
+    addConnectorConfig(0,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+        
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfiles.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, mandateProfiles.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.LEGAL_FORCE, spConfig.getMandateMode());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithMandatesProfilesBoth() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String issuer = RandomStringUtils.randomAlphabetic(10);
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+            .build());
+    
+
+    // set default mandate configuration    
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(Arrays.asList(
+            RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5)), ","));
+    
+    
+    // add custom SP config to allow both MDS in single request
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_UNIQUEID, issuer);
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_COUNTRYCODE, spCountryCode);
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_ENABLED, "true");
+
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));   
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_MANDATES_PROFILE_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));    
+    addConnectorConfig(25,  MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_VALIDATION_ATTR_MDS, "false");
+    
+    proxyService.setiLightRequest(authnReqBuilder.build());
+   
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", mandateProfilesNat.size() + mandateProfilesJur.size(), spConfig.getMandateProfiles().size());
+    spConfig.getMandateProfiles().stream()
+        .forEach(el -> assertTrue("missing mandateProfile: " + el, 
+            mandateProfilesNat.contains(el) || mandateProfilesJur.contains(el)));
+    assertEquals("MandateMode", SpMandateModes.BOTH, spConfig.getMandateMode());    
+    
+    assertEquals("requested IDA attributes", 10, spConfig.getRequestedAttributes().size());
+    
+  }
+  
+  
+  @Test
+  public void validAuthnRequestWithBorisAttributeLegal() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String issuer = RandomStringUtils.randomAlphabetic(10);
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                "eJusticeLegalPersonRole").first())
+            .build());
+       
+    proxyService.setiLightRequest(authnReqBuilder.build());
+   
+
+    // set default mandate configuration    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+   
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size());
+    assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0));      
+    assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode());    
+    
+    assertEquals("requested IDA attributes", 11, spConfig.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void validAuthnRequestWithBorisAttributeNat() throws IOException, EaafException {       
+    //initialize state
+    httpReq.addParameter(EidasParameterKeys.TOKEN.toString(), RandomStringUtils.randomAlphanumeric(10));    
+    String spCountryCode = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String issuer = RandomStringUtils.randomAlphabetic(10);
+    LightRequest.Builder authnReqBuilder = LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(issuer)
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(spCountryCode)
+        .spType("public")
+        .requestedAttributes(ImmutableAttributeMap.builder()
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+                "eJusticeNaturalPersonRole").first())
+            .build());
+       
+    proxyService.setiLightRequest(authnReqBuilder.build());
+   
+
+    // set default mandate configuration    
+    List<String> mandateProfilesNat = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    List<String> mandateProfilesJur = 
+        Arrays.asList(RandomStringUtils.randomAlphabetic(5), RandomStringUtils.randomAlphabetic(5));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_ENABLED, "true");
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_NATURAL, 
+        StringUtils.join(mandateProfilesNat, ","));
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_EIDAS_PROXY_MANDATES_PROFILE_DEFAULT_LEGAL, 
+        StringUtils.join(mandateProfilesJur, ","));
+   
+    
+    //execute
+    controller.receiveEidasAuthnRequest(httpReq, httpResp);
+    
+    //validate state
+    ServiceProviderConfiguration spConfig = 
+        authService.getPendingReq().getServiceProviderConfiguration(ServiceProviderConfiguration.class);
+    assertNotNull("mandateprofiles", spConfig.getMandateProfiles());
+    assertFalse("mandateprofiles not empty", spConfig.getMandateProfiles().isEmpty());
+    assertEquals("mandateprofile size", 1, spConfig.getMandateProfiles().size());
+    assertEquals("mandateprofile", "MUST_BE_UPDATED", spConfig.getMandateProfiles().get(0));      
+    assertEquals("MandateMode", SpMandateModes.LEGAL, spConfig.getMandateMode());    
+    
+    assertEquals("requested IDA attributes", 7, spConfig.getRequestedAttributes().size());    
+    assertTrue("missing additional attribute", spConfig.getRequestedAttributes().stream()
+        .filter(el -> el.equals("testAttribute"))
+        .findFirst()
+        .isPresent());
+    
+  }
+  
+  
+  private void addConnectorConfig(int i, String key, String value) {
+    config.putConfigValue(MsProxyServiceConstants.CONIG_PROPS_CONNECTOR_PREFIX + String.valueOf(i)  + "." + key, 
+        value); 
+    
+  }
+  
+}
+
+
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
new file mode 100644
index 00000000..d9bc017c
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/protocol/ProxyServiceAuthenticationActionTest.java
@@ -0,0 +1,982 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test.protocol;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
+
+import java.net.URISyntaxException;
+import java.net.URLDecoder;
+import java.time.Instant;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml.saml2.core.NameIDType;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServiceAuthenticationAction;
+import at.asitplus.eidas.specific.modules.msproxyservice.protocol.ProxyServicePendingRequest;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IEidAuthData;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.slo.SloInformationInterface;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_test.xml",
+    "/spring/SpringTest-context_basic_mapConfig.xml",
+  })
+public class ProxyServiceAuthenticationActionTest {
+
+  @Autowired private MsConnectorDummyConfigMap basicConfig;
+  @Autowired private ProxyServiceAuthenticationAction action;
+  @Autowired private ApplicationContext context;
+  @Autowired EidasAttributeRegistry attrRegistry;
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private ProxyServicePendingRequest pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  private SpecificCommunicationService springManagedSpecificConnectorCommunicationService;
+  
+   
+  /**
+   * jUnit test set-up.
+   * @throws EaafException In case of an error
+   */
+  @Before
+  public void setUp() throws URISyntaxException, EaafException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint", 
+        "http://eidas.proxy/endpoint");    
+    basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", 
+        "false");
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+        
+    pendingReq = new ProxyServicePendingRequest();
+    pendingReq.initialize(httpReq, basicConfig);
+    pendingReq.setOnlineApplicationConfiguration(oaParam);
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    springManagedSpecificConnectorCommunicationService =
+        (SpecificCommunicationService) context.getBean(
+            SpecificCommunicationDefinitionBeanNames.SPECIFIC_PROXYSERVICE_COMMUNICATION_SERVICE
+                .toString());
+    
+  }
+  
+  @Test
+  public void wrongPendingRequestType() {    
+    IAuthData authData = generateDummyAuthData();
+    TestRequestImpl internalPendingReq = new TestRequestImpl();
+    
+    EaafException exception = assertThrows(EaafException.class,
+        () ->  action.processRequest(internalPendingReq, httpReq, httpResp, authData));
+    Assert.assertEquals("wrong errorCode", "eidas.proxyservice.99", exception.getErrorId());
+    
+  }
+
+  @Test
+  public void missingForwardUrl() {        
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint");
+        
+    EaafException exception = assertThrows(EaafException.class,
+        () ->  action.processRequest(pendingReq, httpReq, httpResp, authData));
+    Assert.assertEquals("wrong errorCode", "config.08", exception.getErrorId());
+    
+  }
+  
+  @Test 
+  public void responseWithoutMandate() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 4, respAttr.size());    
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, 
+        authData.getDateOfBirth());
+        
+  }
+  
+  @Test 
+  public void responseWithoutMandateAndOptionalAttributesExist() throws EaafException, SpecificCommunicationException {
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName"))
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+    attr.put("ida_birthname", RandomStringUtils.randomAlphanumeric(10));
+    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 5, respAttr.size());    
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, 
+        authData.getDateOfBirth());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, 
+        (String) attr.get("ida_birthname"));
+    
+  }
+  
+  @Test 
+  public void responseWithoutMandateAndOptionalAttributesNotExist() throws EaafException, SpecificCommunicationException {
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName"))
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));
+    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", false);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 4, respAttr.size());    
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, 
+        authData.getDateOfBirth());
+    
+  }
+  
+  
+  @Test 
+  public void responseWithNatMandate() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));        
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+        "1985-11-15");
+    
+    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 8, respAttr.size());    
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME));
+           
+  }
+  
+  @Test 
+  public void responseWithNatMandateOptionalAttribute() throws EaafException, SpecificCommunicationException {    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByName("http://eidas.europa.eu/attributes/naturalperson/BirthName"))
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    attr.put("ida_birthName_mandator", RandomStringUtils.randomAlphanumeric(10));
+    attr.put("ida_birthName", RandomStringUtils.randomAlphanumeric(10));
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+        "1985-11-15");
+    
+    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 9, respAttr.size());    
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME));
+
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_BIRTHNAME, 
+        (String) attr.get("ida_birthName_mandator"));
+    
+  }
+  
+  @Test 
+  public void responseWithJurMandate() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 6, respAttr.size());  
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+   
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
+    
+    assertNull("find nat. person subject: personalId", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+    assertNull("find nat. person subject: familyName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+    assertNull("find nat. person subject: givenName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+    assertNull("find nat. person subject: dateOfBirth", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+    
+  }
+  
+  @Test 
+  public void borisModeResponseWithJurMandate() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
+        "MUST_BE_UPDATED");
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 8, respAttr.size());  
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH, authData.getDateOfBirth());
+   
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_LEGALNAME, 
+        (String) attr.get(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME));
+    
+    checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP1");
+    checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP1");
+    
+    assertNull("find nat. person subject: personalId", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+    assertNull("find nat. person subject: familyName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+    assertNull("find nat. person subject: givenName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+    assertNull("find nat. person subject: dateOfBirth", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+    
+  }
+  
+  @Test 
+  public void borisModeResponseWithJurMandate2() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME,
+        "SECOND");
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 8, respAttr.size());  
+    
+    checkAttrValue(respAttr, "eJusticeLegalPersonRole", "VIP2");
+    checkAttrValue(respAttr, "eJusticeNaturalPersonRole", "VIP2");
+
+    
+  }
+  
+  @Test 
+  public void borisModeNoMandateType() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 6, respAttr.size());  
+    
+  }
+  
+  @Test 
+  public void borisModeEmptyMandateType() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, "");
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 6, respAttr.size());  
+    
+  }
+  
+  @Test 
+  public void borisModeUnknownMandateType() throws EaafException, SpecificCommunicationException {
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_TYPE_NAME, RandomStringUtils.randomAlphanumeric(10));
+    
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeLegalPersonRole").first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName("eJusticeNaturalPersonRole").first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+    
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 6, respAttr.size());  
+    
+  }
+  
+  @Test
+  public void responseWithNatMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
+    basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", 
+        "true");
+        
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BPK_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_GIVEN_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_FAMILY_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_NAT_PER_BIRTHDATE_NAME,
+        "1985-11-15");
+    
+    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 8, respAttr.size());    
+            
+  }
+  
+  @Test
+  public void responseWithJurMandateWithWorkAround() throws EaafException, SpecificCommunicationException {
+    basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", 
+        "true");
+    
+    //request natural person subject only
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+        
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 10, respAttr.size());  
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, 
+        (String) attr.get(PvpAttributeDefinitions.BPK_NAME));
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, authData.getFamilyName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, authData.getGivenName());
+    checkAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH, authData.getDateOfBirth());
+   
+  }
+  
+  @Test
+  public void responseWithJurMandateWithWorkAroundNoNatSubject() throws EaafException, SpecificCommunicationException {
+    basicConfig.putConfigValue("auth.eIDAS.proxy.workaround.mandates.legalperson", 
+        "true");
+    
+    //request natural person subject only
+    LightRequest.Builder eidasRequestBuilder = generateBasicLightRequest();
+    eidasRequestBuilder.requestedAttributes(ImmutableAttributeMap.builder()
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALPERSONIDENTIFIER).first())
+        .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_LEGALNAME).first())
+        .build());
+    pendingReq.setEidasRequest(eidasRequestBuilder.build());
+        
+    Map<String, Object> attr = new HashMap<>();
+    attr.put(PvpAttributeDefinitions.BPK_NAME, 
+        "AT+XX:" + RandomStringUtils.randomAlphanumeric(10));    
+    IAuthData authData = generateDummyAuthData(attr , EaafConstants.EIDAS_LOA_HIGH,
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1945-04-18", true);
+    
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    attr.put(PvpAttributeDefinitions.MANDATE_LEG_PER_FULL_NAME_NAME,
+        RandomStringUtils.randomAlphabetic(10));
+    
+    //perform test
+    SloInformationInterface result = action.processRequest(pendingReq, httpReq, httpResp, authData);
+    
+    //validate state
+    Assert.assertNotNull("Result should be not null", result);
+    
+    ImmutableAttributeMap respAttr = validateBasicEidasResponse(authData);
+    assertEquals("wrong attr. size", 6, respAttr.size());     
+    assertNull("find nat. person subject: personalId", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER));
+    assertNull("find nat. person subject: familyName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME));
+    assertNull("find nat. person subject: givenName", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME));
+    assertNull("find nat. person subject: dateOfBirth", 
+        getAttrValue(respAttr, EidasConstants.eIDAS_ATTR_DATEOFBIRTH));
+    
+  }
+  
+  @Test
+  public void checkBasicConstrainsInAction() {
+    
+    Assert.assertTrue("Wrong NeedAuthentication", action.needAuthentication(pendingReq, httpReq, httpResp));
+    Assert.assertNotNull("Missing ActionName", action.getDefaultActionName());
+    
+    Assert.assertNotNull("missing ActionBean", context.getBean(ProxyServiceAuthenticationAction.class));
+    
+  }
+  
+  private IAuthData generateDummyAuthData() {
+    return generateDummyAuthData(new HashMap<>(), EaafConstants.EIDAS_LOA_LOW, 
+        RandomStringUtils.randomAlphanumeric(10), RandomStringUtils.randomAlphanumeric(10), "1940-01-01", false);
+    
+  }
+  
+  private Object getAttrValue(ImmutableAttributeMap respAttr, String attrName) {
+    final AttributeDefinition<?> attrDef = 
+        attrRegistry.getCoreAttributeRegistry().getByFriendlyName(attrName).first();
+    return respAttr.getFirstValue(attrDef); 
+    
+  }
+  
+  private void checkAttrValue(ImmutableAttributeMap respAttr, String attrName, String expected) {
+    Object value = getAttrValue(respAttr, attrName);  
+    assertNotNull("not attr value: " + attrName, value);
+   
+    if (value instanceof String) {
+      assertEquals("wrong attr. value: " + attrName, expected, value);
+     
+    } else if ( value instanceof DateTime) {
+      assertEquals("wrong attr. value: " + attrName, expected, ((DateTime)value).toString("yyyy-MM-dd"));
+          
+    }       
+  }
+  
+  private ImmutableAttributeMap validateBasicEidasResponse(IAuthData authData) throws SpecificCommunicationException {
+    assertNotNull("not redirct Header", httpResp.getHeader("Location"));
+    assertTrue("wrong redirect URL", httpResp.getHeader("Location").startsWith("http://eidas.proxy/endpoint?token="));    
+    String token = httpResp.getHeader("Location").substring("http://eidas.proxy/endpoint?token=".length());
+    
+    ILightResponse resp = springManagedSpecificConnectorCommunicationService.getAndRemoveResponse(URLDecoder.decode(token), 
+        ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));    
+    
+    assertNotNull("responseId", resp.getId());
+    assertEquals("inResponseTo", pendingReq.getEidasRequest().getId(), resp.getInResponseToId());
+    assertEquals("relayState", pendingReq.getEidasRequest().getRelayState(), resp.getRelayState());
+    assertEquals("LoA", authData.getEidasQaaLevel(), resp.getLevelOfAssurance());
+    
+    assertNotNull("subjectNameId", resp.getSubject());
+    assertEquals("subjectNameIdFormat", NameIDType.TRANSIENT, resp.getSubjectNameIdFormat());
+    
+    assertFalse("not attributes", resp.getAttributes().isEmpty());    
+    return resp.getAttributes();
+    
+  }
+  
+  private Builder generateBasicLightRequest() {
+    return LightRequest.builder()
+        .id(UUID.randomUUID().toString())
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .citizenCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .spCountryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .spType("public")
+        .requesterId(RandomStringUtils.randomAlphanumeric(10))
+        .providerName(RandomStringUtils.randomAlphanumeric(10))
+        .requestedAttributes(ImmutableAttributeMap.builder()    
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first())
+            .put(attrRegistry.getCoreAttributeRegistry().getByFriendlyName(EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first())
+            .build()
+         );
+  }
+  
+  private IAuthData generateDummyAuthData(Map<String, Object> attrs, String loa, String familyName, String givenName, String dateOfBirth, 
+      boolean useMandates) {
+    attrs.put(PvpAttributeDefinitions.BIRTHDATE_NAME, dateOfBirth);
+    attrs.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, givenName);
+    attrs.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, familyName);
+    
+    return new IEidAuthData() {
+      
+      @Override
+      public boolean isSsoSession() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isForeigner() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isBaseIdTransferRestrication() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Instant getSsoSessionValidTo() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getSessionIndex() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNameIdFormat() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNameID() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public IIdentityLink getIdentityLink() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIdentificationValue() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIdentificationType() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getGivenName() {
+        return givenName;
+      }
+      
+      @Override
+      public <T> T getGenericData(String key, Class<T> clazz) {
+        if (attrs.containsKey(key)) {
+          return (T) attrs.get(key);
+          
+        } else {
+          return null;  
+        }
+        
+      }
+      
+      @Override
+      public String getDateOfBirth() {
+        return dateOfBirth;
+      }
+      
+      @Override
+      public String getFamilyName() {
+        return familyName;
+      }
+      
+      @Override
+      public String getEncryptedSourceIdType() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getEncryptedSourceId() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getEidasQaaLevel() {
+        return loa;
+        
+      }
+      
+      
+      @Override
+      public String getCiticenCountryCode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getBpkType() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getBpk() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAuthenticationIssuer() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAuthenticationIssueInstantString() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Instant getAuthenticationIssueInstant() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+
+      @Override
+      public byte[] getSignerCertificate() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+
+      @Override
+      public byte[] getEidToken() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+
+      @Override
+      public EidIdentityStatusLevelValues getEidStatus() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+
+      @Override
+      public String getVdaEndPointUrl() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+
+      @Override
+      public boolean isUseMandate() {
+        return useMandates;
+        
+      }
+
+      @Override
+      public String getDateOfBirthFormated(String pattern) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+    };
+    
+  }
+}
diff --git a/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java
new file mode 100644
index 00000000..b6b8a8df
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/java/at/asitplus/eidas/specific/modules/msproxyservice/test/services/ProxyEidasAttributeRegistryTest.java
@@ -0,0 +1,162 @@
+package at.asitplus.eidas.specific.modules.msproxyservice.test.services;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.Set;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.modules.msproxyservice.service.ProxyEidasAttributeRegistry;
+import lombok.NonNull;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/spring/SpringTest-context_basic_test.xml",
+    "/spring/SpringTest-context_basic_mapConfig.xml",
+  })
+@EnableWebMvc
+public class ProxyEidasAttributeRegistryTest {
+  
+  @Autowired ProxyEidasAttributeRegistry attrRegistry;
+
+  @Test
+  public void checkDefaultAttributes() {    
+    assertEquals("default attributes without mandates", 2,
+        attrRegistry.getAlwaysRequestedAttributes(false).count());    
+    assertEquals("default attributes with mandates", 4,
+        attrRegistry.getAlwaysRequestedAttributes(true).count());
+    
+  }
+  
+  @Test
+  public void eidasAttributeMapping() {
+    checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", false, 
+        Arrays.asList("urn:oid:1.2.40.0.10.2.1.1.149"));
+    checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", true, 
+        Arrays.asList("urn:oid:1.2.40.0.10.2.1.1.149", "urn:oid:1.2.40.0.10.2.1.1.261.98"));
+          
+  }
+  
+  @Test
+  public void eidasAttributeMappingMandateOnly() {
+    checkAttributeMapping("http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", false, 
+        Arrays.asList( 
+            "urn:oid:1.2.40.0.10.2.1.1.149", 
+            "urn:oid:2.5.4.42", 
+            "urn:oid:1.2.40.0.10.2.1.1.261.20", 
+            "urn:oid:1.2.40.0.10.2.1.1.55"));
+    checkAttributeMapping("http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier", true, 
+        Arrays.asList(
+            "urn:oid:1.2.40.0.10.2.1.1.261.100", 
+            "urn:oid:1.2.40.0.10.2.1.1.149", 
+            "urn:oid:2.5.4.42", 
+            "urn:oid:1.2.40.0.10.2.1.1.261.20", 
+            "urn:oid:1.2.40.0.10.2.1.1.55"));
+          
+  }
+
+  @Test
+  public void eidasAttributeMappingWithNoIdaAttribute() {
+    checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", false, 
+        Collections.emptyList());
+    checkAttributeMapping("http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", true, 
+        Collections.emptyList());
+          
+  }
+  
+  @Test
+  public void unknownEidasAttribute() {
+    checkAttributeMapping("http://eidas.europa.eu/attributes/jUnit/not/exits", false, 
+        Collections.emptyList());
+    checkAttributeMapping("http://eidas.europa.eu/attributes/jUnit/not/exits", true, 
+        Collections.emptyList());
+          
+  }
+  
+  @Test
+  public void unknownEidasAttribute2() {
+    checkAttributeMapping(RandomStringUtils.randomAlphabetic(10), false, 
+        Collections.emptyList());
+    checkAttributeMapping(RandomStringUtils.randomAlphabetic(10), true, 
+        Collections.emptyList());
+          
+  }
+  
+  @Test
+  public void attributeResponseMapping() {    
+    assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", false).isPresent());
+    assertFalse("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth", true).isPresent());
+    
+    
+    Optional<String> attr1 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/BirthName", false);
+    assertTrue("find wrong IDA mapping", attr1.isPresent());
+    assertEquals("find wrong IDA mapping value", "ida_birthname", attr1.get());
+    
+    Optional<String> attr2 = attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/BirthName", true);
+    assertTrue("find wrong IDA mapping", attr2.isPresent());
+    assertEquals("find wrong IDA mapping value", "ida_birthName_mandator", attr2.get());
+    
+    
+    assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", false).isPresent());
+    assertTrue("find wrong IDA mapping", attrRegistry.mapEidasAttributeToSpecificIdaAttribute(
+        "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier", true).isPresent());
+        
+  }
+  
+  @Test
+  public void defaultRepresentativeAttributes() {    
+    assertEquals("wrong number of rep. attributes", 4, 
+        attrRegistry.getRepresentativeAttributesToAddByDefault().count());
+    
+  }
+  
+  @Test
+  public void specificAttributeHandler() {        
+    assertFalse("find wrong attribute", 
+        attrRegistry.mapEidasAttributeToAttributeHandler(
+            "http://eidas.europa.eu/attributes/jUnit/no/custom/handler").isPresent());
+    
+    assertFalse("find wrong attribute", 
+        attrRegistry.mapEidasAttributeToAttributeHandler(
+            "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth").isPresent());
+    
+    assertFalse("find wrong attribute", 
+        attrRegistry.mapEidasAttributeToAttributeHandler(
+            "http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist").isPresent());            
+    
+    Optional<String> attr2 = attrRegistry.mapEidasAttributeToAttributeHandler(
+        "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole");
+    assertTrue("find wrong IDA mapping", attr2.isPresent());
+    assertEquals("find wrong specific attribute-handler", 
+        "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler", attr2.get());
+    
+  }
+  
+  
+  private void checkAttributeMapping(String eidasAttr, boolean withMandates, List<String> idaAttributes) {    
+    @NonNull
+    Set<String> idaAttrResult = attrRegistry.getIdaAttributesForEidasAttribute(eidasAttr, withMandates);
+    assertEquals("wrong number of IDA attributes", idaAttributes.size(), idaAttrResult.size());
+    idaAttributes.forEach(
+        el -> assertTrue("missing: " + el, idaAttrResult.contains(el)));
+            
+  }
+  
+}
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
new file mode 100644
index 00000000..c7b40d90
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/additional-attributes.xml
@@ -0,0 +1,68 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+#   Copyright (c) 2017 European Commission  
+#   Licensed under the EUPL, Version 1.2 or – as soon they will be 
+#   approved by the European Commission - subsequent versions of the 
+#    EUPL (the "Licence"); 
+#    You may not use this work except in compliance with the Licence. 
+#    You may obtain a copy of the Licence at: 
+#    * https://joinup.ec.europa.eu/page/eupl-text-11-12  
+#    *
+#    Unless required by applicable law or agreed to in writing, software 
+#    distributed under the Licence is distributed on an "AS IS" basis, 
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
+#    See the Licence for the specific language governing permissions and limitations under the Licence.
+ -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>Dynamic attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry>
+    <entry key="1.FriendlyName">AdditionalAttribute</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">false</entry>
+    <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="1.XmlType.LocalPart">string</entry>
+    <entry key="1.XmlType.NamespacePrefix">xs</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry>
+    <entry key="2.FriendlyName">LegalAdditionalAttribute</entry>
+    <entry key="2.PersonType">LegalPerson</entry>
+    <entry key="2.Required">false</entry>
+    <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="2.XmlType.LocalPart">string</entry>
+    <entry key="2.XmlType.NamespacePrefix">xs</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="3.NameUri">http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole</entry>
+    <entry key="3.FriendlyName">eJusticeNaturalPersonRole</entry>
+    <entry key="3.PersonType">NaturalPerson</entry>
+    <entry key="3.Required">false</entry>
+    <entry key="3.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="3.XmlType.LocalPart">string</entry>
+    <entry key="3.XmlType.NamespacePrefix">xs</entry>
+    <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="4.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole</entry>
+    <entry key="4.FriendlyName">eJusticeLegalPersonRole</entry>
+    <entry key="4.PersonType">LegalPerson</entry>
+    <entry key="4.Required">false</entry>
+    <entry key="4.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="4.XmlType.LocalPart">string</entry>
+    <entry key="4.XmlType.NamespacePrefix">xs</entry>
+    <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="5.NameUri">http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist</entry>
+    <entry key="5.FriendlyName">eJusticeLegalPersonRole</entry>
+    <entry key="5.PersonType">LegalPerson</entry>
+    <entry key="5.Required">false</entry>
+    <entry key="5.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="5.XmlType.LocalPart">string</entry>
+    <entry key="5.XmlType.NamespacePrefix">xs</entry>
+    <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+
+
+</properties>
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml b/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml
new file mode 100644
index 00000000..cbae35db
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/eidas-attributes.xml
@@ -0,0 +1,376 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+#   Copyright (c) 2017 European Commission  
+#   Licensed under the EUPL, Version 1.2 or – as soon they will be 
+#   approved by the European Commission - subsequent versions of the 
+#    EUPL (the "Licence"); 
+#    You may not use this work except in compliance with the Licence. 
+#    You may obtain a copy of the Licence at: 
+#    * https://joinup.ec.europa.eu/page/eupl-text-11-12  
+#    *
+#    Unless required by applicable law or agreed to in writing, software 
+#    distributed under the Licence is distributed on an "AS IS" basis, 
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
+#    See the Licence for the specific language governing permissions and limitations under the Licence.
+ -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>eIDAS attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry>
+    <entry key="1.FriendlyName">PersonIdentifier</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">true</entry>
+    <entry key="1.UniqueIdentifier">true</entry>
+    <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry>
+    <entry key="2.FriendlyName">FamilyName</entry>
+    <entry key="2.PersonType">NaturalPerson</entry>
+    <entry key="2.Required">true</entry>
+    <entry key="2.TransliterationMandatory">true</entry>
+    <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry>
+    <entry key="3.FriendlyName">FirstName</entry>
+    <entry key="3.PersonType">NaturalPerson</entry>
+    <entry key="3.Required">true</entry>
+    <entry key="3.TransliterationMandatory">true</entry>
+    <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry>
+    <entry key="4.FriendlyName">DateOfBirth</entry>
+    <entry key="4.PersonType">NaturalPerson</entry>
+    <entry key="4.Required">true</entry>
+    <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="4.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry>
+    <entry key="5.FriendlyName">BirthName</entry>
+    <entry key="5.PersonType">NaturalPerson</entry>
+    <entry key="5.Required">false</entry>
+    <entry key="5.TransliterationMandatory">true</entry>
+    <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="5.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry>
+    <entry key="6.FriendlyName">PlaceOfBirth</entry>
+    <entry key="6.PersonType">NaturalPerson</entry>
+    <entry key="6.Required">false</entry>
+    <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry>
+    <entry key="7.FriendlyName">CurrentAddress</entry>
+    <entry key="7.PersonType">NaturalPerson</entry>
+    <entry key="7.Required">false</entry>
+    <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="7.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry>
+    <entry key="8.FriendlyName">Gender</entry>
+    <entry key="8.PersonType">NaturalPerson</entry>
+    <entry key="8.Required">false</entry>
+    <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="8.XmlType.LocalPart">GenderType</entry>
+    <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry>
+    <entry key="9.FriendlyName">LegalPersonIdentifier</entry>
+    <entry key="9.PersonType">LegalPerson</entry>
+    <entry key="9.Required">true</entry>
+    <entry key="9.UniqueIdentifier">true</entry>
+    <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry>
+    <entry key="10.FriendlyName">LegalName</entry>
+    <entry key="10.PersonType">LegalPerson</entry>
+    <entry key="10.Required">true</entry>
+    <entry key="10.TransliterationMandatory">true</entry>
+    <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="10.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry>
+    <entry key="11.FriendlyName">LegalAddress</entry>
+    <entry key="11.PersonType">LegalPerson</entry>
+    <entry key="11.Required">false</entry>
+    <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry>
+    <entry key="12.FriendlyName">VATRegistration</entry>
+    <entry key="12.PersonType">LegalPerson</entry>
+    <entry key="12.Required">false</entry>
+    <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry>
+    <entry key="13.FriendlyName">TaxReference</entry>
+    <entry key="13.PersonType">LegalPerson</entry>
+    <entry key="13.Required">false</entry>
+    <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="13.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry>
+    <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry>
+    <entry key="14.PersonType">LegalPerson</entry>
+    <entry key="14.Required">false</entry>
+    <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry>
+    <entry key="15.FriendlyName">LEI</entry>
+    <entry key="15.PersonType">LegalPerson</entry>
+    <entry key="15.Required">false</entry>
+    <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="15.XmlType.LocalPart">LEIType</entry>
+    <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry>
+    <entry key="16.FriendlyName">EORI</entry>
+    <entry key="16.PersonType">LegalPerson</entry>
+    <entry key="16.Required">false</entry>
+    <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="16.XmlType.LocalPart">EORIType</entry>
+    <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry>
+    <entry key="17.FriendlyName">SEED</entry>
+    <entry key="17.PersonType">LegalPerson</entry>
+    <entry key="17.Required">false</entry>
+    <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="17.XmlType.LocalPart">SEEDType</entry>
+    <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry>
+    <entry key="18.FriendlyName">SIC</entry>
+    <entry key="18.PersonType">LegalPerson</entry>
+    <entry key="18.Required">false</entry>
+    <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="18.XmlType.LocalPart">SICType</entry>
+    <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry>
+    <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry>
+    <entry key="19.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="19.Required">false</entry>
+    <entry key="19.UniqueIdentifier">true</entry>
+    <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry>
+    <entry key="20.FriendlyName">RepresentativeFamilyName</entry>
+    <entry key="20.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="20.Required">false</entry>
+    <entry key="20.TransliterationMandatory">true</entry>
+    <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry>
+    <entry key="21.FriendlyName">RepresentativeFirstName</entry>
+    <entry key="21.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="21.Required">false</entry>
+    <entry key="21.TransliterationMandatory">true</entry>
+    <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry>
+    <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry>
+    <entry key="22.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="22.Required">false</entry>
+    <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="22.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry>
+    <entry key="23.FriendlyName">RepresentativeBirthName</entry>
+    <entry key="23.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="23.Required">false</entry>
+    <entry key="23.TransliterationMandatory">true</entry>
+    <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="23.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry>
+    <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry>
+    <entry key="24.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="24.Required">false</entry>
+    <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry>
+    <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry>
+    <entry key="25.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="25.Required">false</entry>
+    <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="25.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry>
+    <entry key="26.FriendlyName">RepresentativeGender</entry>
+    <entry key="26.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="26.Required">false</entry>
+    <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="26.XmlType.LocalPart">GenderType</entry>
+    <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry>
+    <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry>
+    <entry key="27.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="27.Required">false</entry>
+    <entry key="27.UniqueIdentifier">true</entry>
+    <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry>
+    <entry key="28.FriendlyName">RepresentativeLegalName</entry>
+    <entry key="28.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="28.Required">false</entry>
+    <entry key="28.TransliterationMandatory">true</entry>
+    <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="28.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="29.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="29.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="29.Required">false</entry>
+    <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="30.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="30.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="30.Required">false</entry>
+    <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry>
+    <entry key="31.FriendlyName">RepresentativeTaxReference</entry>
+    <entry key="31.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="31.Required">false</entry>
+    <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="31.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry>
+    <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry>
+    <entry key="32.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="32.Required">false</entry>
+    <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry>
+    <entry key="33.FriendlyName">RepresentativeLEI</entry>
+    <entry key="33.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="33.Required">false</entry>
+    <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="33.XmlType.LocalPart">LEIType</entry>
+    <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry>
+    <entry key="34.FriendlyName">RepresentativeEORI</entry>
+    <entry key="34.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="34.Required">false</entry>
+    <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="34.XmlType.LocalPart">EORIType</entry>
+    <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry>
+    <entry key="35.FriendlyName">RepresentativeSEED</entry>
+    <entry key="35.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="35.Required">false</entry>
+    <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="35.XmlType.LocalPart">SEEDType</entry>
+    <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry>
+    <entry key="36.FriendlyName">RepresentativeSIC</entry>
+    <entry key="36.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="36.Required">false</entry>
+    <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="36.XmlType.LocalPart">SICType</entry>
+    <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="39.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="39.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="39.Required">false</entry>
+    <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="40.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="40.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="40.Required">false</entry>
+    <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+
+</properties>
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json
new file mode 100644
index 00000000..96034d12
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/idaAttributeMapping.json
@@ -0,0 +1,215 @@
+[
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier",
+    "idaAttribute": {
+      "basic": "urn:oid:1.2.40.0.10.2.1.1.149",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.98"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName",
+    "idaAttribute": {
+      "basic": "urn:oid:2.5.4.42",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.78"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName",
+    "idaAttribute": {
+      "basic": "urn:oid:1.2.40.0.10.2.1.1.261.20",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.80"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/DateOfBirth",
+    "idaAttribute": {
+      "basic": "urn:oid:1.2.40.0.10.2.1.1.55",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.82"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth",
+    "idaAttribute": {},
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/BirthName",
+    "idaAttribute": {
+      "basic": "ida_birthname",
+      "withMandates": "ida_birthName_mandator"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.100"
+    },
+    "addionalRequiredAttributes" : [
+      "urn:oid:1.2.40.0.10.2.1.1.149", 
+      "urn:oid:2.5.4.42", 
+      "urn:oid:1.2.40.0.10.2.1.1.261.20", 
+      "urn:oid:1.2.40.0.10.2.1.1.55"
+    ],
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/legalperson/LegalName",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.84"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": false
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.149"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": true
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.20"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": true
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName",
+    "idaAttribute": {
+      "withMandates": "urn:oid:2.5.4.42"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": true
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.55"
+    },
+    "type": {
+      "mds": true,
+      "autoIncludeWithMandates": true
+    }
+  },
+  {
+    "eidasAttribute": "http://e-justice.europa.eu/attributes/naturalperson/eJusticeNaturalPersonRole",
+    "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler",
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  },  
+  {
+    "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticeLegalPersonRole",
+    "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.EJusticePersonRoleHandler",
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  },  
+  {
+    "eidasAttribute": "http://e-justice.europa.eu/attributes/legalperson/eJusticePersonRoleNotExist",
+    "specificAttributeHandlerClass": "at.asitplus.eidas.specific.modules.msproxyservice.handler.notExist",
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  },    
+  {
+    "eidasAttribute": "*",
+    "idaAttribute": {
+      "basic": "urn:oid:1.2.40.0.10.2.1.1.261.32",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.32"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false      
+    }
+  },
+  {
+    "eidasAttribute": "*",
+    "idaAttribute": {
+      "basic": "urn:oid:1.2.40.0.10.2.1.1.261.108",
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.108"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false  
+    }
+  },
+  {
+    "eidasAttribute": "*",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.68"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false  
+    }
+  },
+  {
+    "eidasAttribute": "*",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false  
+    }
+  },
+  {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/jUnit/not/exits",
+    "idaAttribute": {
+      "withMandates": "urn:oid:1.2.40.0.10.2.1.1.261.106"
+    },
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false  
+    }
+  },
+    {
+    "eidasAttribute": "http://eidas.europa.eu/attributes/jUnit/no/custom/handler",
+    "specificAttributeHandlerClass": "",
+    "type": {
+      "mds": false,
+      "autoIncludeWithMandates": false
+    }
+  }
+]
\ No newline at end of file
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
new file mode 100644
index 00000000..90b44868
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_1.properties
@@ -0,0 +1,19 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=http://localhost
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy
+eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=http://eidas.proxy/endpoint
+
+eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=idaAttributeMapping.json
+
+
+#############################################################################
+## advanced eIDAS attribute processing
+
+# BORIS attribute for eJustice
+eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED
+eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal
+eidas.ms.advanced.attributes.ejusticerole.additional.ida.attributes=testAttribute
+eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1
+eidas.ms.advanced.attributes.ejusticerole.value.2=SECOND=VIP2
diff --git a/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties
new file mode 100644
index 00000000..8963129e
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/config/junit_config_2.properties
@@ -0,0 +1,18 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=http://localhost
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.auth.eIDAS.node_v2.proxy.entityId=ownSpecificProxy
+eidas.ms.auth.eIDAS.node_v2.proxy.forward.endpoint=http://eidas.proxy/endpoint
+
+eidas.ms.auth.eIDAS.proxy.attribute.mapping.config=idaAttributeMapping.json
+
+
+#############################################################################
+## advanced eIDAS attribute processing
+
+# BORIS attribute for eJustice
+eidas.ms.advanced.attributes.ejusticerole.mandate.profiles=MUST_BE_UPDATED
+eidas.ms.advanced.attributes.ejusticerole.mandate.mode=legal
+eidas.ms.advanced.attributes.ejusticerole.value.1=MUST_BE_UPDATED=VIP1
+eidas.ms.advanced.attributes.ejusticerole.value.2=SECOND=VIP2
diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
new file mode 100644
index 00000000..fe9ff441
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+  <bean id="dummyMapBasedConfiguration"
+        class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap">
+    <constructor-arg value="/config/junit_config_1.properties" />
+    <property name="configRootDirSufix" value="src/test/resources/config" />
+  </bean>
+
+</beans>
\ No newline at end of file
diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml
new file mode 100644
index 00000000..dfe98ea5
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_mapConfig2.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+  <bean id="dummyMapBasedConfiguration"
+        class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap">
+    <constructor-arg value="/config/junit_config_2.properties" />
+    <property name="configRootDirSufix" value="src/test/resources/config" />
+  </bean>
+
+</beans>
\ No newline at end of file
diff --git a/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml
new file mode 100644
index 00000000..0b7540f5
--- /dev/null
+++ b/modules/eidas_proxy-sevice/src/test/resources/spring/SpringTest-context_basic_test.xml
@@ -0,0 +1,34 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+
+  <import resource="classpath:/SpringTest-context_authManager.xml" />
+  <import resource="classpath:/spring/eidas_proxy-service.beans.xml"/>
+
+  <bean id="springManagedSpecificProxyserviceCommunicationService"
+        class="at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService" />
+
+ <bean id="mvcGUIBuilderImpl"
+    class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" />
+
+  <bean id="specificConnectorAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/eidas-attributes.xml" />
+  </bean>
+
+  <bean id="specificConnectorAdditionalAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/additional-attributes.xml" />
+  </bean>
+
+</beans>
\ No newline at end of file