From 58b3c1c2d7a27775af8c0b7c9d12dea08aa575fa Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 19 Jan 2021 10:37:45 +0100
Subject: build 'requesterId' for private-sector SP's based on hashed unique
 AppIds set 'requesterId' and 'providerName' to static value for any type of
 SP

---
 basicConfig/default_config.properties              |   3 +
 .../src/main/resources/application.properties      |  21 ++-
 .../specific/modules/auth/eidas/v2/Constants.java  |  14 +-
 .../eidas/v2/handler/AbstractEidProcessor.java     | 132 +++++++++++-------
 .../auth/eidas/v2/handler/LuEidProcessor.java      |  61 +++++++++
 .../src/main/resources/eidas_v2_auth.beans.xml     |   5 +
 .../test/tasks/GenerateAuthnRequestTaskTest.java   | 148 ++++++++++++++++++++-
 .../EidasRequestPreProcessingFirstTest.java        |   3 +-
 .../EidasRequestPreProcessingSecondTest.java       |  48 +++++++
 .../resources/SpringTest-context_basic_test.xml    |   5 +
 10 files changed, 381 insertions(+), 59 deletions(-)
 create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java

diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties
index 8a1bc3a0..ad883284 100644
--- a/basicConfig/default_config.properties
+++ b/basicConfig/default_config.properties
@@ -31,6 +31,9 @@ eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
 eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
 eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
 
+## eIDAS Request configuration
+eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=Austria
+
 
 ## E-AuthBlock configuration
 eidas.ms.auth.eIDAS.authblock.keystore.type=jks
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index b13b6c18..b92102ed 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -51,10 +51,23 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
 eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
-eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+
+## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate
 eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
-eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+## use hashed version of unique SP-Identifier as requesterId
+eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm=true
+
+## user static requesterId for all SP's in case of LU
+eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
+
+ 
+## set provider name for all public SPs
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
+
+
 
 eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
 
@@ -92,6 +105,10 @@ eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
 eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false
 eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
 
+
+
+
+
 ##without mandates
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index cdc17654..c175d999 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -56,15 +56,21 @@ public class Constants {
       CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";
   public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =
       CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation";
+  
+  public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION =
+      CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";
+  public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX =
+      CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll";
+  
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME =
-      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";
+      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";  
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =
       CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
-  public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP =
-      CONIG_PROPS_EIDAS_NODE + ".workarounds.useStaticProviderNameForPublicSPs";
+  
+  
   public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE
       + ".staticProviderNameForPublicSPs";
-  public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "ERnP";
+  public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria";
 
   public static final String FORWARD_METHOD_POST = "POST";
   public static final String FORWARD_METHOD_GET = "GET";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
index 42dbfeac..90be9a7a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
@@ -23,6 +23,10 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
 
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Base64;
 import java.util.Map;
 import java.util.regex.Matcher;
 import java.util.regex.Pattern;
@@ -66,7 +70,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) {
 
     buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder);
-    buildProviderNameAttribute(pendingReq, authnRequestBuilder);
+    buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder);
     buildRequestedAttributes(authnRequestBuilder);
 
   }
@@ -272,6 +276,83 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
 
   }
 
+  /**
+   * Set ProviderName and RequestId into eIDAS AuthnRequest.
+   * 
+   * @param pendingReq Current pendingRequest
+   * @param authnRequestBuilder AuthnREquest builer
+   */
+  protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+    final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+
+    // set correct SPType for requested target sector
+    final String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
+        Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
+        Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
+    final Pattern p = Pattern.compile(publicSectorTargetSelector);
+    final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
+    if (m.matches()) {
+      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
+      authnRequestBuilder.spType(SpType.PUBLIC.getValue());
+
+      final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+      if (basicConfig.getBasicConfigurationBoolean(
+              Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
+              false)) {
+        //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for
+        if (StringUtils.isNotEmpty(providerName)) {
+          log.debug("Set 'providername' to: {}", providerName);
+          authnRequestBuilder.providerName(providerName);  
+          
+        } else {
+          authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
+              Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+              Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
+          
+        }                 
+      }
+
+    } else {
+      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
+      authnRequestBuilder.spType(SpType.PRIVATE.getValue());
+
+      // TODO: switch to RequesterId in further version
+      // set provider name for private sector applications
+      final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+      if (StringUtils.isNotEmpty(providerName)) {
+        authnRequestBuilder.providerName(providerName);
+                      
+      }
+      
+      authnRequestBuilder.requesterId(
+          generateRequesterId(pendingReq.getRawData(Constants.DATA_REQUESTERID, String.class)));
+            
+    }
+  }
+  
+  private String generateRequesterId(String requesterId) {
+    if (requesterId != null && basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION, true)) {            
+      try {
+        log.trace("Building hashed 'requesterId' for private SP ... ");
+        MessageDigest digest = MessageDigest.getInstance("SHA-256");
+        String encodedRequesterId = Base64.getEncoder().encodeToString(
+            digest.digest(requesterId.getBytes(StandardCharsets.UTF_8)));                
+        log.debug("Set 'requesterId' for: {} to: {}", requesterId, encodedRequesterId);
+        return encodedRequesterId;
+        
+      } catch (NoSuchAlgorithmException e) {
+        log.error("Can NOT generate hashed 'requesterId' from: {}. Use it as it is", requesterId, e);
+        
+      }
+            
+    }
+    
+    return requesterId;
+    
+  }
+
+
   private void buildRequestedAttributes(Builder authnRequestBuilder) {
     // build and add requested attribute set
     final Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes();
@@ -308,55 +389,6 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
     return builder.build();
 
   }
-
-  private void buildProviderNameAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
-    final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
-
-    // set correct SPType for requested target sector
-    final String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
-        Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
-        Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
-    final Pattern p = Pattern.compile(publicSectorTargetSelector);
-    final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
-    if (m.matches()) {
-      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
-      authnRequestBuilder.spType(SpType.PUBLIC.getValue());
-
-      if (basicConfig.getBasicConfigurationBoolean(
-          Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
-          true)) {
-        authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
-            Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
-            Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
-
-      } else {
-        // TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for
-        // any SPType
-        final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
-        if (StringUtils.isNotEmpty(providerName)
-            && basicConfig.getBasicConfigurationBoolean(
-                Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
-                false)) {
-          authnRequestBuilder.providerName(providerName);
-
-        }
-      }
-
-    } else {
-      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
-      authnRequestBuilder.spType(SpType.PRIVATE.getValue());
-
-      // TODO: switch to RequesterId in further version
-      // set provider name for private sector applications
-      final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
-      if (StringUtils.isNotEmpty(providerName)) {
-        authnRequestBuilder.providerName(providerName);
-        authnRequestBuilder.requesterId(providerName);
-        
-      }
-
-    }
-  }
   
   private void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {
     // TODO: set matching mode if eIDAS ref. impl. support this method
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java
new file mode 100644
index 00000000..8402457f
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java
@@ -0,0 +1,61 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class LuEidProcessor extends AbstractEidProcessor {
+
+  
+  
+  private static final String canHandleCC = "LU";
+
+  @Getter
+  @Setter
+  private int priority = 1;
+  
+  @Override
+  public String getName() {
+    return "LU-PostProcessor";
+    
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+    
+  }
+
+  @Override
+  protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+    super.buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder);    
+    if (basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX, true)) {      
+      String staticName = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+          Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP);                
+      authnRequestBuilder.providerName(staticName);
+      authnRequestBuilder.requesterId(staticName);
+      log.debug("Use static name: {} as 'providerName' and 'RequesterId' for all 'LU' requests ", staticName);
+                 
+    } else { 
+      log.info("Static 'providerName' and 'RequesterId' for country: LU is deactivated");
+      
+    }
+    
+  }
+  
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return new HashMap<>();
+    
+  }
+
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 6cc704ab..3b0cee54 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -69,6 +69,11 @@
     <property name="priority" value="1" />
   </bean>
 
+  <bean id="LU-Processor"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
   <bean id="Default-Processor"
     class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
     <property name="priority" value="0" />
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
index c416b515..f796bd86 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -83,6 +83,7 @@ public class GenerateAuthnRequestTaskTest {
     pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
     pendingReq.setAuthUrl("http://test.com/");
 
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "true");
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", 
         RandomStringUtils.randomAlphabetic(10));
     basicConfig.putConfigValue(
@@ -297,7 +298,7 @@ public class GenerateAuthnRequestTaskTest {
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
     basicConfig.putConfigValue(
-        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderNames", "true");
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
     
@@ -365,6 +366,101 @@ public class GenerateAuthnRequestTaskTest {
     
   }
   
+  @Test
+  public void publicSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId found", "myNode", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void privateSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
+    
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "myNode", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
   @Test
   public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException,
       SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
@@ -409,6 +505,53 @@ public class GenerateAuthnRequestTaskTest {
         EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
     String providerName = RandomStringUtils.randomAlphanumeric(10);
     pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, "http://junit.sp");
+
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "Wr8LrrVf5SYneblOlZdZNaLQQCCgzklfKQvyeZjBx10=", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+  @Test
+  public void privateSPWithoutRequestIdHashing() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
 
     basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
     basicConfig.putConfigValue(
@@ -417,6 +560,7 @@ public class GenerateAuthnRequestTaskTest {
         "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "false");
     
     String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
     basicConfig.putConfigValue(
@@ -438,7 +582,7 @@ public class GenerateAuthnRequestTaskTest {
     final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
 
     Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
-    Assert.assertEquals("RequesterId", providerName, eidasReq.getRequesterId());
+    Assert.assertEquals("RequesterId", requesterId, eidasReq.getRequesterId());
     Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
     Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
     
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
index d0ab50f4..7ac41500 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -146,9 +146,10 @@ public class EidasRequestPreProcessingFirstTest {
 
     Assert.assertEquals("ProviderName is not Static",
         Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
     Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
     Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
 
   }
-
+    
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
index c44e803b..4a03fac1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -86,6 +86,9 @@ public class EidasRequestPreProcessingSecondTest {
     authnRequestBuilder.issuer("Test");
     authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
 
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true");
+    
   }
 
   @Test
@@ -106,4 +109,49 @@ public class EidasRequestPreProcessingSecondTest {
 
   }
 
+
+  /*
+   * Set ProviderName according to general configuration
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException {
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "false");
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+    Assert.assertNull("RequesterId", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
+  /* 
+   * Always set requesterId and providername in case of country LU
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException {
+
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        "myNode", lightReq.getProviderName());
+    Assert.assertEquals("RequesterId is not Static",
+        "myNode", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
index 956cfcc9..cd2888c1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -50,6 +50,11 @@
     <property name="priority" value="1" />
   </bean>
 
+  <bean id="LU-PostProcessor"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
  <bean id="eIDASAuthModule"
     class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl">
     <property name="priority" value="2" />
-- 
cgit v1.2.3


From 2fabf6cfdc78fceac1302d45c88d08214fe4e9e3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 20 Jan 2021 14:32:37 +0100
Subject: add README.md, release and update informations, and full handbook

---
 README.md                                          | 112 +++++++++++++++++++++
 basicConfig/default_config.properties              |   1 -
 connector/src/assembly/assembly_dir.xml            |   2 +
 connector/src/assembly/assembly_zip.xml            |   3 +
 .../src/main/resources/application.properties      |  20 ++--
 infos/handbook-work_in_progress.docx               | Bin 0 -> 44486 bytes
 infos/readme_1.2.0.md                              |  59 +++++++++++
 7 files changed, 183 insertions(+), 14 deletions(-)
 create mode 100644 README.md
 create mode 100644 infos/handbook-work_in_progress.docx
 create mode 100644 infos/readme_1.2.0.md

diff --git a/README.md b/README.md
new file mode 100644
index 00000000..e0914598
--- /dev/null
+++ b/README.md
@@ -0,0 +1,112 @@
+# Member-state specific eIDAS Application
+
+## Description
+
+The member-state specific eIDAS application (ms-specific eIDAS) implements the bridge between the eIDAS reference implementation provides by European commission and the national eID system. This application consists of two parts
+
+- **MS-specific Connector:** implements the bridge to connect a national service-provider to a foreign idenity-provider. 
+
+- **MS-specific Proxy-Service:** implements the bridge to connect a foreign service-provider to national eID system (ID Austria). This feature is not implemented yet.
+
+  
+
+### Building
+
+The application uses SpringBoot as core framework, but the default build-profile does not build an executable jar. There, the application has to be deployed into an application service, like Apache Tomcat
+
+The project can be build with :
+
+```
+mvn clean package
+```
+
+The resulting `war` file can be deployed into an application server
+
+Set Java System-Property _-Deidas.ms.configuration=/path/to/configuration..._ to set the configuration for this application
+
+
+
+If you like to build an executable SpringBoot application with embedded Tomcat then use:
+
+```
+mvn -P embbededTomcat clean package
+```
+
+The resulting `jar` file can be run with java:
+
+```
+java -jar ./connector/target/ms-connector.jar
+```
+
+But it is also directly executalbe
+
+```
+./connector/target/ms-connector.jar
+```
+
+In case of a executable application package, the configuration can be either set by Java System-Property _-Deidas.ms.configuration=/path/to/configuration..._  or by default SpringBoot configuration features.
+
+
+
+### Configuration
+
+A default configuration is located at _basicConfig/_
+
+
+
+## Generate a BM.I Release Package
+
+The full release packages for BM.I infrastructure will be automatically assembled by maven build-process.  Before release build, all release related information have to added into infos folder. To add release informations follow the steps outlined below.
+
+Add a file with release informations to:
+```
+./infos/readme_{version}.txt
+```
+
+Add additional eIDAS Node related information into:
+
+```
+./infos/eIDAS_Ref_Impl/
+```
+
+Add, remove, or update the application description in the handbook and store the handbook for the current release version as pdf. 
+
+```
+modify: ./infos/handbook-work_in_progress.docx
+store pdf to: ./infos/handbook/handbook-{version}.pdf
+```
+
+Generate a release package with:
+
+
+```
+mvn clean package
+```
+
+The full release package will be located add
+```
+./target/ms_specific_connector-{version}-dist.tar.gz
+```
+
+
+
+## Changelog
+
+**v1.2.0**
+
+- Anpassungen zur Anbindungen an das E-ID System
+- Update auf eIDAS Ref. Impl. 2.5.0 mit Apache Ignite Cache
+  https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5
+- TODO:
+
+
+
+**v1.1.0**
+
+  - Update auf eIDAS Ref. Impl. 2.4.0 mit Apache Ignite Cache
+    https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.4
+  - Statischer Service-Provider Name für öffentliche Applikationen 
+  - Mindest LoA, welche für Requests an eIDAS Proxy-Services verwendet wird.
+  - Requested Attributes je Land konfigurierbar
+  - Neue Template-Engine mit i18n Unterstützung
+  - Neuer Algorithmus zur Generierung von Sessiontokens  
\ No newline at end of file
diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties
index ad883284..725fac7c 100644
--- a/basicConfig/default_config.properties
+++ b/basicConfig/default_config.properties
@@ -1,6 +1,5 @@
 ## Basic service configuration
 eidas.ms.context.url.prefix=
-eidas.ms.context.url.request.validation=false
 eidas.ms.core.configRootDir=file:./
 
 
diff --git a/connector/src/assembly/assembly_dir.xml b/connector/src/assembly/assembly_dir.xml
index 37e05390..59437be6 100644
--- a/connector/src/assembly/assembly_dir.xml
+++ b/connector/src/assembly/assembly_dir.xml
@@ -43,7 +43,9 @@
       <includes>
         <!-- include>README.md</include-->
         <include>readme_${project.version}.txt</include>
+        <include>readme_${project.version}.md</include>
         <include>eIDAS_Ref_Impl/*</include>
+        <include>handbook/*</include>
       </includes>
     </fileSet>
   </fileSets>
diff --git a/connector/src/assembly/assembly_zip.xml b/connector/src/assembly/assembly_zip.xml
index 579da2e1..43877283 100644
--- a/connector/src/assembly/assembly_zip.xml
+++ b/connector/src/assembly/assembly_zip.xml
@@ -43,6 +43,9 @@
       <includes>
         <!-- include>README.md</include -->
         <include>readme_${project.version}.txt</include>
+        <include>readme_${project.version}.md</include>
+        <include>eIDAS_Ref_Impl/*</include>
+        <include>handbook/*</include>
       </includes>
     </fileSet>
   </fileSets>
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index b92102ed..9a4ae54f 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -17,9 +17,9 @@ spring.boot.admin.client.enabled=false
 
 #############################################################################
 ## MS-speccific eIDAS-Connector configuration
-#proxy.context.url.prefix=
+#eidas.ms.context.url.prefix=
 eidas.ms.context.url.request.validation=false
-#proxy.configRootDir=file:/.../config/
+#eidas.ms.configRootDir=file:/.../config/
 eidas.ms.context.use.clustermode=true
 eidas.ms.core.logging.level.info.errorcodes=auth.21
 
@@ -51,8 +51,7 @@ eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
-#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
-eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=urn:publicid:gv.at:cdid\+.*
 
 ## use SAML2 requestId as transactionIdentifier to mitigate problems with SAML2 relaystate
 eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
@@ -106,9 +105,6 @@ eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=false
 eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
 
 
-
-
-
 ##without mandates
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
 eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
@@ -137,7 +133,7 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
 #eidas.ms.pvp2.key.metadata.password=password
 #eidas.ms.pvp2.key.signing.alias=sig
 #eidas.ms.pvp2.key.signing.password=password
-#eidas.ms.pvp2.metadata.validity=24
+eidas.ms.pvp2.metadata.validity=24
 
 #eidas.ms.pvp2.metadata.organisation.name=JUnit
 #eidas.ms.pvp2.metadata.organisation.friendyname=For testing with jUnit
@@ -158,8 +154,6 @@ eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
 
 
 ##only for advanced config
-eidas.ms.configuration.sp.disableRegistrationRequirement=
-#eidas.ms.configuration.restrictions.baseID.spTransmission=
-eidas.ms.configuration.auth.default.countrycode=
-eidas.ms.configuration.pvp.scheme.validation=
-eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
+eidas.ms.configuration.sp.disableRegistrationRequirement=false
+eidas.ms.configuration.pvp.scheme.validation=true
+eidas.ms.configuration.pvp.enable.entitycategories=false
\ No newline at end of file
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
new file mode 100644
index 00000000..d311fa80
Binary files /dev/null and b/infos/handbook-work_in_progress.docx differ
diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md
new file mode 100644
index 00000000..98e18ccb
--- /dev/null
+++ b/infos/readme_1.2.0.md
@@ -0,0 +1,59 @@
+# MS-Connector v1.2.0 Release vom xx.xx.2021
+
+Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen.
+
+### Änderungen in dieser Version
+
+  - Erforderliche Anpassungen zur Integration in den ID Austria
+
+  - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2)
+    https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5
+
+  - Codestabilisierung 
+
+  - Monitoring und HealthChecks Verbesserungen
+
+  - Akutalisierung von Drittherstellerbibliotheken
+
+
+
+
+### Durchführen eines Updates 
+
+Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.0. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_
+
+### Ausgehend von einer bestehenden Version 1.1.0 
+
+1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
+2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
+3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
+4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie **hier**.
+5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde
+
+   * __MsConnectorPackage__/config/templates/error_message.html
+6. Erstellung neuer Dateien
+   - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll.
+7. Neue Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.configRootDir```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.type```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.path```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.password```
+     - ```eidas.ms.auth.eIDAS.authblock.key.alias```
+     - ```eidas.ms.auth.eIDAS.authblock.key.password```
+   - *Service-Provider Konfiguration Konfiguration*
+     - ```eidas.ms.sp.x.newEidMode```
+8. Gelöschte Konfigurationsparameter
+
+   - ```authhandler.modules.bindingservice.bpk.target```
+9. Neue optionale Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.logging.level.info.errorcodes```
+   - *eIDAS Node Kommunikation*
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll```
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject```
-- 
cgit v1.2.3


From 811165262f7ef196c8586e42b838d7d7ba376e16 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 27 Jan 2021 11:19:29 +0100
Subject: fix problem in jUnit tests that depends on static Apache-Ignite
 holder in eIDAS Ref. implementation and occurin case of a start-up error

---
 .../specific/connector/test/FullStartUpAndProcessTest.java   | 12 ++++++++++--
 .../specific/connector/test/MainClassExecutableModeTest.java | 10 ++++++++--
 .../specific/connector/test/MainClassWebAppModeTest.java     |  7 +++++++
 3 files changed, 25 insertions(+), 4 deletions(-)

diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index 77037415..fcb0e73a 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -6,6 +6,7 @@ import static org.powermock.api.mockito.PowerMockito.when;
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.UnsupportedEncodingException;
+import java.lang.reflect.Field;
 import java.net.URISyntaxException;
 import java.util.Map;
 import java.util.Timer;
@@ -71,6 +72,7 @@ import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.OpenSaml3ResourceAdapter;
 import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EaafOpenSaml3xInitializer;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.Saml2Utils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
 import eu.eidas.auth.commons.light.ILightRequest;
@@ -151,13 +153,19 @@ public class FullStartUpAndProcessTest {
   /**
    * Test shut-down.
    *
-   * @throws IOException In case of an error
+   * @throws Exception In case of an error
    */
   @AfterClass
-  public static void closeIgniteNode() throws IOException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closiong Ignite Node ... ");
     Ignition.stopAll(true);
 
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+    
   }
 
   /**
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
index 86df55df..708560b2 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassExecutableModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -50,17 +51,22 @@ public class MainClassExecutableModeTest {
 
   /**
    * Initializer.
-   * @throws InterruptedException In case of an error 
+   * @throws Exception In case of an error 
    *
    */
   @AfterClass
-  public static void closeIgniteNode() throws InterruptedException {
+  public static void closeIgniteNode() throws Exception {
     System.out.println("Closing Ignite Node ... ");
     
     log.info("Stopping already running Apache Ignite nodes ... ");
     Ignition.stopAll(true);    
     Thread.sleep(1000);
     
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field.setAccessible(true);
+    field.set(null, null);
+            
   }
   
   /**
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
index 07ef4968..79d062ae 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/MainClassWebAppModeTest.java
@@ -22,6 +22,7 @@ import org.junit.runners.BlockJUnit4ClassRunner;
 import at.asitplus.eidas.specific.connector.SpringBootApplicationInitializer;
 import at.gv.egiz.eaaf.core.impl.logging.DummyStatusMessager;
 import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
+import eu.eidas.auth.cache.IgniteInstanceInitializerSpecificCommunication;
 
 @RunWith(BlockJUnit4ClassRunner.class)
 public class MainClassWebAppModeTest {
@@ -68,6 +69,12 @@ public class MainClassWebAppModeTest {
 
     System.clearProperty("eidas.ms.configuration");
     SpringBootApplicationInitializer.exit();
+    
+    
+    //set Ignite-node holder to 'null' because static holders are shared between different tests
+    final Field field1 = IgniteInstanceInitializerSpecificCommunication.class.getDeclaredField("instance");
+    field1.setAccessible(true);
+    field1.set(null, null);
        
   }
   
-- 
cgit v1.2.3


From 07318e70ea3a9d25ca945c391820149183c61ca0 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Mon, 8 Feb 2021 18:47:34 +0100
Subject: add Binding Public-Key into technical AuthBlock in case of an ID
 Austria process

---
 .../verification/AuthnRequestValidator.java        | 114 +++++++++++++--------
 .../test/utils/AuthnRequestValidatorTest.java      |   5 +
 connector/src/test/resources/data/pvp2_authn_3.xml |   3 +
 .../specific/connector/MsEidasNodeConstants.java   |   3 +
 .../eidas/v2/service/AuthBlockSigningService.java  |  12 +++
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    |  25 ++++-
 6 files changed, 116 insertions(+), 46 deletions(-)

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
index a9eb06be..881eeb8a 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/verification/AuthnRequestValidator.java
@@ -75,7 +75,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       if (nameIdPolicy != null) {
         final String nameIdFormat = nameIdPolicy.getFormat();
         if (nameIdFormat != null) {
-          if (!(NameIDType.TRANSIENT.equals(nameIdFormat) 
+          if (!(NameIDType.TRANSIENT.equals(nameIdFormat)
               || NameIDType.PERSISTENT.equals(nameIdFormat))) {
 
             throw new NameIdFormatNotSupportedException(nameIdFormat);
@@ -114,10 +114,10 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       // post-process requested LoA comparison-level
       pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setLoAMachtingMode(
           extractComparisonLevel(authnReq));
-      
-      //extract information from requested attributes
+
+      // extract information from requested attributes
       extractFromRequestedAttriutes(pendingReq, authnReq);
-      
+
     } catch (final EaafStorageException e) {
       log.info("Can NOT store Authn. Req. data into pendingRequest.", e);
       throw new AuthnRequestValidatorException("internal.02", null, e);
@@ -126,14 +126,14 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
 
   }
 
-  private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq) 
-      throws AuthnRequestValidatorException {
+  private void extractFromRequestedAttriutes(IRequest pendingReq, AuthnRequest authnReq)
+      throws AuthnRequestValidatorException, EaafStorageException {
     // validate and process requested attributes
     boolean sectorDetected = false;
-    
+
     final ServiceProviderConfiguration spConfig = pendingReq.getServiceProviderConfiguration(
         ServiceProviderConfiguration.class);
-    
+
     if (authnReq.getExtensions() != null) {
       final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects();
       for (final XMLObject reqAttrObj : requestedAttributes) {
@@ -143,77 +143,101 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
             for (final EaafRequestedAttribute el : reqAttr.getAttributes()) {
               log.trace("Processing req. attribute '" + el.getName() + "' ... ");
               if (el.getName().equals(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) {
-                sectorDetected = extractBpkTargetIdentifier(el, spConfig); 
-               
+                sectorDetected = extractBpkTargetIdentifier(el, spConfig);
+
               } else if (el.getName().equals(ExtendedPvpAttributeDefinitions.EID_TRANSACTION_ID_NAME)) {
                 extractUniqueTransactionId(el, pendingReq);
-                
+
+              } else if (el.getName().equals(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME)) {
+                extractBindingPublicKey(el, pendingReq);
+
               } else {
                 log.debug("Ignore req. attribute: " + el.getName());
-                
+
               }
             }
 
           } else {
             log.debug("No requested Attributes in Authn. Request");
-            
+
           }
 
         } else {
           log.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString());
-          
+
         }
       }
     }
-    
+
     if (!sectorDetected) {
       log.warn("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information.");
       throw new AuthnRequestValidatorException("pvp2.22", new Object[] {
           "NO or NO VALID target-sector information" });
 
     }
-    
+
+  }
+
+  private void extractBindingPublicKey(EaafRequestedAttribute el, IRequest pendingReq)
+      throws EaafStorageException {
+    if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
+      final String bindingPubKey = el.getAttributeValues().get(0).getDOM().getTextContent();
+      pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+      log.info("Find Binding Public-Key. eIDAS authentication will be used to create an ID Austria Binding");
+
+    } else {
+      log.warn(
+          "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute",
+          el.getName());
+
+    }
   }
 
   /**
    * Extract unique transactionId from AuthnRequest.
-   * 
-   * @param el Requested attribute from AuthnRequest
-   * @param pendingReq Current pendingRequest object (has to be of type {@link RequestImpl})
-   * @return <code>true</code> if transactionId extraction was successful, otherwise <code>false</code>
+   *
+   * @param el         Requested attribute from AuthnRequest
+   * @param pendingReq Current pendingRequest object (has to be of type
+   *                   {@link RequestImpl})
+   * @return <code>true</code> if transactionId extraction was successful,
+   *         otherwise <code>false</code>
    */
   private boolean extractUniqueTransactionId(EaafRequestedAttribute el, IRequest pendingReq) {
     if (!(pendingReq instanceof RequestImpl)) {
-      log.warn("Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}",
+      log.warn(
+          "Can NOT set unique transactionId from AuthnRequest,because 'PendingRequest' is NOT from Type: {}",
           RequestImpl.class.getName());
-      
-    } else {        
+
+    } else {
       if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
-        final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent();      
-        ((RequestImpl)pendingReq).setUniqueTransactionIdentifier(transactionId);      
+        final String transactionId = el.getAttributeValues().get(0).getDOM().getTextContent();
+        ((RequestImpl) pendingReq).setUniqueTransactionIdentifier(transactionId);
         return true;
 
       } else {
-        log.warn("Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute", 
+        log.warn(
+            "Req. attribute '{}' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute",
             el.getName());
-        
+
       }
-      
+
     }
-    
+
     return false;
   }
 
   /**
    * Extract the bPK target from requested attribute.
-   * 
-   * @param el Requested attribute from AuthnRequest
+   *
+   * @param el       Requested attribute from AuthnRequest
    * @param spConfig Service-Provider configuration for current process
-   * @return <code>true</code> if bPK target extraction was successful, otherwise <code>false</code>
+   * @return <code>true</code> if bPK target extraction was successful, otherwise
+   *         <code>false</code>
    */
-  private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el, ServiceProviderConfiguration spConfig) {        
+  private boolean extractBpkTargetIdentifier(EaafRequestedAttribute el,
+      ServiceProviderConfiguration spConfig) {
     if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
-      final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();      
+      final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();
       try {
         spConfig.setBpkTargetIdentifier(sectorId);
         return true;
@@ -227,16 +251,16 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       log.warn("Req. attribute '" + el.getName()
           + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
     }
-    
+
     return false;
-    
+
   }
-  
-  private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq) 
+
+  private void postprocessLoaLevel(IRequest pendingReq, AuthnRequest authnReq)
       throws AuthnRequestValidatorException {
     final List<String> reqLoA = extractLoA(authnReq);
-    log.trace("SP requests LoA with: {}", String.join(", ",reqLoA));
-    
+    log.trace("SP requests LoA with: {}", String.join(", ", reqLoA));
+
     LevelOfAssurance minimumLoAFromConfig = LevelOfAssurance.fromString(basicConfig.getBasicConfiguration(
         MsEidasNodeConstants.PROP_EIDAS_REQUEST_LOA_MINIMUM_LEVEL,
         EaafConstants.EIDAS_LOA_HIGH));
@@ -246,15 +270,15 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
       minimumLoAFromConfig = LevelOfAssurance.HIGH;
 
     }
-          
+
     log.trace("Validate requested LoA to connector configuration minimum LoA: {} ...",
-        minimumLoAFromConfig);      
+        minimumLoAFromConfig);
     final List<String> allowedLoA = new ArrayList<>();
     for (final String loa : reqLoA) {
       try {
         final LevelOfAssurance intLoa = LevelOfAssurance.fromString(loa);
         String selectedLoA = EaafConstants.EIDAS_LOA_HIGH;
-        if (intLoa != null 
+        if (intLoa != null
             && intLoa.numericValue() <= minimumLoAFromConfig.numericValue()) {
           log.info("Client: {} requested LoA: {} will be upgraded to: {}",
               pendingReq.getServiceProviderConfiguration().getUniqueIdentifier(),
@@ -281,7 +305,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
 
     pendingReq.getServiceProviderConfiguration(ServiceProviderConfiguration.class).setRequiredLoA(
         allowedLoA);
-    
+
   }
 
   private String extractComparisonLevel(AuthnRequest authnReq) {
@@ -335,7 +359,7 @@ public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
   private String extractScopeRequsterId(AuthnRequest authnReq) {
     if (authnReq.getScoping() != null) {
       final Scoping scoping = authnReq.getScoping();
-      if (scoping.getRequesterIDs() != null 
+      if (scoping.getRequesterIDs() != null
           && scoping.getRequesterIDs().size() > 0) {
         if (scoping.getRequesterIDs().size() == 1) {
           return scoping.getRequesterIDs().get(0).getRequesterID();
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
index 9aafb4b6..c57515a0 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthnRequestValidatorTest.java
@@ -214,6 +214,11 @@ public class AuthnRequestValidatorTest {
         
     Assert.assertEquals("wrong transactionId", "transId_11223344556677aabbcc", 
         pendingReq.getUniqueTransactionIdentifier());
+   
+    Assert.assertEquals("wrong binding pubkey", "binding_pubKey_1144225247125dsfasfasdf", 
+        pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, String.class));
+    
+    
     
   }
   
diff --git a/connector/src/test/resources/data/pvp2_authn_3.xml b/connector/src/test/resources/data/pvp2_authn_3.xml
index 35e49b0f..5352c441 100644
--- a/connector/src/test/resources/data/pvp2_authn_3.xml
+++ b/connector/src/test/resources/data/pvp2_authn_3.xml
@@ -31,6 +31,9 @@
       <eid:RequestedAttribute FriendlyName="transactionId" Name="urn:eidgvat:attributes.transactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
         <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">transId_11223344556677aabbcc</eid:AttributeValue>
       </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="Binding-PublicKey" Name="urn:eidgvat:attributes.binding.pubkey" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">binding_pubKey_1144225247125dsfasfasdf</eid:AttributeValue>
+      </eid:RequestedAttribute>
     </eid:RequestedAttributes>
   </saml2p:Extensions>
   <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
index 133f104d..027d0832 100644
--- a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/MsEidasNodeConstants.java
@@ -169,6 +169,9 @@ public class MsEidasNodeConstants {
   public static final List<String> COUNTRY_SELECTION_PARAM_WHITELIST =
       Arrays.asList(REQ_PARAM_SELECTED_COUNTRY, REQ_PARAM_SELECTED_ENVIRONMENT);
 
+  
+  public static final String EID_BINDING_PUBLIC_KEY_NAME = "urn:eidgvat:attributes.binding.pubkey";
+  
   private MsEidasNodeConstants() {
     //hidden Constructor for class with static values only.
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
index 234d52dd..a2af4342 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
@@ -18,6 +18,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
 import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
 import com.fasterxml.jackson.annotation.JsonProperty;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
@@ -81,6 +82,14 @@ public class AuthBlockSigningService {
     authBlock.setTimestamp(LocalDateTime.now().truncatedTo(ChronoUnit.SECONDS));
     authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); 
     authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier());
+    
+    //set Binding PublicKey if available
+    Object bindingPubKey = pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME);
+    if (bindingPubKey instanceof String) {
+      authBlock.setBindingPublicKey((String) bindingPubKey);
+      
+    }
+    
     String jwsPayload = mapper.writeValueAsString(authBlock);
     log.debug("Building and sign authBlock with data: {}", jwsPayload);
     
@@ -172,6 +181,7 @@ public class AuthBlockSigningService {
    *
    */
   @Data
+  @JsonInclude(JsonInclude.Include.NON_NULL)
   private static class EidasAuchBlock {
 
     @JsonProperty("challenge")
@@ -189,6 +199,8 @@ public class AuthBlockSigningService {
     @JsonProperty("piiTransactionId")
     private String piiTransactionId;
     
+    @JsonProperty("bindingPublicKey")
+    private String bindingPublicKey;
     
   }
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 2e6790c5..0621081a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -221,6 +221,7 @@ public class CreateIdentityLinkTaskEidNewTest {
     Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
     Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
     Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey"));
     
     
     // check vsz request
@@ -312,9 +313,11 @@ public class CreateIdentityLinkTaskEidNewTest {
     signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
     signContentResp.getOut().add(signContentEntry);
     when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
-
+    
     String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
     pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
     
     //perform test
     task.execute(pendingReq, executionContext);
@@ -329,8 +332,28 @@ public class CreateIdentityLinkTaskEidNewTest {
     Assert.assertNotNull("AuthProcessData", authProcessData);
     Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
 
+    // check authblock signature
     String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
     Assert.assertNotNull("AuthBlock", authBlock);
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText());
     
     Assert.assertTrue("EID process", authProcessData.isEidProcess());
     Assert.assertTrue("foreigner process", authProcessData.isForeigner());
-- 
cgit v1.2.3


From c5c6344931f67ccaba335ffa476b5e8117948020 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 10 Mar 2021 12:25:10 +0100
Subject: switch to EAAF-components 1.1.13-SNAPSHOT to add
 EID-IDENTITY-STATUS-LEVEL attribute into SAML2 response

---
 basicConfig/default_config.properties              |   2 ++
 .../builder/AuthenticationDataBuilder.java         |  26 +++++++++++-----
 .../src/main/resources/application.properties      |   2 ++
 .../resources/specific_eIDAS_connector.beans.xml   |   6 ++++
 .../connector/test/FullStartUpAndProcessTest.java  |   7 +++--
 .../ProcessEngineSignalControllerTest.java         |   2 +-
 .../test/utils/AuthenticationDataBuilderTest.java  |  16 +++++++++-
 .../data/metadata_valid_without_encryption.xml     |   1 +
 .../spring/SpringTest_connector.beans.xml          |   6 ++++
 .../specific/modules/auth/eidas/v2/Constants.java  |   2 ++
 .../eidas/v2/tasks/ReceiveAuthnResponseTask.java   |   9 ++++--
 .../test/tasks/ReceiveEidasResponseTaskTest.java   |  34 +++++++++++++++++++--
 infos/handbook-work_in_progress.docx               | Bin 44486 -> 44445 bytes
 pom.xml                                            |   2 +-
 14 files changed, 98 insertions(+), 17 deletions(-)

diff --git a/basicConfig/default_config.properties b/basicConfig/default_config.properties
index 725fac7c..2ea12b17 100644
--- a/basicConfig/default_config.properties
+++ b/basicConfig/default_config.properties
@@ -18,6 +18,8 @@ eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
 
 
 ## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.eid.testidentity.default=false
+
 eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
 eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
index c41660ce..3a93c1b8 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/builder/AuthenticationDataBuilder.java
@@ -30,6 +30,7 @@ import org.springframework.stereotype.Service;
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
@@ -37,8 +38,9 @@ import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.AbstractAuthenticationDataBuilder;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import lombok.extern.slf4j.Slf4j;
 
 @Service("AuthenticationDataBuilder")
@@ -47,9 +49,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
   
   @Override
   protected IAuthData buildDeprecatedAuthData(IRequest pendingReq) throws EaafException {        
-    final IAuthProcessDataContainer authProcessData =
-        pendingReq.getSessionData(AuthProcessDataWrapper.class);    
-    AuthenticationData authData = new AuthenticationData();
+    final EidAuthProcessDataWrapper authProcessData =
+        pendingReq.getSessionData(EidAuthProcessDataWrapper.class);    
+    EidAuthenticationData authData = new EidAuthenticationData();
     
     //set basis infos
     super.generateDeprecatedBasicAuthData(authData, pendingReq, authProcessData);
@@ -58,6 +60,9 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
     authData.setSsoSessionValidTo(
         new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
     
+    authData.setEidStatus(authProcessData.isTestIdentity() 
+        ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
+    
     return authData;
 
   }
@@ -65,16 +70,21 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
   @Override
   protected void buildServiceSpecificAuthenticationData(IAuthData authData, IRequest pendingReq) 
       throws EaafException {
-    if (authData instanceof AuthenticationData) {
-      ((AuthenticationData)authData).setGenericData(
+    if (authData instanceof EidAuthenticationData) {
+      ((EidAuthenticationData)authData).setGenericData(
           ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, 
           pendingReq.getUniquePiiTransactionIdentifier());
       log.trace("Inject piiTransactionId: {} into AuthData", pendingReq.getUniquePiiTransactionIdentifier());
     
       // set specific informations
-      ((AuthenticationData)authData).setSsoSessionValidTo(
+      ((EidAuthenticationData)authData).setSsoSessionValidTo(
           new Date(new Date().getTime() + MsEidasNodeConstants.DEFAULT_PVP_ASSERTION_VALIDITY * 60 * 1000));
 
+      //set E-ID status-level
+      final EidAuthProcessDataWrapper authProcessData =
+          pendingReq.getSessionData(EidAuthProcessDataWrapper.class);        
+      ((EidAuthenticationData)authData).setEidStatus(authProcessData.isTestIdentity() 
+          ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY);
       
     } else {
       throw new RuntimeException("Can not inject PiiTransactionId because AuthData is of unknown type: " 
@@ -86,7 +96,7 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 
   @Override
   protected IAuthData getAuthDataInstance(IRequest arg0) throws EaafException {
-    return new AuthenticationData();
+    return new EidAuthenticationData();
 
   }
 
diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 9a4ae54f..2411fde3 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -48,6 +48,8 @@ eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
 
 ## eIDAS Ref. Implementation connector ###
 eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.eid.testidentity.default=false
+
 #eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
 eidas.ms.auth.eIDAS.node_v2.forward.method=POST
 eidas.ms.auth.eIDAS.node_v2.countrycode=AT
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index f6fdeefe..0f8511d5 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -49,6 +49,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>   
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -69,6 +72,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index fcb0e73a..f50829c7 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -62,6 +62,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
@@ -99,7 +100,7 @@ import szrservices.SignContentResponseType;
 @ActiveProfiles(profiles = {"JUNIT", "jUnitTestMode"})
 public class FullStartUpAndProcessTest {
 
-  private static final String FINAL_REDIRECT = "http://localhost/finalizeAuthProtocol?pendingid=";
+  private static final String FINAL_REDIRECT = "http://localhost/public/secure/finalizeAuthProtocol?pendingid=";
   
   @Autowired private WebApplicationContext wac;
   @Autowired private PvpEndPointCredentialProvider credentialProvider;
@@ -379,7 +380,7 @@ public class FullStartUpAndProcessTest {
     Assert.assertEquals("SAML2 status", Constants.SUCCESS_URI, saml2.getStatus().getStatusCode().getValue());
     
     final AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(saml2);
-    Assert.assertEquals("wrong resp attr. size", 6, extractor.getAllIncludeAttributeNames().size());
+    Assert.assertEquals("wrong resp attr. size", 7, extractor.getAllIncludeAttributeNames().size());
     Assert.assertEquals("Wrong attr: LoA ", "http://eidas.europa.eu/LoA/high", 
         extractor.getSingleAttributeValue("urn:oid:1.2.40.0.10.2.1.1.261.108"));
     Assert.assertEquals("Wrong attr: PVP_VERSION ", "2.2", 
@@ -392,6 +393,8 @@ public class FullStartUpAndProcessTest {
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.authblock.signed"));
     Assert.assertNotNull("Wrong attr: piiTras.Id ", 
         extractor.getSingleAttributeValue("urn:eidgvat:attributes.piiTransactionId"));
+    Assert.assertEquals("Wrong attr:EID_STATUS_LEVEL ", "http://eid.gv.at/eID/status/identity",
+        extractor.getSingleAttributeValue(PvpAttributeDefinitions.EID_IDENTITY_STATUS_LEVEL_NAME));
     
   }
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
index d2c4aff2..5b612036 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
@@ -69,7 +69,7 @@ public class ProcessEngineSignalControllerTest {
     Assert.assertEquals("http StatusCode", 302, httpResp.getStatus());
     Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location"));
     Assert.assertTrue("wrong redirect header", 
-        httpResp.getHeader("Location").startsWith("http://localhost/errorHandling?errorid="));
+        httpResp.getHeader("Location").startsWith("http://localhost/public/secure/errorHandling?errorid="));
   
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 5f1c5dcf..0df8638c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -11,6 +11,7 @@ import java.util.Map;
 import javax.xml.transform.TransformerException;
 
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.RandomUtils;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.BeforeClass;
@@ -35,6 +36,7 @@ import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.ExtendedPvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions.EidIdentityStatusLevelValues;
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
@@ -42,8 +44,10 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
@@ -118,8 +122,10 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void eidMode() throws EaafAuthenticationException {
     // initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);
-
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);
+    
     // execute
     IAuthData authData = authenticationDataBuilder.buildAuthenticationData(pendingReq);
 
@@ -128,6 +134,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNotNull("authBlock null", authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class));
     Assert.assertNotNull("eidasBind null", authData.getGenericData(Constants.EIDAS_BIND, String.class));
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
 
     String authBlock = authData.getGenericData(Constants.SZR_AUTHBLOCK, String.class);
     String eidasBind = authData.getGenericData(Constants.EIDAS_BIND, String.class);
@@ -159,6 +168,8 @@ public class AuthenticationDataBuilderTest {
   @Test
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
+    boolean isTestIdentity = RandomUtils.nextBoolean();
+    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
@@ -173,6 +184,9 @@ public class AuthenticationDataBuilderTest {
     Assert.assertNull("piiTransactionId", 
         authData.getGenericData(ExtendedPvpAttributeDefinitions.EID_PII_TRANSACTION_ID_NAME, String.class));
     
+    Assert.assertEquals("testIdentity flag", 
+        isTestIdentity ? EidIdentityStatusLevelValues.TESTIDENTITY : EidIdentityStatusLevelValues.IDENTITY, 
+        ((EidAuthenticationData)authData).getEidStatus());
     
     Assert.assertNotNull("assertion validTo", authData.getSsoSessionValidTo());
     Assert.assertNotNull("LoA null", authData.getEidasQaaLevel());
diff --git a/connector/src/test/resources/data/metadata_valid_without_encryption.xml b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
index b224c336..32b24e91 100644
--- a/connector/src/test/resources/data/metadata_valid_without_encryption.xml
+++ b/connector/src/test/resources/data/metadata_valid_without_encryption.xml
@@ -71,6 +71,7 @@ ANsmjI2azWiTSFjb7Ou5fnCfbeiJUP0s66m8qS4rYl9L</ds:X509Certificate>
       <md:RequestedAttribute FriendlyName="userAuthBlock" Name="urn:eidgvat:attributes.authblock.signed" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="eidBind" Name="urn:eidgvat:attributes.eidbind" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
       <md:RequestedAttribute FriendlyName="piiTransactionId" Name="urn:eidgvat:attributes.piiTransactionId" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
+      <md:RequestedAttribute FriendlyName="EID-IDENTITY-STATUS-LEVEL" Name="urn:oid:1.2.40.0.10.2.1.1.261.109" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="false"/>
     </md:AttributeConsumingService>
   </md:SPSSODescriptor>
   <md:Organization>
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ba385cb9..83acf445 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -41,6 +41,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>       
   </bean>
 
   <bean id="AuthnRequestValidator"
@@ -61,6 +64,9 @@
     <property name="pvpIdpCredentials">
       <ref bean="PVPEndPointCredentialProvider" />
     </property>
+    <property name="metadataProvider">
+      <ref bean="PVPMetadataProvider" />
+    </property>     
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index c175d999..d13dd00f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -41,6 +41,8 @@ public class Constants {
 
   // configuration properties
   public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
+  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX 
+      + ".eid.testidentity.default";
   public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
   public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
   public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
index 684546f7..6cab9214 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -39,7 +39,7 @@ import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import eu.eidas.auth.commons.light.ILightResponse;
 import lombok.extern.slf4j.Slf4j;
@@ -99,10 +99,15 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 
       // update MOA-Session data with received information
       log.debug("Store eIDAS response information into pending-request.");
-      final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+      final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
       authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
       authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
 
+      
+      //inject set flag to inject 
+      authProcessData.setTestIdentity(
+          basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false));
+            
       // store MOA-session to database
       requestStoreage.storePendingRequest(pendingReq);
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
index de9b2d3b..0e56e2b3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -39,7 +39,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
 import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
@@ -84,6 +84,7 @@ public class ReceiveEidasResponseTaskTest {
     RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
 
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
     
     final Map<String, String> spConfig = new HashMap<>();
     spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
@@ -153,15 +154,44 @@ public class ReceiveEidasResponseTaskTest {
     IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
     Assert.assertNotNull("pendingReq not stored", storedReq);
     
-    final AuthProcessDataWrapper authProcessData = storedReq.getSessionData(AuthProcessDataWrapper.class);
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
     Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
     Assert.assertNotNull("eIDAS response", 
         authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
     Assert.assertEquals("eIDAS response", eidasResponse, 
         authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
         
   }
   
+  @Test
+  public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
+    
+    @NotNull        
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
+        
+  }
+  
+  
+  
   @NotNull
   private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
index d311fa80..192db5d4 100644
Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ
diff --git a/pom.xml b/pom.xml
index 46d02706..808d71b9 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,7 +22,7 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.11</eaaf-core.version>
+    <eaaf-core.version>1.1.13-SNAPSHOT</eaaf-core.version>
 
     <spring-boot-starter-web.version>2.4.1</spring-boot-starter-web.version>
     <spring-boot-admin-starter-client.version>2.3.1</spring-boot-admin-starter-client.version>
-- 
cgit v1.2.3


From ddf39a5b497925204be868a77bcb746277bb2c8b Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 11 Mar 2021 17:30:18 +0100
Subject: update package names after refactoring of eaaf-components

---
 .../specific/connector/test/utils/AuthenticationDataBuilderTest.java  | 4 ++--
 .../specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java  | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 0df8638c..52932c8c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -44,8 +44,8 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.EidAuthenticationData;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
@@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest {
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
     boolean isTestIdentity = RandomUtils.nextBoolean();
-    pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(true);    
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index b519354c..f4849b07 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -64,8 +64,8 @@ import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-- 
cgit v1.2.3


From 7a1196805baad8fe055f92cfa8746c67684749b9 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 12 Mar 2021 10:46:59 +0100
Subject: update StatusMessageProvider for better distiguish between internal
 and external errorCodes

---
 .../specific/connector/provider/StatusMessageProvider.java | 14 ++++++++++----
 .../test/utils/AuthenticationDataBuilderTest.java          |  2 +-
 2 files changed, 11 insertions(+), 5 deletions(-)

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
index 073f7513..e83d9d49 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
@@ -28,6 +28,7 @@ import java.util.Locale;
 import java.util.MissingResourceException;
 import java.util.ResourceBundle;
 
+import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.stereotype.Service;
@@ -94,11 +95,10 @@ public class StatusMessageProvider implements IStatusMessenger {
   public String getResponseErrorCode(Throwable throwable) {
     String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
     if (throwable instanceof EaafException) {
-      errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId());
+      errorCode = ((EaafException) throwable).getErrorId();
       
     }
-    // TODO: maybe more internal switches are required
-
+        
     return errorCode;
 
   }
@@ -120,7 +120,13 @@ public class StatusMessageProvider implements IStatusMessenger {
 
     } else {
       try {
-        return externalError.getString(intErrorCode);
+        if (StringUtils.isNotEmpty(intErrorCode)) {
+          return externalError.getString(intErrorCode);
+
+        } else {
+          return IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
+
+        }
 
       } catch (final MissingResourceException e2) {
         log.info(MessageFormat.format(ERROR_NO_EXTERNALERROR_CODE, new Object[] { intErrorCode }));
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 52932c8c..cea20f04 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -169,7 +169,7 @@ public class AuthenticationDataBuilderTest {
   public void moaIdMode() throws EaafAuthenticationException, EaafBuilderException {
     //initialize state
     boolean isTestIdentity = RandomUtils.nextBoolean();
-    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(true);    
+    pendingReq.getSessionData(EidAuthProcessDataWrapper.class).setTestIdentity(isTestIdentity);    
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setEidProcess(false);
     IIdentityLink idl = buildDummyIdl();
     pendingReq.getSessionData(AuthProcessDataWrapper.class).setIdentityLink(idl);
-- 
cgit v1.2.3


From 291905eed9c187444c83657241b589d31d825149 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 12 May 2021 12:46:07 +0200
Subject: update third-party libs to latest versions

---
 basicConfig/templates/error_message.html           |  10 +-
 connector/pom.xml                                  |  14 +++
 connector/src/main/resources/logback.xml           | 107 +--------------------
 .../resources/specific_eIDAS_connector.beans.xml   |   3 +
 .../connector/test/FullStartUpAndProcessTest.java  |   2 +-
 .../test/utils/AuthenticationDataBuilderTest.java  |   2 +-
 .../spring/SpringTest_connector.beans.xml          |   3 +
 eidas_modules/authmodule-eIDAS-v2/pom.xml          |   4 +
 .../modules/auth/eidas/v2/test/SzrClientTest.java  |   9 +-
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    |   2 +-
 .../v2/test/tasks/CreateIdentityLinkTaskTest.java  |   2 +-
 infos/handbook-work_in_progress.docx               | Bin 44445 -> 44928 bytes
 infos/readme_1.2.0.md                              |   7 +-
 pom.xml                                            |  33 ++++---
 14 files changed, 63 insertions(+), 135 deletions(-)

diff --git a/basicConfig/templates/error_message.html b/basicConfig/templates/error_message.html
index f9788f6a..b1367962 100644
--- a/basicConfig/templates/error_message.html
+++ b/basicConfig/templates/error_message.html
@@ -21,16 +21,12 @@
               <div id="alert_area" class="hell" role="application" >
                 <p th:text="#{gui.errorpage.msg.information}">Error Information</p>
                 <br/>
-                <p><b th:text="#{gui.errorpage.msg.errorcode}">Code :</b> <span th:text="${errorCode}"></span></p> 
+                <p><b th:text="#{gui.errorpage.msg.errorcode}">Code :</b> <span th:text="${extErrorCode}"></span></p>
                 <p><b th:text="#{gui.errorpage.msg.errormsg}">Msg   :</b > <span th:text="${#messages.msgWithParams('__${errorCode}__', '__${errorParams}__')}"></span></p>
               </div>
       </div>
-      
-      <div th:if="${msg.stacktrace}">
-        <p><b th:text="#{gui.errorpage.msg.stacktrace}">fullError</b> <span th:text="${msg.stacktrace}"></span></p> 
-      </div>
-      
+            
 		</div>
 	</div>
 </body>
-</html>
\ No newline at end of file
+</html>
diff --git a/connector/pom.xml b/connector/pom.xml
index 36a6d9df..6516e351 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -135,6 +135,20 @@
       <groupId>com.github.skjolber</groupId>
       <artifactId>mockito-soap-cxf</artifactId>
       <scope>test</scope>
+      <!--exclusions>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-rt-wsdl</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-rt-bindings-soap</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>org.apache.cxf</groupId>
+          <artifactId>cxf-core</artifactId>
+        </exclusion>
+      </exclusions-->
     </dependency>
     <dependency>
       <groupId>org.powermock</groupId>
diff --git a/connector/src/main/resources/logback.xml b/connector/src/main/resources/logback.xml
index 7aa2d0cc..9679d9e4 100644
--- a/connector/src/main/resources/logback.xml
+++ b/connector/src/main/resources/logback.xml
@@ -8,96 +8,6 @@
 <!-- http://www.qos.ch/shop/products/professionalSupport -->
 <!-- -->
 <configuration>
-  <appender name="msnode"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-specific.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-specific.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="EIDASNODE"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eIDAS_node.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eIDAS_node.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="reversion"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-reversion.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-reversion.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="statistic"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/eidas-ms-statistic.log</File>
-    <encoder>
-      <pattern>%m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/eidas-ms-statistic.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="stdout"
-    class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender -->
-    <File>logs/console.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy
-      class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>logs/console.log.%i
-      </FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy
-      class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
   <appender name="console"
     class="ch.qos.logback.core.ConsoleAppender">
     <encoder>
@@ -105,27 +15,16 @@
     </encoder>
   </appender>
   <logger name="at.gv.egiz.eaaf" level="info">
-    <appender-ref ref="msnode" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="eu.eidas" additivity="false" level="info">
-    <appender-ref ref="EIDASNODE" />
+    <appender-ref ref="console" />
   </logger>
   <logger name="at.gv.egiz.eidas.specific" additivity="false"
     level="info">
-    <appender-ref ref="msnode" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.RevisionLogger"
-    additivity="false" level="info">
-    <appender-ref ref="reversion" />
-  </logger>
-  <logger
-    name="at.gv.egiz.eidas.specific.connector.logger.StatisticLogger"
-    additivity="false" level="info">
-    <appender-ref ref="statistic" />
+    <appender-ref ref="console" />
   </logger>
   <root level="info">
-    <appender-ref ref="stdout" />
     <appender-ref ref="console" />
   </root>
 </configuration>
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 0f8511d5..df2a9aa4 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -82,6 +82,9 @@
     <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
   </bean>
 
+  <bean id="defaultErrorHandler"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="securePendingRequestIdGeneration"
     class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index f50829c7..64e8272e 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -50,7 +50,7 @@ import org.springframework.web.context.WebApplicationContext;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController;
 import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint;
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index cea20f04..17ecb2ca 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -199,7 +199,7 @@ public class AuthenticationDataBuilderTest {
     
     Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName());
     Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName());
-    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth());
+    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getDateOfBirth());
     Assert.assertEquals("bPK", 
         BpkBuilder.generateAreaSpecificPersonIdentifier(
             idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), 
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index 83acf445..4d770570 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -74,6 +74,9 @@
     <property name="guiBuilder" ref="mvcGUIBuilderImpl" />
   </bean>
 
+  <bean id="defaultErrorHandler"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="securePendingRequestIdGeneration"
     class="at.gv.egiz.eaaf.core.impl.utils.SecurePendingRequestIdGenerationStrategy" />
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 074a4205..78039e9c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -102,6 +102,10 @@
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-core</artifactId>
+    </dependency>
     <dependency>
       <groupId>org.apache.cxf</groupId>
       <artifactId>cxf-rt-frontend-jaxws</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
index cf4ed95c..786b10de 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -54,6 +54,8 @@ import org.junit.runner.RunWith;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.util.Base64Utils;
@@ -63,7 +65,7 @@ import org.xml.sax.SAXException;
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonMappingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
@@ -96,6 +98,7 @@ import szrservices.TravelDocumentType;
 @ContextConfiguration(locations = {
     "/SpringTest-context_tasks_test.xml",
     "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
 public class SzrClientTest {
   private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
 
@@ -134,9 +137,11 @@ public class SzrClientTest {
     eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
     
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
-    
+      
   }
 
+  
+  
 
   @Test
   public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException {
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 0621081a..175f95e6 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -40,7 +40,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index 8c7558dd..e880178f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -28,7 +28,7 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
-import com.skjolberg.mockito.soap.SoapServiceRule;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
index 192db5d4..3f2c6afd 100644
Binary files a/infos/handbook-work_in_progress.docx and b/infos/handbook-work_in_progress.docx differ
diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md
index 98e18ccb..5b25d3f9 100644
--- a/infos/readme_1.2.0.md
+++ b/infos/readme_1.2.0.md
@@ -1,4 +1,4 @@
-# MS-Connector v1.2.0 Release vom xx.xx.2021
+# MS-Connector v1.2.0 Release vom 12.05.2021
 
 Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen.
 
@@ -27,7 +27,7 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe
 1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
 2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
 3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
-4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie **hier**.
+4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector.
 5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde
 
    * __MsConnectorPackage__/config/templates/error_message.html
@@ -53,7 +53,6 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe
    - *eIDAS Node Kommunikation*
      * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
      * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll```
-     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
-     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
    - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.eid.testidentity.default```
      - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject```
diff --git a/pom.xml b/pom.xml
index 808d71b9..2b557e9a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,32 +22,32 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.13-SNAPSHOT</eaaf-core.version>
+    <eaaf-core.version>1.1.13</eaaf-core.version>
 
-    <spring-boot-starter-web.version>2.4.1</spring-boot-starter-web.version>
-    <spring-boot-admin-starter-client.version>2.3.1</spring-boot-admin-starter-client.version>
-    <org.springframework.version>5.3.2</org.springframework.version>
-    <org.thymeleaf-spring5.version>3.0.11.RELEASE</org.thymeleaf-spring5.version>
-    <cxf.version>3.4.1</cxf.version>
+    <spring-boot-starter-web.version>2.4.5</spring-boot-starter-web.version>
+    <spring-boot-admin-starter-client.version>2.4.1</spring-boot-admin-starter-client.version>
+    <org.springframework.version>5.3.6</org.springframework.version>
+    <org.thymeleaf-spring5.version>3.0.12.RELEASE</org.thymeleaf-spring5.version>
+    <cxf.version>3.3.5</cxf.version>
 
     <eidas-ref.version>2.5.0</eidas-ref.version>
 
-    <org.apache.commons-lang3.version>3.11</org.apache.commons-lang3.version>
+    <org.apache.commons-lang3.version>3.12.0</org.apache.commons-lang3.version>
     <org.apache.commons-text.version>1.9</org.apache.commons-text.version>
     <commons-collections4.version>4.4</commons-collections4.version>
-    <com.google.guava.version>30.0-jre</com.google.guava.version>
-    <joda-time.version>2.10.8</joda-time.version>
+    <com.google.guava.version>30.1.1-jre</com.google.guava.version>
+    <joda-time.version>2.10.10</joda-time.version>
     <org.slf4j.version>1.7.30</org.slf4j.version>
-    <jackson-datatype-jsr310.version>2.12.0</jackson-datatype-jsr310.version>
+    <jackson-datatype-jsr310.version>2.12.3</jackson-datatype-jsr310.version>
     <!-- org.xerial.sqlite-jdbc.version>3.34.0</org.xerial.sqlite-jdbc.version -->
 
     <javax.validation-api.version>2.0.1.Final</javax.validation-api.version>
     <hibernate-validator.version>6.1.5.Final</hibernate-validator.version>
 
     <!-- testing -->
-    <junit.version>4.13.1</junit.version>
+    <junit.version>4.13.2</junit.version>
     <surefire.version>2.22.2</surefire.version>
-    <mockito-soap-cxf.version>1.0.5</mockito-soap-cxf.version>
+    <mockito-soap-cxf.version>1.2.0</mockito-soap-cxf.version>
     <com.squareup.okhttp3.version>4.0.0</com.squareup.okhttp3.version>
 
     <!-- Code quality checks -->
@@ -64,7 +64,7 @@
 
 
     <!-- Build and assembly -->
-    <org.projectlombok.lombok.version>1.18.12</org.projectlombok.lombok.version>
+    <org.projectlombok.lombok.version>1.18.20</org.projectlombok.lombok.version>
     <maven-compiler-plugin.version>3.8.1</maven-compiler-plugin.version>
     <versions-maven-plugin.version>2.8.1</versions-maven-plugin.version>
     <license-maven-plugin>1.20</license-maven-plugin>
@@ -267,6 +267,11 @@
         <artifactId>joda-time</artifactId>
         <version>${joda-time.version}</version>
       </dependency>
+      <dependency>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-core</artifactId>
+        <version>${cxf.version}</version>
+      </dependency>      
       <dependency>
         <groupId>org.apache.cxf</groupId>
         <artifactId>cxf-rt-frontend-jaxws</artifactId>
@@ -280,7 +285,7 @@
       <dependency>
         <groupId>javax.servlet</groupId>
         <artifactId>javax.servlet-api</artifactId>
-        <version>3.0.1</version>
+        <version>3.1.0</version>
         <scope>provided</scope>
       </dependency>
       <dependency>
-- 
cgit v1.2.3


From 30cc38a77b37697af7cbd6d2d8f24c90fe08b959 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 12 May 2021 20:38:12 +0200
Subject: switch to release version

---
 .gitlab-ci.yml                                    |   3 ++-
 basicConfig/eIDAS/igniteSpecificCommunication.xml |  19 ++++++++++++++++++-
 build_reporting/pom.xml                           |   2 +-
 connector/pom.xml                                 |   2 +-
 connector_lib/pom.xml                             |   2 +-
 eidas_modules/authmodule-eIDAS-v2/pom.xml         |   2 +-
 eidas_modules/pom.xml                             |   2 +-
 infos/Handbuch_MS-eIDAS-Node.docx                 | Bin 0 -> 64139 bytes
 infos/handbook/Handbuch_MS-eIDAS-Node.pdf         | Bin 0 -> 871397 bytes
 infos/readme_1.2.0.md                             |   7 ++++---
 pom.xml                                           |   2 +-
 11 files changed, 30 insertions(+), 11 deletions(-)
 create mode 100644 infos/Handbuch_MS-eIDAS-Node.docx
 create mode 100644 infos/handbook/Handbuch_MS-eIDAS-Node.pdf

diff --git a/.gitlab-ci.yml b/.gitlab-ci.yml
index 364d19fb..166c8d57 100644
--- a/.gitlab-ci.yml
+++ b/.gitlab-ci.yml
@@ -1,4 +1,5 @@
-image: maven:latest
+#image: maven:latest
+image: maven:3.6.3-jdk-11
 
 variables:
   LC_ALL: "en_US.UTF-8"
diff --git a/basicConfig/eIDAS/igniteSpecificCommunication.xml b/basicConfig/eIDAS/igniteSpecificCommunication.xml
index f817f5a4..da61cbf1 100644
--- a/basicConfig/eIDAS/igniteSpecificCommunication.xml
+++ b/basicConfig/eIDAS/igniteSpecificCommunication.xml
@@ -53,30 +53,35 @@
                     <property name="name" value="specificNodeConnectorRequestCache"/>
                     <property name="atomicityMode" value="ATOMIC"/>
                     <property name="backups" value="1"/>
+                    <property name="expiryPolicyFactory" ref="7_minutes_duration"/>
                 </bean>
                 <!-- Partitioned cache example configuration (Atomic mode). -->
                 <bean class="org.apache.ignite.configuration.CacheConfiguration">
                     <property name="name" value="nodeSpecificProxyserviceRequestCache"/>
                     <property name="atomicityMode" value="ATOMIC"/>
                     <property name="backups" value="1"/>
+                    <property name="expiryPolicyFactory" ref="7_minutes_duration"/>
                 </bean>
                 <!-- Partitioned cache example configuration (Atomic mode). -->
                 <bean class="org.apache.ignite.configuration.CacheConfiguration">
                     <property name="name" value="specificNodeProxyserviceResponseCache"/>
                     <property name="atomicityMode" value="ATOMIC"/>
                     <property name="backups" value="1"/>
-                </bean>
+                    <property name="expiryPolicyFactory" ref="7_minutes_duration"/>
+                </bean>                
                 <!-- Partitioned cache example configuration (Atomic mode). -->
                 <bean class="org.apache.ignite.configuration.CacheConfiguration">
                     <property name="name" value="nodeSpecificConnectorResponseCache"/>
                     <property name="atomicityMode" value="ATOMIC"/>
                     <property name="backups" value="1"/>
+                    <property name="expiryPolicyFactory" ref="7_minutes_duration"/>
                 </bean>
                 <!-- Partitioned cache example configuration (Atomic mode). -->
                 <bean class="org.apache.ignite.configuration.CacheConfiguration">
                     <property name="name" value="msConnectorCache"/>
                     <property name="atomicityMode" value="ATOMIC"/>
                     <property name="backups" value="1"/>
+                    <property name="expiryPolicyFactory" ref="7_minutes_duration"/>
                 </bean>
 
             </list>
@@ -106,4 +111,16 @@
         <property name="searchSystemEnvironment" value="true"/>
     </bean>
 
+    <!--
+        Defines expiry policy based on moment of creation for ignite cache.
+    -->
+    <bean id="7_minutes_duration" class="javax.cache.expiry.CreatedExpiryPolicy" factory-method="factoryOf" scope="prototype">
+        <constructor-arg>
+            <bean class="javax.cache.expiry.Duration">
+                <constructor-arg value="MINUTES"/>
+                <constructor-arg value="7"/>
+            </bean>
+        </constructor-arg>
+    </bean>    
+    
 </beans>
diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml
index eca57a03..36e9877d 100644
--- a/build_reporting/pom.xml
+++ b/build_reporting/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.1.1-SNAPSHOT</version>
+    <version>1.2.0</version>
   </parent>
   <artifactId>build_reporting</artifactId>
   <packaging>pom</packaging>
diff --git a/connector/pom.xml b/connector/pom.xml
index 6516e351..afe9f81c 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.1.1-SNAPSHOT</version>
+    <version>1.2.0</version>
   </parent>
 
   <groupId>at.asitplus.eidas.ms_specific</groupId>
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index f24a2801..c3d28008 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.1.1-SNAPSHOT</version>
+    <version>1.2.0</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific</groupId>
   <artifactId>connector_lib</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 78039e9c..e95175d1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas.ms_specific</groupId>
     <artifactId>modules</artifactId>
-    <version>1.1.1-SNAPSHOT</version>
+    <version>1.2.0</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
   <artifactId>authmodule-eIDAS-v2</artifactId>
diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml
index 701ee39b..4389637d 100644
--- a/eidas_modules/pom.xml
+++ b/eidas_modules/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
     <groupId>at.asitplus.eidas</groupId>
 	  <artifactId>ms_specific</artifactId>
-	  <version>1.1.1-SNAPSHOT</version>
+	  <version>1.2.0</version>
 	</parent>
 	<groupId>at.asitplus.eidas.ms_specific</groupId>
 	<artifactId>modules</artifactId>
diff --git a/infos/Handbuch_MS-eIDAS-Node.docx b/infos/Handbuch_MS-eIDAS-Node.docx
new file mode 100644
index 00000000..7bb5c919
Binary files /dev/null and b/infos/Handbuch_MS-eIDAS-Node.docx differ
diff --git a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf
new file mode 100644
index 00000000..dd79201f
Binary files /dev/null and b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf differ
diff --git a/infos/readme_1.2.0.md b/infos/readme_1.2.0.md
index 5b25d3f9..2b4638cf 100644
--- a/infos/readme_1.2.0.md
+++ b/infos/readme_1.2.0.md
@@ -28,9 +28,10 @@ Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehe
 2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.0-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
 3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
 4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector.
-5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde
-
-   * __MsConnectorPackage__/config/templates/error_message.html
+5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden.
+   - __MsConnectorPackage__/config/templates/error_message.html 
+   - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml  
+     Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5
 6. Erstellung neuer Dateien
    - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll.
 7. Neue Konfigurationsparameter
diff --git a/pom.xml b/pom.xml
index 2b557e9a..e89fb51a 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>at.asitplus.eidas</groupId>
   <artifactId>ms_specific</artifactId>
-  <version>1.1.1-SNAPSHOT</version>
+  <version>1.2.0</version>
   <packaging>pom</packaging>
 
   <name>MS specific eIDAS components</name>
-- 
cgit v1.2.3


From 34d5786b43c8562fe007392d7835a051e063f49f Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 14 May 2021 07:39:52 +0200
Subject: switch to next snapshot version

---
 build_reporting/pom.xml                   | 2 +-
 connector/pom.xml                         | 2 +-
 connector_lib/pom.xml                     | 2 +-
 eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +-
 eidas_modules/pom.xml                     | 2 +-
 pom.xml                                   | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml
index 36e9877d..d604e25f 100644
--- a/build_reporting/pom.xml
+++ b/build_reporting/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.0</version>
+    <version>1.2.1-SNAPSHOT</version>
   </parent>
   <artifactId>build_reporting</artifactId>
   <packaging>pom</packaging>
diff --git a/connector/pom.xml b/connector/pom.xml
index afe9f81c..e39c71d4 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.0</version>
+    <version>1.2.1-SNAPSHOT</version>
   </parent>
 
   <groupId>at.asitplus.eidas.ms_specific</groupId>
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index c3d28008..71ef7e92 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.0</version>
+    <version>1.2.1-SNAPSHOT</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific</groupId>
   <artifactId>connector_lib</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index e95175d1..b850d4f3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas.ms_specific</groupId>
     <artifactId>modules</artifactId>
-    <version>1.2.0</version>
+    <version>1.2.1-SNAPSHOT</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
   <artifactId>authmodule-eIDAS-v2</artifactId>
diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml
index 4389637d..f574e385 100644
--- a/eidas_modules/pom.xml
+++ b/eidas_modules/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
     <groupId>at.asitplus.eidas</groupId>
 	  <artifactId>ms_specific</artifactId>
-	  <version>1.2.0</version>
+	  <version>1.2.1-SNAPSHOT</version>
 	</parent>
 	<groupId>at.asitplus.eidas.ms_specific</groupId>
 	<artifactId>modules</artifactId>
diff --git a/pom.xml b/pom.xml
index e89fb51a..2c934fb0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>at.asitplus.eidas</groupId>
   <artifactId>ms_specific</artifactId>
-  <version>1.2.0</version>
+  <version>1.2.1-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>MS specific eIDAS components</name>
-- 
cgit v1.2.3


From 0b1973c22e8f9e799a57629f4653324395b73664 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Thu, 27 May 2021 17:19:01 +0200
Subject: fix broken language selection in GUI

---
 basicConfig/properties/messages.properties              |  2 ++
 .../connector/config/StaticResourceConfiguration.java   | 17 +++++++++++++++--
 2 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/basicConfig/properties/messages.properties b/basicConfig/properties/messages.properties
index ea604cda..0420d8b9 100644
--- a/basicConfig/properties/messages.properties
+++ b/basicConfig/properties/messages.properties
@@ -80,6 +80,8 @@ gui.countryselection.country.lu=Luxembourg
 gui.countryselection.country.lu.logo.alt=Luxembourg-eID
 gui.countryselection.country.mt=Malta
 gui.countryselection.country.mt.logo.alt=Malta-eID
+gui.countryselection.country.no=Norway
+gui.countryselection.country.no.logo.alt=Norway-eID
 gui.countryselection.country.ro=Romania
 gui.countryselection.country.ro.logo.alt=Romania-eID
 gui.countryselection.country.sk=Slovakia
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
index a1e953f1..b4d58cdd 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
@@ -33,9 +33,9 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.context.support.ReloadableResourceBundleMessageSource;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
 import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.springframework.web.servlet.i18n.CookieLocaleResolver;
 import org.thymeleaf.templateresolver.FileTemplateResolver;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
@@ -50,7 +50,6 @@ import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
  *
  */
 @Configuration
-@EnableWebMvc
 public class StaticResourceConfiguration implements WebMvcConfigurer {
   private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class);
   private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
@@ -159,6 +158,20 @@ public class StaticResourceConfiguration implements WebMvcConfigurer {
 
   }
     
+  /**
+   * Get a i18n resolver based on cookies.
+   *
+   * @return
+   */
+  @Bean
+  public CookieLocaleResolver localeResolver() {
+    final CookieLocaleResolver localeResolver = new CookieLocaleResolver();
+    localeResolver.setCookieName("currentLanguage");
+    localeResolver.setCookieMaxAge(3600);
+    return localeResolver;
+    
+  }
+  
   /**
    * Get a Tyhmeleaf Template-Resolver with external configuration path.
    *
-- 
cgit v1.2.3


From 429f65e3b18a702fc0f4585ee7258378eae88a79 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 28 May 2021 14:30:16 +0200
Subject: switch to next release version

---
 build_reporting/pom.xml                   |  2 +-
 connector/pom.xml                         |  2 +-
 connector_lib/pom.xml                     |  2 +-
 eidas_modules/authmodule-eIDAS-v2/pom.xml |  2 +-
 eidas_modules/pom.xml                     |  2 +-
 infos/readme_1.2.1.md                     | 57 +++++++++++++++++++++++++++++++
 pom.xml                                   |  2 +-
 7 files changed, 63 insertions(+), 6 deletions(-)
 create mode 100644 infos/readme_1.2.1.md

diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml
index d604e25f..7e43a418 100644
--- a/build_reporting/pom.xml
+++ b/build_reporting/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1-SNAPSHOT</version>
+    <version>1.2.1</version>
   </parent>
   <artifactId>build_reporting</artifactId>
   <packaging>pom</packaging>
diff --git a/connector/pom.xml b/connector/pom.xml
index e39c71d4..f31f0a1d 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1-SNAPSHOT</version>
+    <version>1.2.1</version>
   </parent>
 
   <groupId>at.asitplus.eidas.ms_specific</groupId>
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index 71ef7e92..b7a0fa24 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1-SNAPSHOT</version>
+    <version>1.2.1</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific</groupId>
   <artifactId>connector_lib</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index b850d4f3..d00058e1 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas.ms_specific</groupId>
     <artifactId>modules</artifactId>
-    <version>1.2.1-SNAPSHOT</version>
+    <version>1.2.1</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
   <artifactId>authmodule-eIDAS-v2</artifactId>
diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml
index f574e385..a1b6eb26 100644
--- a/eidas_modules/pom.xml
+++ b/eidas_modules/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
     <groupId>at.asitplus.eidas</groupId>
 	  <artifactId>ms_specific</artifactId>
-	  <version>1.2.1-SNAPSHOT</version>
+	  <version>1.2.1</version>
 	</parent>
 	<groupId>at.asitplus.eidas.ms_specific</groupId>
 	<artifactId>modules</artifactId>
diff --git a/infos/readme_1.2.1.md b/infos/readme_1.2.1.md
new file mode 100644
index 00000000..290a12db
--- /dev/null
+++ b/infos/readme_1.2.1.md
@@ -0,0 +1,57 @@
+# MS-Connector v1.2.1 Release vom 28.05.2021
+
+Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen.
+
+### Änderungen in dieser Version
+
+  - Erforderliche Anpassungen zur Integration in den ID Austria
+  - Update auf eIDAS Ref. Impl. 2.5.0 (Implementiert eIDAS Spezifikation 1.2)
+    https://ec.europa.eu/cefdigital/wiki/display/CEFDIGITAL/eIDAS-Node+version+2.5
+  - Codestabilisierung 
+  - Monitoring und HealthChecks Verbesserungen
+  - Akutalisierung von Drittherstellerbibliotheken
+  - Bugfix in Version 1.2.1
+      - Möglichen Fehler in der Sprachauswahl via GUI behoben
+
+
+
+
+### Durchführen eines Updates 
+
+Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.1. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_
+
+### Ausgehend von einer bestehenden Version 1.1.0 
+
+1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
+2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.1-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
+3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
+4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector.
+5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden.
+   - __MsConnectorPackage__/config/templates/error_message.html 
+   - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml  
+     Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5
+6. Erstellung neuer Dateien
+   - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll.
+7. Neue Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.configRootDir```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.type```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.path```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.password```
+     - ```eidas.ms.auth.eIDAS.authblock.key.alias```
+     - ```eidas.ms.auth.eIDAS.authblock.key.password```
+   - *Service-Provider Konfiguration Konfiguration*
+     - ```eidas.ms.sp.x.newEidMode```
+8. Gelöschte Konfigurationsparameter
+
+   - ```authhandler.modules.bindingservice.bpk.target```
+9. Neue optionale Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.logging.level.info.errorcodes```
+   - *eIDAS Node Kommunikation*
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.eid.testidentity.default```
+     - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject```
diff --git a/pom.xml b/pom.xml
index 2c934fb0..81c4e113 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>at.asitplus.eidas</groupId>
   <artifactId>ms_specific</artifactId>
-  <version>1.2.1-SNAPSHOT</version>
+  <version>1.2.1</version>
   <packaging>pom</packaging>
 
   <name>MS specific eIDAS components</name>
-- 
cgit v1.2.3


From 293ad818005f6d0434f2e1140535e9e7b9e5cd25 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 28 May 2021 14:31:51 +0200
Subject: switch to next snapshot version

---
 build_reporting/pom.xml                   | 2 +-
 connector/pom.xml                         | 2 +-
 connector_lib/pom.xml                     | 2 +-
 eidas_modules/authmodule-eIDAS-v2/pom.xml | 2 +-
 eidas_modules/pom.xml                     | 2 +-
 pom.xml                                   | 2 +-
 6 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml
index 7e43a418..0bad67af 100644
--- a/build_reporting/pom.xml
+++ b/build_reporting/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1</version>
+    <version>1.2.2-SNAPSHOT</version>
   </parent>
   <artifactId>build_reporting</artifactId>
   <packaging>pom</packaging>
diff --git a/connector/pom.xml b/connector/pom.xml
index f31f0a1d..66aaf225 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1</version>
+    <version>1.2.2-SNAPSHOT</version>
   </parent>
 
   <groupId>at.asitplus.eidas.ms_specific</groupId>
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index b7a0fa24..f9d39966 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.1</version>
+    <version>1.2.2-SNAPSHOT</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific</groupId>
   <artifactId>connector_lib</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index d00058e1..802ff5f4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas.ms_specific</groupId>
     <artifactId>modules</artifactId>
-    <version>1.2.1</version>
+    <version>1.2.2-SNAPSHOT</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
   <artifactId>authmodule-eIDAS-v2</artifactId>
diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml
index a1b6eb26..057befbb 100644
--- a/eidas_modules/pom.xml
+++ b/eidas_modules/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
     <groupId>at.asitplus.eidas</groupId>
 	  <artifactId>ms_specific</artifactId>
-	  <version>1.2.1</version>
+	  <version>1.2.2-SNAPSHOT</version>
 	</parent>
 	<groupId>at.asitplus.eidas.ms_specific</groupId>
 	<artifactId>modules</artifactId>
diff --git a/pom.xml b/pom.xml
index 81c4e113..d96aefe0 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>at.asitplus.eidas</groupId>
   <artifactId>ms_specific</artifactId>
-  <version>1.2.1</version>
+  <version>1.2.2-SNAPSHOT</version>
   <packaging>pom</packaging>
 
   <name>MS specific eIDAS components</name>
-- 
cgit v1.2.3


From af013acbb41d98b39d5ede56dbd5227858688e33 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 25 Jun 2021 10:26:17 +0200
Subject: fix bug in combination with EidasNode v2.5 and DE Middleware

# Conflicts:
#	connector/src/main/resources/application.properties
---
 .../src/main/resources/application.properties      |   2 +-
 .../specific/modules/auth/eidas/v2/Constants.java  |   2 +
 .../eidas/v2/tasks/GenerateAuthnRequestTask.java   |   3 +-
 .../test/tasks/GenerateAuthnRequestTaskTest.java   |  15 ++++--
 infos/Handbuch_MS-eIDAS-Node.docx                  | Bin 64139 -> 58160 bytes
 infos/handbook-work_in_progress.docx               | Bin 44928 -> 0 bytes
 infos/handbook/Handbuch_MS-eIDAS-Node.pdf          | Bin 871397 -> 162244 bytes
 infos/readme_1.2.2.md                              |  60 +++++++++++++++++++++
 8 files changed, 76 insertions(+), 6 deletions(-)
 delete mode 100644 infos/handbook-work_in_progress.docx
 create mode 100644 infos/readme_1.2.2.md

diff --git a/connector/src/main/resources/application.properties b/connector/src/main/resources/application.properties
index 2411fde3..73a83c13 100644
--- a/connector/src/main/resources/application.properties
+++ b/connector/src/main/resources/application.properties
@@ -69,7 +69,7 @@ eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll=true
 eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
 
 
-
+#eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat=
 eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
 
 #eidas.ms.auth.eIDAS.szrclient.useTestService=true
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index d13dd00f..1732a61a 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -69,6 +69,8 @@ public class Constants {
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =
       CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
   
+  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = 
+      CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat";
   
   public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE
       + ".staticProviderNameForPublicSPs";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
index 92f58877..9900fa98 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
@@ -106,7 +106,8 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
       authnRequestBuilder.id(UUID.randomUUID().toString());
 
       // set nameIDFormat
-      authnRequestBuilder.nameIdFormat(Constants.eIDAS_REQ_NAMEID_FORMAT);
+      authnRequestBuilder.nameIdFormat(
+          authConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT));
 
       // set citizen country code for foreign uses
       authnRequestBuilder.citizenCountryCode(citizenCountryCode);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
index f796bd86..4edfe32d 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -1,5 +1,7 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
 
+import static org.junit.Assert.assertNull;
+
 import java.io.UnsupportedEncodingException;
 import java.util.HashMap;
 import java.util.Map;
@@ -91,7 +93,8 @@ public class GenerateAuthnRequestTaskTest {
         "http://test/" + RandomStringUtils.randomAlphabetic(5));  
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
-        
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat");    
+    
   }
   
   @Test
@@ -313,9 +316,8 @@ public class GenerateAuthnRequestTaskTest {
     Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
     Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
     Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
-    Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());
-    Assert.assertEquals("NameIdFormat", Constants.eIDAS_REQ_NAMEID_FORMAT, eidasReq.getNameIdFormat());
-    
+    Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());    
+    assertNull("NameIdPolicy not null", eidasReq.getNameIdFormat());
     
   }
 
@@ -337,6 +339,10 @@ public class GenerateAuthnRequestTaskTest {
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
             
+    String nameIdFormat = RandomStringUtils.randomAlphabetic(10);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat", nameIdFormat);
+    
     String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
     basicConfig.putConfigValue(
         "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
@@ -363,6 +369,7 @@ public class GenerateAuthnRequestTaskTest {
         eidasReq.getLevelOfAssurance());
     
     Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    Assert.assertEquals("NameIdFormat", nameIdFormat, eidasReq.getNameIdFormat());
     
   }
   
diff --git a/infos/Handbuch_MS-eIDAS-Node.docx b/infos/Handbuch_MS-eIDAS-Node.docx
index 7bb5c919..aacb3828 100644
Binary files a/infos/Handbuch_MS-eIDAS-Node.docx and b/infos/Handbuch_MS-eIDAS-Node.docx differ
diff --git a/infos/handbook-work_in_progress.docx b/infos/handbook-work_in_progress.docx
deleted file mode 100644
index 3f2c6afd..00000000
Binary files a/infos/handbook-work_in_progress.docx and /dev/null differ
diff --git a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf
index dd79201f..1d4195bb 100644
Binary files a/infos/handbook/Handbuch_MS-eIDAS-Node.pdf and b/infos/handbook/Handbuch_MS-eIDAS-Node.pdf differ
diff --git a/infos/readme_1.2.2.md b/infos/readme_1.2.2.md
new file mode 100644
index 00000000..6e7abdd0
--- /dev/null
+++ b/infos/readme_1.2.2.md
@@ -0,0 +1,60 @@
+# MS-Connector v1.2.2 Release vom 26.06.2021
+
+Der MS-Connector implementiert eine Bridge zwischen dem österreichischen E-ID System und dem eIDAS Framework um ausländischen Benutzern eine Anmeldung am österreichischen Service-Providern zu ermöglichen.
+
+### Änderungen in dieser Version
+
+  - Bugfix
+      - Inkompatibilität zwischen AT MS-Connector, EidasNode v2.5 und Deutscher Middleware behoben
+
+
+
+
+### Durchführen eines Updates 
+
+Nachfolgend finden Sie die erforderlichen Schritte für das Update eines bestehenden MS-specific eIDAS Connectors auf die aktuelle Version 1.2.2. Das vollständige Handbuch mit allen Konfigurationsparametern finden Sie im Releasepackage im Verzeichnis: _infos/handbook/_
+
+### Ausgehend von einer bestehenden Version 1.2.x 
+
+1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
+2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
+3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
+4. Neue optionale Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat```
+
+### Ausgehend von einer bestehenden Version 1.1.0 
+
+1. Stoppen Sie die *MS-Connector* Applikation und fertigen Sie eine Sicherungskopie Ihrer Applikation inklusive Konfiguration an
+2. Entpacken Sie das Releasepacket *ms_specific_connector-1.2.2-dist.zip* in ein temporäres Verzeichnis welches in weiterer Folge __MsConnectorPackage__ bezeichnet wird.
+3. Kopieren sie die Applikation __MsConnectorPackage__/ms_connector.war nach in das Applikationsverzeichnis ihres Applikationsservers
+4. Mit der Version 1.2.0 wurde die Konfiguration eine eine Minimalkonfiguration [`default_config.properties`](./../config/default_config.properties)  und eine in den MS-Connectorintegrierte Defaultkonfiguration aufgteilt. Die nachfolgende Aufzählung umfasst die neuen oder geänderten Konfigurationsparameter, beschreibt jedoch keine Aufteilung einer bestehenden Konfiguration in Minimal- und Defaultteil. Eine vollständige Beschreibung aller Konfigurationswerte finden Sie im Handbuch zum AT MS-Connector.
+5. Update bestehender Dateien . Die nachfolgenden Dateien wurden geändert und erfordern eine Anpassung oder eine Übernahme dem Releasepacket, sofern die Anpassung nicht bereits durchgeführt wurde. Sofern die entsprechenden Datein an die bestehende Infrastruktur angepasst wurden so müssen diese Änderungen übernommen werden.
+   - __MsConnectorPackage__/config/templates/error_message.html 
+   - __MsConnectorPackage__/config/eIDAS/igniteSpecificCommunication.xml  
+     Hinweis: Siehe auch Update-Hinweise zur EIDAS-Node v2.5
+6. Erstellung neuer Dateien
+   - _KeyStore für ID Austria AuthBlock:_ Erstellen eines KeyStore mit mit öffentlichem und privaten Schlüssel welcher für die JWS Signature des technischen ID Austria AuthBlocks verwendet werden soll.
+7. Neue Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.configRootDir```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.type```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.path```
+     - ```eidas.ms.auth.eIDAS.authblock.keystore.password```
+     - ```eidas.ms.auth.eIDAS.authblock.key.alias```
+     - ```eidas.ms.auth.eIDAS.authblock.key.password```
+   - *Service-Provider Konfiguration Konfiguration*
+     - ```eidas.ms.sp.x.newEidMode```
+8. Gelöschte Konfigurationsparameter
+
+   - ```authhandler.modules.bindingservice.bpk.target```
+9. Neue optionale Konfigurationsparameter
+   - *Allgemeine Konfiguration*
+     - ```eidas.ms.core.logging.level.info.errorcodes```
+   - *eIDAS Node Kommunikation*
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm```
+     * ```eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll```
+   - *ID Austria Umsetzung*
+     - ```eidas.ms.auth.eIDAS.eid.testidentity.default```
+     - ```eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject```
-- 
cgit v1.2.3


From e0a9aad4a321bae3b9c9afe7ea178d93b258749a Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 25 Jun 2021 10:27:36 +0200
Subject: switch to next release version

# Conflicts:
#	eidas_modules/authmodule_id-austria/pom.xml
#	eidas_modules/eidas_proxy-sevice/pom.xml
---
 build_reporting/pom.xml                     |   2 +-
 connector/pom.xml                           |   2 +-
 connector_lib/pom.xml                       |   2 +-
 eidas_modules/authmodule-eIDAS-v2/pom.xml   |   2 +-
 eidas_modules/authmodule_id-austria/pom.xml | 174 ++++++++++++++++++++++++++
 eidas_modules/eidas_proxy-sevice/pom.xml    | 185 ++++++++++++++++++++++++++++
 eidas_modules/pom.xml                       |   2 +-
 pom.xml                                     |   2 +-
 8 files changed, 365 insertions(+), 6 deletions(-)
 create mode 100644 eidas_modules/authmodule_id-austria/pom.xml
 create mode 100644 eidas_modules/eidas_proxy-sevice/pom.xml

diff --git a/build_reporting/pom.xml b/build_reporting/pom.xml
index 0bad67af..c4bf9f83 100644
--- a/build_reporting/pom.xml
+++ b/build_reporting/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.2-SNAPSHOT</version>
+    <version>1.2.2</version>
   </parent>
   <artifactId>build_reporting</artifactId>
   <packaging>pom</packaging>
diff --git a/connector/pom.xml b/connector/pom.xml
index 66aaf225..54c86546 100644
--- a/connector/pom.xml
+++ b/connector/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.2-SNAPSHOT</version>
+    <version>1.2.2</version>
   </parent>
 
   <groupId>at.asitplus.eidas.ms_specific</groupId>
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index f9d39966..0c44be76 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -7,7 +7,7 @@
   <parent>
     <groupId>at.asitplus.eidas</groupId>
     <artifactId>ms_specific</artifactId>
-    <version>1.2.2-SNAPSHOT</version>
+    <version>1.2.2</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific</groupId>
   <artifactId>connector_lib</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 802ff5f4..e0cbb807 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -6,7 +6,7 @@
   <parent>
     <groupId>at.asitplus.eidas.ms_specific</groupId>
     <artifactId>modules</artifactId>
-    <version>1.2.2-SNAPSHOT</version>
+    <version>1.2.2</version>
   </parent>
   <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
   <artifactId>authmodule-eIDAS-v2</artifactId>
diff --git a/eidas_modules/authmodule_id-austria/pom.xml b/eidas_modules/authmodule_id-austria/pom.xml
new file mode 100644
index 00000000..3585fcea
--- /dev/null
+++ b/eidas_modules/authmodule_id-austria/pom.xml
@@ -0,0 +1,174 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>at.asitplus.eidas.ms_specific</groupId>
+    <artifactId>modules</artifactId>
+    <version>1.2.2</version>
+  </parent>
+  <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+  <artifactId>authmodule_id-austria</artifactId>
+  <name>ID-Austria authentication</name>
+  <description>User authentication forwarding user to ID Austria system</description>
+  
+  <dependencies>
+    <dependency>
+      <groupId>at.gv.egiz.components</groupId>
+      <artifactId>egiz-spring-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>connector_lib</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+      <artifactId>eidas_proxy-sevice</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+    </dependency>    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_module_pvp2_sp</artifactId>
+    </dependency>
+        
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-lang3</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-text</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>javax.servlet-api</artifactId>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- Testing -->
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-test</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-module-junit4</artifactId>
+      <version>2.0.7</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-api-mockito2</artifactId>
+      <version>2.0.7</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>com.squareup.okhttp3</groupId>
+      <artifactId>mockwebserver</artifactId>
+      <scope>test</scope>
+    </dependency>  
+    
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>connector_lib</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_core_utils</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_module_pvp2_core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_module_pvp2_idp</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>    
+  </dependencies>
+  
+<build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+      </resource>
+    </resources>
+
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+      </plugin>
+      
+      <plugin>
+        <groupId>com.github.spotbugs</groupId>
+        <artifactId>spotbugs-maven-plugin</artifactId>
+        <version>${spotbugs-maven-plugin.version}</version>
+        <configuration>
+          <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>post-unit-check</id>
+            <phase>test</phase>
+            <goals>
+              <goal>check</goal>
+              <goal>report</goal>
+            </goals>
+            <configuration>
+              <haltOnFailure>true</haltOnFailure>                         
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- enable co-existence of testng and junit -->
+      <plugin>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <threadCount>1</threadCount>
+        </configuration>
+        <dependencies>
+          <dependency>
+            <groupId>org.apache.maven.surefire</groupId>
+            <artifactId>surefire-junit47</artifactId>
+            <version>${surefire.version}</version>
+          </dependency>
+        </dependencies>
+      </plugin>
+    </plugins>
+  </build>  
+  
+  
+</project>
\ No newline at end of file
diff --git a/eidas_modules/eidas_proxy-sevice/pom.xml b/eidas_modules/eidas_proxy-sevice/pom.xml
new file mode 100644
index 00000000..6b280c64
--- /dev/null
+++ b/eidas_modules/eidas_proxy-sevice/pom.xml
@@ -0,0 +1,185 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>at.asitplus.eidas.ms_specific</groupId>
+    <artifactId>modules</artifactId>
+    <version>1.2.2</version>
+  </parent>
+  <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+  <artifactId>eidas_proxy-sevice</artifactId>
+  <name>eIDAS specific proxy-service</name>
+  <description>Austrian specific eIDAS Proxy-Service to handle eIDAS Proxy-Service requests from other member states</description>
+  
+  <repositories>
+    <repository>
+      <id>eIDASNode-local</id>
+      <name>local</name>
+      <url>file:${basedir}/../../repository</url>
+    </repository>
+  </repositories>
+  
+  <dependencies>
+    <dependency>
+      <groupId>at.gv.egiz.components</groupId>
+      <artifactId>egiz-spring-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>connector_lib</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+      <artifactId>authmodule-eIDAS-v2</artifactId>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+    </dependency>    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_module_pvp2_sp</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-light-commons</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-specific-communication-definition</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+    </dependency>
+        
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-lang3</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-text</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>javax.servlet-api</artifactId>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- Testing -->
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-test</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-module-junit4</artifactId>
+      <version>2.0.7</version>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-api-mockito2</artifactId>
+      <version>2.0.7</version>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>connector_lib</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+      <artifactId>authmodule-eIDAS-v2</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>      
+    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_core_utils</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    
+  </dependencies>
+  
+<build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+      </resource>
+    </resources>
+
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+      </plugin>
+      
+      <plugin>
+        <groupId>com.github.spotbugs</groupId>
+        <artifactId>spotbugs-maven-plugin</artifactId>
+        <version>${spotbugs-maven-plugin.version}</version>
+        <configuration>
+          <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>post-unit-check</id>
+            <phase>test</phase>
+            <goals>
+              <goal>check</goal>
+              <goal>report</goal>
+            </goals>
+            <configuration>
+              <haltOnFailure>true</haltOnFailure>                         
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- enable co-existence of testng and junit -->
+      <plugin>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <threadCount>1</threadCount>
+        </configuration>
+        <dependencies>
+          <dependency>
+            <groupId>org.apache.maven.surefire</groupId>
+            <artifactId>surefire-junit47</artifactId>
+            <version>${surefire.version}</version>
+          </dependency>
+        </dependencies>
+      </plugin>
+    </plugins>
+  </build>    
+  
+</project>
\ No newline at end of file
diff --git a/eidas_modules/pom.xml b/eidas_modules/pom.xml
index 057befbb..8f6017ff 100644
--- a/eidas_modules/pom.xml
+++ b/eidas_modules/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
     <groupId>at.asitplus.eidas</groupId>
 	  <artifactId>ms_specific</artifactId>
-	  <version>1.2.2-SNAPSHOT</version>
+	  <version>1.2.2</version>
 	</parent>
 	<groupId>at.asitplus.eidas.ms_specific</groupId>
 	<artifactId>modules</artifactId>
diff --git a/pom.xml b/pom.xml
index d96aefe0..5863ee58 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
   <modelVersion>4.0.0</modelVersion>
   <groupId>at.asitplus.eidas</groupId>
   <artifactId>ms_specific</artifactId>
-  <version>1.2.2-SNAPSHOT</version>
+  <version>1.2.2</version>
   <packaging>pom</packaging>
 
   <name>MS specific eIDAS components</name>
-- 
cgit v1.2.3