From 9bb8ba415faee8bd454da6def37daf545bb559e1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 26 Jan 2021 07:40:01 +0100
Subject: update SAML2 IDP elements of MS-specific Connector to current
 snapshot version (1.1.12-SNAPSHOT) of eaaf_module_pvp2_idp

---
 .../test/resources/spring/SpringTest_connector.beans.xml  | 15 +++++++--------
 1 file changed, 7 insertions(+), 8 deletions(-)

(limited to 'connector/src/test/resources/spring')

diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ba385cb9..5819a915 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -38,16 +38,16 @@
 
   <bean id="PVP2XProtocol"
     class="at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint">
-    <property name="pvpIdpCredentials">
-      <ref bean="PVPEndPointCredentialProvider" />
-    </property>
+    <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
+    <property name="metadataProvider" ref="PVPMetadataProvider" />
   </bean>
 
   <bean id="AuthnRequestValidator"
     class="at.asitplus.eidas.specific.connector.verification.AuthnRequestValidator" />
 
-  <bean id="SAMLVerificationEngine"
-    class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" />
+  <!-- bean id="SAMLVerificationEngine"
+        class="at.gv.egiz.eaaf.modules.pvp2.impl.verification.SamlVerificationEngine" /-->
+
 
   <bean id="pvpMetadataService"
     class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.MetadataAction">
@@ -58,9 +58,8 @@
 
   <bean id="PVPAuthenticationRequestAction"
     class="at.gv.egiz.eaaf.modules.pvp2.idp.impl.AuthenticationAction">
-    <property name="pvpIdpCredentials">
-      <ref bean="PVPEndPointCredentialProvider" />
-    </property>
+    <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
+    <property name="metadataProvider" ref="PVPMetadataProvider" />
   </bean>
 
   <bean id="eaafProtocolAuthenticationService"
-- 
cgit v1.2.3


From 6e1a69773284177a0f6c7233c4bcdf7f4bd96681 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 15 Jun 2021 18:15:19 +0200
Subject: further optimizations and bug fixing in matching code

---
 .../connector/provider/StatusMessageProvider.java  |   8 +-
 .../resources/specific_eIDAS_connector.beans.xml   |   3 +
 .../connector/test/FullStartUpAndProcessTest.java  |   7 +
 .../ProcessEngineSignalControllerTest.java         |   2 +-
 .../test/utils/AuthenticationDataBuilderTest.java  |   4 +-
 .../spring/SpringTest_connector.beans.xml          |   3 +
 .../specific/modules/auth/eidas/v2/Constants.java  |  10 +-
 .../auth/eidas/v2/clients/szr/SzrClient.java       | 157 ++++++--
 .../auth/eidas/v2/clients/zmr/IZmrClient.java      |   5 +-
 .../auth/eidas/v2/clients/zmr/ZmrSoapClient.java   |  15 +-
 .../auth/eidas/v2/dao/MatchedPersonResult.java     |  41 +++
 .../modules/auth/eidas/v2/dao/RegisterResult.java  |   2 +-
 .../modules/auth/eidas/v2/dao/SimpleEidasData.java |  17 +-
 .../handler/DeSpecificDetailSearchProcessor.java   |  20 +-
 .../eidas/v2/service/RegisterSearchService.java    |  19 +-
 .../eidas/v2/tasks/CreateIdentityLinkTask.java     | 165 +++------
 .../eidas/v2/tasks/CreateNewErnpEntryTask.java     |  39 +-
 .../auth/eidas/v2/tasks/InitialSearchTask.java     |  33 +-
 .../ReceiveAustrianResidenceGuiResponseTask.java   |  12 +-
 .../ReceiveMobilePhoneSignatureResponseTask.java   |  12 +-
 .../ReceiveOtherLoginMethodGuiResponseTask.java    |   2 +-
 .../auth/eidas/v2/utils/MatchingTaskUtils.java     |  45 ++-
 .../modules/auth/eidas/v2/zmr/DummyZmrClient.java  |   3 +-
 .../modules/auth/eidas/v2/test/dummy/DummyOA.java  |  18 +-
 .../DeSpecificDetailSearchProcessorTest.java       | 105 ++++++
 .../ItSpecificDetailSearchProcessorTes.java        |  84 +++++
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    | 165 ++++++++-
 .../v2/test/tasks/CreateIdentityLinkTaskTest.java  | 138 ++++++-
 .../eidas/v2/test/tasks/InitialSearchTaskTest.java | 409 ++++++++++++++-------
 ...eceiveAustrianResidenceGuiResponseTaskTest.java |   8 +-
 ...eceiveMobilePhoneSignatureResponseTaskTest.java |   4 +-
 pom.xml                                            |   2 +-
 32 files changed, 1150 insertions(+), 407 deletions(-)
 create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
 create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
 create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java

(limited to 'connector/src/test/resources/spring')

diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
index 073f7513..55ce044d 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/provider/StatusMessageProvider.java
@@ -92,14 +92,12 @@ public class StatusMessageProvider implements IStatusMessenger {
 
   @Override
   public String getResponseErrorCode(Throwable throwable) {
-    String errorCode = IStatusMessenger.CODES_EXTERNAL_ERROR_GENERIC;
     if (throwable instanceof EaafException) {
-      errorCode = mapInternalErrorToExternalError(((EaafException) throwable).getErrorId());
-      
+      return ((EaafException) throwable).getErrorId();
+
     }
-    // TODO: maybe more internal switches are required
 
-    return errorCode;
+    return IStatusMessenger.CODES_INTERNAL_ERROR_GENERIC;
 
   }
 
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index c59496b4..4608086e 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -24,6 +24,9 @@
     <property name="pvpIdpCredentials" ref="PVPEndPointCredentialProvider" />
   </bean>
 
+  <bean id="defaultErrorTicketService"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+        
   <bean id="eidasNodeMetadata"
         class="at.asitplus.eidas.specific.connector.health.EidasNodeMetadataHealthIndicator" />
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
index b4f39985..61312c3e 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/FullStartUpAndProcessTest.java
@@ -57,6 +57,7 @@ import at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalContro
 import at.asitplus.eidas.specific.connector.controller.Pvp2SProfileEndpoint;
 import at.asitplus.eidas.specific.connector.provider.PvpEndPointCredentialProvider;
 import at.asitplus.eidas.specific.connector.provider.PvpMetadataProvider;
+import at.asitplus.eidas.specific.connector.provider.StatusMessageProvider;
 import at.asitplus.eidas.specific.connector.test.saml2.Pvp2SProfileEndPointTest;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
@@ -74,9 +75,11 @@ import at.gv.bmi.namespace.zmr_su.zmr._20040201.Personendaten;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonensuchergebnisType;
 import at.gv.e_government.reference.namespace.persondata.de._20040201.IdentificationType;
 import at.gv.egiz.components.spring.api.SpringBootApplicationContextInitializer;
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.ProtocolFinalizationController;
+import at.gv.egiz.eaaf.core.impl.logging.LogMessageProviderFactory;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
@@ -125,6 +128,8 @@ public class FullStartUpAndProcessTest {
   @Autowired private EidasSignalServlet eidasSignal;
   @Autowired private ProtocolFinalizationController finalize;
 
+  @Autowired private IStatusMessenger messager;
+  
   @Rule
   public final SoapServiceRule soap = SoapServiceRule.newInstance();
 
@@ -199,6 +204,8 @@ public class FullStartUpAndProcessTest {
       }
     }
 
+    LogMessageProviderFactory.setStatusMessager(messager);
+    
     szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
     zmrClient = soap.mock(ServicePort.class,  "http://localhost:1234/demozmr");
 
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
index 546d2824..5b612036 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/controller/ProcessEngineSignalControllerTest.java
@@ -69,7 +69,7 @@ public class ProcessEngineSignalControllerTest {
     Assert.assertEquals("http StatusCode", 302, httpResp.getStatus());
     Assert.assertNotNull("redirect header", httpResp.getHeaderValue("Location"));
     Assert.assertTrue("wrong redirect header", 
-        httpResp.getHeader("Location").startsWith("http://localhost//public/secure/errorHandling?errorid="));
+        httpResp.getHeader("Location").startsWith("http://localhost/public/secure/errorHandling?errorid="));
   
   }
   
diff --git a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
index 5f1c5dcf..f4b8e57c 100644
--- a/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
+++ b/connector/src/test/java/at/asitplus/eidas/specific/connector/test/utils/AuthenticationDataBuilderTest.java
@@ -42,7 +42,7 @@ import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
 import at.gv.egiz.eaaf.core.exceptions.EaafBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
@@ -185,7 +185,7 @@ public class AuthenticationDataBuilderTest {
     
     Assert.assertEquals("FamilyName", idl.getFamilyName(), authData.getFamilyName());
     Assert.assertEquals("GivenName", idl.getGivenName(), authData.getGivenName());
-    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getFormatedDateOfBirth());
+    Assert.assertEquals("DateOfBirth", idl.getDateOfBirth(), authData.getDateOfBirth());
     Assert.assertEquals("bPK", 
         BpkBuilder.generateAreaSpecificPersonIdentifier(
             idl.getIdentificationValue(), EaafConstants.URN_PREFIX_CDID + "XX").getFirst(), 
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index 5819a915..ac5455d3 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -15,6 +15,9 @@
   <mvc:annotation-driven />
   <mvc:default-servlet-handler />
 
+  <bean id="defaultErrorTicketService"
+        class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
+
   <bean id="WebResourceConfiguration"
     class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 3e20a132..48c114a8 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -49,14 +49,14 @@ public class Constants {
   public static final String DATA_SIMPLE_EIDAS = "matching_simple_eidas_data";
 
   /**
-   * Stored after Step 2 from Matching Concept, first results from search with Person Identifier.
+   * Stored intermediate mathing results where matching is still on-going.
    */
-  public static final String DATA_INITIAL_REGISTER_RESULT = "matching_initial_register_result";
+  public static final String DATA_INTERMEDIATE_RESULT = "matching_intermediate_result";
 
   /**
    * Stored after Step 8 from Matching Concept, results from search in registers with MDS.
    */
-  public static final String DATA_FURTHER_REGISTER_RESULT = "matching_further_register_result";
+  public static final String DATA_PERSON_MATCH_RESULT = "matching_result";
 
   // templates for post-binding forwarding
   public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
@@ -224,6 +224,10 @@ public class Constants {
   
   public static final String eIDAS_ATTRURN_PERSONALIDENTIFIER = 
       eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PERSONALIDENTIFIER;
+  public static final String eIDAS_ATTRURN_PLACEOFBIRTH = 
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PLACEOFBIRTH;
+  public static final String eIDAS_ATTRURN_BIRTHNAME = 
+      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_BIRTHNAME;
   
   
   public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public";
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
index 2230f30a..397cbe46 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/szr/SzrClient.java
@@ -60,11 +60,14 @@ import com.fasterxml.jackson.databind.ObjectMapper;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.AbstractSoapClient.HttpClientConfig.HttpClientConfigBuilder;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
 import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.IdentificationType;
 import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
 import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
 import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
@@ -122,55 +125,38 @@ public class SzrClient extends AbstractSoapClient {
       final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
       getIdl.setPersonInfo(generateSzrRequest(eidData));
 
-      final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
-      final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+      return getIdentityLinkGeneric(getIdl);
 
-      final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
-      jaxbMarshaller.marshal(getIdl, outputStream);
-      outputStream.flush();
-
-      final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
-      outputStream.close();
-
-      log.trace("Requesting SZR ... ");
-      final Source response = dispatch.invoke(source);
-      log.trace("Receive RAW response from SZR");
-
-      final byte[] szrResponse = sourceToByteArray(response);
-      final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
-          .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
-
-      // build response
-      log.trace(new String(szrResponse, StandardCharsets.UTF_8));
-
-      // ok, we have success
-      final Document doc = DomUtils.parseDocument(
-          new ByteArrayInputStream(szrResponse),
-          true,
-          XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
-          null, null);
-      final String xpathExpression = "//saml:Assertion";
-      final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+    } catch (final Exception e) {
+      log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
 
-      log.trace("Selecting signed doc " + xpathExpression);
-      final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
-          xpathExpression, nsNode);
-      log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+    }
+  }
 
-      final IdentityLinkType idl = new IdentityLinkType();
-      idl.setAssertion(documentNode);
-      idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+  /**
+   * Get IdentityLink of a person.
+   *
+   *
+   * @param matchedPersonData eID information of an already matched person.
+   * @return IdentityLink
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public IdentityLinkType getIdentityLinkInRawMode(MatchedPersonResult matchedPersonData) 
+      throws SzrCommunicationException {
+    try {
+      final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
+      getIdl.setPersonInfo(generateSzrRequest(matchedPersonData));
 
-      return idl;
+      return getIdentityLinkGeneric(getIdl);
 
     } catch (final Exception e) {
       log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
       throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
 
     }
-
   }
-
+    
   /**
    * Get bPK of person.
    *
@@ -247,7 +233,33 @@ public class SzrClient extends AbstractSoapClient {
     return resp;
 
   }
+  
+  /**
+   * Request a encrypted baseId from SZR.
+   * 
+   * @param matchedPersonData eID information of an already matched person.
+   * @return encrypted baseId
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public String getEncryptedStammzahl(MatchedPersonResult matchedPersonData) throws SzrCommunicationException {
+    final String resp;
+    try {
+      resp = this.szr.getStammzahlEncrypted(generateSzrRequest(matchedPersonData), false);
+      
+    } catch (SZRException_Exception e) {
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+      
+    }
+
+    if (StringUtils.isEmpty(resp)) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
+      
+    }
 
+    return resp;
+    
+  }
+  
   /**
    * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status.
    *
@@ -300,8 +312,29 @@ public class SzrClient extends AbstractSoapClient {
     }
   }
 
+  private PersonInfoType generateSzrRequest(MatchedPersonResult matchedPersonData) {
+    log.trace("Starting connecting SZR Gateway");
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    IdentificationType bpk = new IdentificationType();
+    
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    naturalPerson.setIdentification(bpk);
+    
+    // person information
+    personName.setFamilyName(matchedPersonData.getFamilyName());
+    personName.setGivenName(matchedPersonData.getGivenName());
+    naturalPerson.setDateOfBirth(matchedPersonData.getDateOfBirth());
+    bpk.setValue(matchedPersonData.getBpk());
+    bpk.setType(EaafConstants.URN_PREFIX_CDID + "ZP");    
+    
+    return personInfo;
+  }
+  
   private PersonInfoType generateSzrRequest(SimpleEidasData eidData) {
-    log.debug("Starting connecting SZR Gateway");
+    log.trace("Starting connecting SZR Gateway");
     final PersonInfoType personInfo = new PersonInfoType();
     final PersonNameType personName = new PersonNameType();
     final PhysicalPersonType naturalPerson = new PhysicalPersonType();
@@ -315,6 +348,8 @@ public class SzrClient extends AbstractSoapClient {
     personName.setFamilyName(eidData.getFamilyName());
     personName.setGivenName(eidData.getGivenName());
     naturalPerson.setDateOfBirth(eidData.getDateOfBirth());
+    
+    //TODO: need to be updated to new eIDAS document interface!!!!
     eDocument.setIssuingCountry(eidData.getCitizenCountryCode());
     eDocument.setDocumentNumber(eidData.getPseudonym());
 
@@ -351,6 +386,50 @@ public class SzrClient extends AbstractSoapClient {
     return personInfo;
   }
 
+  private IdentityLinkType getIdentityLinkGeneric(GetIdentityLinkEidas getIdl) throws Exception {
+    final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
+    final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+
+    final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+    jaxbMarshaller.marshal(getIdl, outputStream);
+    outputStream.flush();
+
+    final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
+    outputStream.close();
+
+    log.trace("Requesting SZR ... ");
+    final Source response = dispatch.invoke(source);
+    log.trace("Receive RAW response from SZR");
+
+    final byte[] szrResponse = sourceToByteArray(response);
+    final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
+        .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
+
+    // build response
+    log.trace(new String(szrResponse, StandardCharsets.UTF_8));
+
+    // ok, we have success
+    final Document doc = DomUtils.parseDocument(
+        new ByteArrayInputStream(szrResponse),
+        true,
+        XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
+        null, null);
+    final String xpathExpression = "//saml:Assertion";
+    final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+
+    log.trace("Selecting signed doc " + xpathExpression);
+    final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
+        xpathExpression, nsNode);
+    log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+
+    final IdentityLinkType idl = new IdentityLinkType();
+    idl.setAssertion(documentNode);
+    idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+
+    return idl;
+    
+  }
+  
   @PostConstruct
   private void initialize() throws EaafConfigurationException {
     log.info("Starting SZR-Client initialization .... ");
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
index 18bcbacc..e98573d4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/IZmrClient.java
@@ -41,12 +41,13 @@ public interface IZmrClient {
    * 
    * @param zmrProzessId ProcessId from ZMR or <code>null</code> if no processId exists
    * @param personIdentifier Full eIDAS personal identifier with prefix
+   * @param citizenCountryCode CountryCode of the eIDAS proxy-service
    * @return Search result but never <code>null</code>
    * @throws EidasSAuthenticationException In case of a communication error 
    */
   @Nonnull
-  ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier) 
-      throws EidasSAuthenticationException;
+  ZmrRegisterResult searchWithPersonIdentifier(@Nullable BigInteger zmrProzessId, @Nonnull String personIdentifier, 
+      @Nonnull String citizenCountryCode) throws EidasSAuthenticationException;
 
   /**
    * Search person based on eIDSA MDS information.
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
index 014d202b..60e88dca 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
@@ -24,7 +24,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.VersionHolder;
 import at.gv.bmi.namespace.zmr_su.base._20040201.ClientInfoType;
 import at.gv.bmi.namespace.zmr_su.base._20040201.Organisation;
@@ -100,8 +99,8 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
   }
   
   @Override
-  public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier)
-      throws EidasSAuthenticationException {
+  public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personPseudonym,
+      String citizenCountryCode) throws EidasSAuthenticationException {
 
     try {
       // build search request
@@ -113,7 +112,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
       final EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
       searchPersonReq.setEidasSuchdaten(eidasInfos);
       eidasInfos.setEidasArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
-      eidasInfos.setEidasNummer(personIdentifier);
+      eidasInfos.setEidasNummer(personPseudonym);
 
       // set work-flow client information
       req.setWorkflowInfoClient(generateWorkFlowInfos(PROCESS_SEARCH_PERSONAL_IDENTIFIER, null));
@@ -127,9 +126,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
       final ResponseType resp = zmrClient.service(req, null);
 
       // parse ZMR response
-      return processZmrResponse(resp, EidasResponseUtils.parseEidasPersonalIdentifier(personIdentifier)
-          .getFirst(),
-          true, PROCESS_SEARCH_PERSONAL_IDENTIFIER);
+      return processZmrResponse(resp, citizenCountryCode, true, PROCESS_SEARCH_PERSONAL_IDENTIFIER);
 
     } catch (final ServiceFault e) {
       final String errorMsg = extractReasonFromError(e);
@@ -496,9 +493,9 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
         .dateOfBirth(person.getNatuerlichePerson().getGeburtsdatum())
         .bpk(extractBpkZp(person.getNatuerlichePerson()))
         .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
+            Constants.eIDAS_ATTRURN_PLACEOFBIRTH))
         .birthName(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))        
+            Constants.eIDAS_ATTRURN_BIRTHNAME))        
         .build();
 
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
new file mode 100644
index 00000000..1e8fcecf
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/MatchedPersonResult.java
@@ -0,0 +1,41 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+
+import lombok.Builder;
+import lombok.Getter;
+
+/**
+ * Information about a natural person that is already matched.
+ * 
+ * @author tlenz
+ *
+ */
+@Getter
+@Builder
+public class MatchedPersonResult {
+
+  /**
+   * Matched person result from matching result.
+   * 
+   * @param matchingResult Result of the matching process
+   * @param citizenCountryCode Country-Code of the eIDAS Proxy-Service 
+   */
+  public static MatchedPersonResult generateFormMatchingResult(RegisterResult matchingResult, 
+      String citizenCountryCode) {
+    return MatchedPersonResult.builder()
+        .familyName(matchingResult.getFamilyName())
+        .givenName(matchingResult.getGivenName())
+        .dateOfBirth(matchingResult.getDateOfBirth())
+        .bpk(matchingResult.getBpk())
+        .countryCode(citizenCountryCode)
+        .build();                
+  }
+    
+  private final String countryCode;
+  private final String givenName;
+  private final String familyName;
+  private final String dateOfBirth;
+  private final String bpk;
+  
+  private String vsz;
+  
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
index 4959d72f..aa82d806 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/RegisterResult.java
@@ -32,7 +32,7 @@ import lombok.Getter;
 @Builder
 @Getter
 public class RegisterResult {
-
+    
   // MDS
   private final List<String> pseudonym;
   private final String givenName;
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
index ab84a45f..cedf01e3 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/SimpleEidasData.java
@@ -26,7 +26,6 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
 import org.apache.commons.lang3.builder.EqualsBuilder;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
 import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
 import lombok.Builder;
 import lombok.Data;
@@ -67,20 +66,20 @@ public class SimpleEidasData {
    * @return true or false depending of the data matches
    * @throws WorkflowException if multiple results have been found
    */
-  public boolean equalsRegisterData(RegisterSearchResult result) throws WorkflowException {
+  public boolean equalsRegisterData(RegisterResult result) throws WorkflowException {
     /*TODO: maybe this is check is not valid, because only the minimum data-set (personalIdentifer, givenName, 
      *      familyName, dateOfBirth) has to be always available. Any other attributes are optional.
      *      This check will always evaluate to false if register has more information as current eIDAS process!!! 
      */
     
     return new EqualsBuilder()
-        .append(result.getResult().getGivenName(), givenName)
-        .append(result.getResult().getFamilyName(), familyName)
-        .append(result.getResult().getDateOfBirth(), dateOfBirth)
-        .append(result.getResult().getPlaceOfBirth(), placeOfBirth)
-        .append(result.getResult().getBirthName(), birthName)
-        .append(result.getResult().getTaxNumber(), taxNumber)
-        .isEquals() && result.getResult().getPseudonym().stream()
+        .append(result.getGivenName(), givenName)
+        .append(result.getFamilyName(), familyName)
+        .append(result.getDateOfBirth(), dateOfBirth)
+        .append(result.getPlaceOfBirth(), placeOfBirth)
+        .append(result.getBirthName(), birthName)
+        .append(result.getTaxNumber(), taxNumber)
+        .isEquals() && result.getPseudonym().stream()
             .filter(el -> el.equals(pseudonym))
             .findFirst()
             .isPresent();
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
index 802fde14..471cb115 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
@@ -29,6 +29,8 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
+import at.gv.e_government.reference.namespace.persondata.de._20040201.PersonenNameTyp;
 
 public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSearchProcessor {
 
@@ -46,15 +48,23 @@ public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSea
   }
 
   @Override
-  public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) {
-    
+  public PersonSuchenRequest generateSearchRequest(SimpleEidasData eidData) {    
     PersonSuchenRequest req = new PersonSuchenRequest();    
-    EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
-    req.setEidasSuchdaten(eidasInfos);
+        
+    //set basic MDS information
+    final NatuerlichePersonTyp searchNatPerson = new NatuerlichePersonTyp();
+    req.setNatuerlichePerson(searchNatPerson);
+    final PersonenNameTyp searchNatPersonName = new PersonenNameTyp();
+    searchNatPerson.setPersonenName(searchNatPersonName);
+    searchNatPersonName.setFamilienname(eidData.getFamilyName());
+    searchNatPersonName.setVorname(eidData.getGivenName());
+    searchNatPerson.setGeburtsdatum(eidData.getDateOfBirth());
     
     
     //TODO: how we can search for more than one eIDAS attribute as a Set
-    
+    EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
+    req.setEidasSuchdaten(eidasInfos);
+
     
     return req;
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
index 166ffafb..bcee0f0f 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/RegisterSearchService.java
@@ -21,7 +21,6 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificD
 import lombok.AllArgsConstructor;
 import lombok.Getter;
 import lombok.RequiredArgsConstructor;
-import lombok.Setter;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
@@ -60,7 +59,7 @@ public class RegisterSearchService {
       throws WorkflowException {
     try {
       final ZmrRegisterResult resultsZmr = zmrClient.searchWithPersonIdentifier(
-          null, eidasData.getPersonalIdentifier());            
+          null, eidasData.getPseudonym(), eidasData.getCitizenCountryCode());            
       final List<RegisterResult> resultsErnp = ernpClient.searchWithPersonIdentifier(
           eidasData.getPersonalIdentifier());
             
@@ -235,14 +234,7 @@ public class RegisterSearchService {
    */
   @Getter
   @RequiredArgsConstructor
-  public static class RegisterSearchResult {
-    
-    /**
-     * Mark the register result finished.
-     */
-    @Setter
-    private boolean matchingFinished = false;
-    
+  public static class RegisterSearchResult {   
     /**
      * Operation status for this result.
      */
@@ -272,12 +264,11 @@ public class RegisterSearchService {
      * Verifies that there is only one match and returns the bpk.
      *
      * @return bpk bpk of the match
-     * @throws WorkflowException if multiple results have been found or matching is not marked as finished
+     * @throws WorkflowException if multiple results have been found
      */
     public String getBpk() throws WorkflowException {
-      if (getResultCount() != 1 || !matchingFinished) {
-        throw new WorkflowException("readRegisterResults", 
-            matchingFinished ? "getResultCount() != 1" : "matching prozess not finished yet");
+      if (getResultCount() != 1) {
+        throw new WorkflowException("readRegisterResults", "getResultCount() != 1");
         
       }
       return getResult().getBpk();
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index 41bf4409..35717ae0 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -25,18 +25,13 @@ package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
 import java.io.IOException;
 import java.io.InputStream;
-import java.util.HashMap;
 import java.util.List;
-import java.util.Map;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.parsers.ParserConfigurationException;
 
-import org.apache.commons.lang3.StringUtils;
-import org.jetbrains.annotations.NotNull;
 import org.jetbrains.annotations.Nullable;
-import org.joda.time.DateTime;
 import org.jose4j.lang.JoseException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -45,19 +40,17 @@ import org.w3c.dom.Node;
 import org.xml.sax.SAXException;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
-import com.google.common.collect.ImmutableMap;
-import com.google.common.collect.ImmutableSet;
 
 import at.asitplus.eidas.specific.connector.MsConnectorEventCodes;
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
@@ -66,17 +59,13 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
 import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.attribute.AttributeValue;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
 import lombok.Data;
 import lombok.extern.slf4j.Slf4j;
 import szrservices.IdentityLinkType;
@@ -112,8 +101,6 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
   @Autowired
   private SzrClient szrClient;
   @Autowired
-  private ICcSpecificEidProcessingService eidPostProcessor;
-  @Autowired
   private AuthBlockSigningService authBlockSigner;
 
   private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas";
@@ -129,63 +116,68 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
   @Override
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
-    try {
+    try {      
       
-      /*TODO: needs refactoring because we has to be operate on national identifiers 
-       *      because matching and insert ERnP was already done!!        
+      /*TODO: needs more re-factoring if we finalize CreateNewErnpEntryTask and we know how add entries into ERnP
+       *      Maybe, we can fully replace eidData by matchedPersonData, 
+       *      because matchedPersonData holds the result after a successful matching process.
+       *      
+       *      Currently, we only add a work-around to operate without new ERnP implementation.
        */
-      final ILightResponse eidasResponse = getAuthProcessDataWrapper()
-          .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
-      final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap(
-          eidasResponse.getAttributes().getAttributeMap());                  
-      final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);
-      //final SimpleEidasData eidData =
-      //    getAuthProcessDataWrapper().getGenericDataFromSession(Constants.DATA_SIMPLE_EIDAS, SimpleEidasData.class);
-      final String personalIdentifier = (String) eidasAttributes.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      final SimpleEidasData eidData = MatchingTaskUtils.getInitialEidasData(pendingReq);      
+      MatchedPersonResult matchedPersonData = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+      
       writeMdsLogInformation(eidData);
 
       if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
         buildDummyIdentityLink(eidData);
+        
       } else {
         //request SZR based on IDL or E-ID mode
         if (pendingReq.getServiceProviderConfiguration()
             .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {
-          executeEidMode(eidData, personalIdentifier);
+          executeEidMode(eidData, matchedPersonData);
+          
         } else {
-          executeIdlMode(eidData, personalIdentifier);
-        }
+          executeIdlMode(eidData, matchedPersonData);
+          
+        }        
       }
+      
       storeGenericInfoToSession(eidData);
       requestStoreage.storePendingRequest(pendingReq);
+      
     } catch (final EidasAttributeException e) {
       throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
+      
     } catch (final EaafException e) {
       throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+      
     } catch (final Exception e) {
       log.error("IdentityLink generation for foreign person FAILED.", e);
       throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+      
     }
   }
 
   private void storeGenericInfoToSession(SimpleEidasData eidData) throws EaafStorageException {
-    AuthProcessDataWrapper authProcessData = getAuthProcessDataWrapper();
+    AuthProcessDataWrapper authProcessData = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
     authProcessData.setForeigner(true);
     authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME,
         eidData.getCitizenCountryCode());
   }
 
-  private void executeIdlMode(SimpleEidasData eidData, String personalIdentifier) throws EaafException {
+  private void executeIdlMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData) throws EaafException {
     //request SZR
-    SzrResultHolder idlResult = requestSzrForIdentityLink(eidData);
+    SzrResultHolder idlResult = requestSzrForIdentityLink(eidData, matchedPersonData);
 
     //write revision-Log entry for personal-identifier mapping
-    writeExtendedRevisionLogEntry(eidData, personalIdentifier);
-
+    writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier());
     //check result-data and write revision-log based on current state
     checkStateAndWriteRevisionLog(idlResult);
 
     //inject personal-data into session
-    AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+    AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
     authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink());
     authProcessDataWrapper.setEidProcess(false);
 
@@ -197,20 +189,29 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
             .getAreaSpecificTargetIdentifier());
   }
 
-  private void executeEidMode(SimpleEidasData eidData, String personalIdentifier)
+  private void executeEidMode(SimpleEidasData eidData, MatchedPersonResult matchedPersonData)
       throws JsonProcessingException, EaafException, JoseException {
     // get encrypted baseId        
-    String vsz = szrClient.getEncryptedStammzahl(eidData);
-
+    String vsz;
+    if (matchedPersonData != null) {
+      log.debug("Requesting encrypted baseId by already matched person information ... ");
+      vsz = szrClient.getEncryptedStammzahl(matchedPersonData);
+      
+    } else {
+      log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
+      vsz = szrClient.createNewErnpEntry(eidData);  
+      
+    }
+    
     //write revision-Log entry and extended infos personal-identifier mapping
     revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);
-    writeExtendedRevisionLogEntry(eidData, personalIdentifier);
+    writeExtendedRevisionLogEntry(eidData, eidData.getPersonalIdentifier());
 
     // get eIDAS bind
     String signedEidasBind = szrClient
         .getEidasBind(vsz, authBlockSigner.getBase64EncodedPublicKey(), EID_STATUS, eidData);
     revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED);
-    AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+    AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
     authProcessDataWrapper.setGenericDataToSession(Constants.EIDAS_BIND, signedEidasBind);
 
     //get signed AuthBlock
@@ -220,11 +221,12 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 
     //inject personal-data into session
     authProcessDataWrapper.setEidProcess(true);
+    
   }
 
   private void buildDummyIdentityLink(SimpleEidasData eidData)
       throws ParserConfigurationException, SAXException, IOException, EaafException {
-    AuthProcessDataWrapper authProcessDataWrapper = getAuthProcessDataWrapper();
+    AuthProcessDataWrapper authProcessDataWrapper = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
     SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData);
     //inject personal-data into session
     authProcessDataWrapper.setIdentityLink(idlResult.getIdentityLink());
@@ -247,10 +249,22 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     }
   }
 
-  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData) throws EaafException {
+  private SzrResultHolder requestSzrForIdentityLink(SimpleEidasData eidData, 
+      MatchedPersonResult matchedPersonData) throws EaafException {
     //request IdentityLink from SZR
-    final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(eidData);
+    IdentityLinkType result;
 
+    if (matchedPersonData != null) {
+      log.debug("Requesting encrypted baseId by already matched person information ... ");
+      result = szrClient.getIdentityLinkInRawMode(matchedPersonData);
+      
+    } else {
+      log.debug("Requesting encrypted baseId by using eIDAS information directly ... ");
+      result = szrClient.getIdentityLinkInRawMode(eidData);
+      
+    }
+    
+    
     final Element idlFromSzr = (Element) result.getAssertion();
     final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
 
@@ -322,68 +336,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     }
   }
 
-  private Map<String, Object> convertEidasAttrToSimpleMap(
-      ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
-    final Map<String, Object> result = new HashMap<>();
-    for (final AttributeDefinition<?> el : attributeMap.keySet()) {
-      final Class<?> parameterizedType = el.getParameterizedType();
-      if (DateTime.class.equals(parameterizedType)) {
-        convertDateTime(attributeMap, result, el);
-      } else if (PostalAddress.class.equals(parameterizedType)) {
-        convertPostalAddress(attributeMap, result, el);
-      } else {
-        convertString(attributeMap, result, el);
-      }
-    }
-
-    log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString());
-    return result;
-  }
-
-  private void convertString(ImmutableMap<AttributeDefinition<?>,
-                             ImmutableSet<? extends AttributeValue<?>>> attributeMap,
-                             Map<String, Object> result, AttributeDefinition<?> el) {
-    final List<String> natPersonIdObj = EidasResponseUtils
-        .translateStringListAttribute(el, attributeMap.get(el));
-    final String stringAttr = natPersonIdObj.get(0);
-    if (StringUtils.isNotEmpty(stringAttr)) {
-      result.put(el.getFriendlyName(), stringAttr);
-      log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr);
-    } else {
-      log.info("Ignore empty 'String' attribute");
-    }
-  }
-
-  private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>,
-                                    ImmutableSet<? extends AttributeValue<?>>> attributeMap,
-                                    Map<String, Object> result, AttributeDefinition<?> el) {
-    final PostalAddress addressAttribute = EidasResponseUtils
-        .translateAddressAttribute(el, attributeMap.get(el).asList());
-    if (addressAttribute != null) {
-      result.put(el.getFriendlyName(), addressAttribute);
-      log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString());
-    } else {
-      log.info("Ignore empty 'PostalAddress' attribute");
-    }
-  }
-
-  private void convertDateTime(ImmutableMap<AttributeDefinition<?>,
-                               ImmutableSet<? extends AttributeValue<?>>> attributeMap,
-                               Map<String, Object> result, AttributeDefinition<?> el) {
-    final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
-    if (attribute != null) {
-      result.put(el.getFriendlyName(), attribute);
-      log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString());
-    } else {
-      log.info("Ignore empty 'DateTime' attribute");
-    }
-  }
-
-  @NotNull
-  private AuthProcessDataWrapper getAuthProcessDataWrapper() {
-    return pendingReq.getSessionData(AuthProcessDataWrapper.class);
-  }
-
+ 
   /**
    * write MDS into technical log and revision log.
    */
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
index 69b127d8..6fc6d499 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateNewErnpEntryTask.java
@@ -29,9 +29,6 @@ import javax.servlet.http.HttpServletResponse;
 import org.springframework.stereotype.Component;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -56,27 +53,37 @@ import lombok.extern.slf4j.Slf4j;
 @Component("CreateNewErnbEntryTask")
 public class CreateNewErnpEntryTask extends AbstractAuthServletTask {
 
-  private final SzrClient szrClient;
+  //private final SzrClient szrClient;
 
-  /**
-   * Constructor.
-   * @param szrClient SZR client for creating a new ERnP entry
-   */
-  public CreateNewErnpEntryTask(SzrClient szrClient) {
-    this.szrClient = szrClient;
-  }
+  ///**
+  // * Constructor.
+  // * @param szrClient SZR client for creating a new ERnP entry
+  // */
+  //public CreateNewErnpEntryTask(SzrClient szrClient) {
+  //  this.szrClient = szrClient;
+  //}
 
   @Override
   public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
       throws TaskExecutionException {
     try {
-      SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);   
+      //SimpleEidasData simpleEidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);   
           
-      // TODO When to do eidPostProcessor.postProcess on the eidas attributes?
-      String vsz = szrClient.createNewErnpEntry(simpleEidasData);
+      // insert person into ERnP
+      //TODO: should we insert it directly into ERnP?
+      //TODO: has to updated to new eIDAS document model in ERnP
+      //String vsz = szrClient.createNewErnpEntry(simpleEidasData);
+
+      // finish matching process, because new user-entry uniquly matches
+      //log.info("User successfully registerred into ERnP and matching tasks are finished ");
+      //MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
+      //    MatchedPersonResult.builder()
+      //        .vsz(vsz)
+      //        .build());
+      
+      log.warn("Skipping new insert ERnP task, because it's currently unknown who we should it");
+      
 
-      // TODO what to do with the VSZ now
-      log.info("VSZ: {}", vsz);
     } catch (final Exception e) {
       log.error("Initial search FAILED.", e);
       throw new TaskExecutionException(pendingReq, "Initial search FAILED.", e);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
index 1563d6df..01497f8d 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/InitialSearchTask.java
@@ -42,6 +42,8 @@ import com.google.common.collect.ImmutableMap;
 import com.google.common.collect.ImmutableSet;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
@@ -71,9 +73,9 @@ import lombok.extern.slf4j.Slf4j;
  * Output:
  * <ul>
  *     <li>{@link Constants#DATA_SIMPLE_EIDAS} converted from Full eIDAS Response</li>
- *     <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from first search in registers with
+ *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from first search in registers with
  *     PersonIdentifier</li>
- *     <li>{@link Constants#DATA_FURTHER_REGISTER_RESULT} results after second search in registers with MDS</li>
+ *     <li>{@link Constants#DATA_PERSON_MATCH_RESULT} results after second search in registers with MDS</li>
  *     <li>{@link Constants#DATA_RESULT_MATCHING_BPK} if one register result found</li>
  * </ul>
  * Transitions:
@@ -135,8 +137,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
         step6CountrySpecificSearch(executionContext, initialSearchResult.getOperationStatus(), eidasData);
       
       } else if (resultCount == 1) {      
-        // find person by PersonalIdentifier --> finalize first matching task             
-        initialSearchResult.setMatchingFinished(true);                
+        // find person by PersonalIdentifier --> finalize first matching task
         foundMatchFinializeTask(initialSearchResult, eidasData);
             
       } else {
@@ -169,8 +170,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
       log.trace("'step6CountrySpecificSearch' finds a person. Forward to 'step7aKittProcess' step ... ");
       registerSearchService.step7aKittProcess(countrySpecificResult, eidasData);
       
-      // find person by country-specific information --> finalize first matching task
-      countrySpecificResult.setMatchingFinished(true);        
+      // find person by country-specific information --> finalize first matching task       
       foundMatchFinializeTask(countrySpecificResult, eidasData);      
       
     } else {
@@ -194,7 +194,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
       log.debug("Matching step: 'step8RegisterSearchWithMds' has #{} results. "
           + "Forward to GUI based matching steps ... ", registerData.getResultCount());
       
-      MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerData);
+      MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerData);
       executionContext.put(TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK, true);
       
     }
@@ -205,22 +205,26 @@ public class InitialSearchTask extends AbstractAuthServletTask {
   private void foundMatchFinializeTask(RegisterSearchResult searchResult, SimpleEidasData eidasData) 
       throws WorkflowException, EaafStorageException {
     // check if register update is required
-    step3CheckRegisterUpdateNecessary(searchResult, eidasData);
-    
+    RegisterResult updatedResult = step3CheckRegisterUpdateNecessary(searchResult.getResult(), eidasData);
+        
     // store search result
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, searchResult);
+    MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
+        MatchedPersonResult.generateFormMatchingResult(updatedResult, eidasData.getCitizenCountryCode()));
         
   }
   
-  private void step3CheckRegisterUpdateNecessary(RegisterSearchResult initialSearchResult, 
+  private RegisterResult step3CheckRegisterUpdateNecessary(RegisterResult searchResult, 
       SimpleEidasData eidasData) throws WorkflowException {
     log.trace("Starting step3CheckRegisterUpdateNecessary");
-    if (!eidasData.equalsRegisterData(initialSearchResult)) {
-      // TODO Update "initialSearchResult" in register with "eidasData" from login not possible for now
+    if (!eidasData.equalsRegisterData(searchResult)) {
       log.info("Skipping update-register-information step, because it's not supported yet");
+      
+      //TODO: return updated search result if updates are allowed
+      return searchResult;
         
     } else {        
-      log.debug("Register information match to eIDAS information. No update requird");      
+      log.debug("Register information match to eIDAS information. No update requird");
+      return searchResult;
       
     }
     
@@ -233,6 +237,7 @@ public class InitialSearchTask extends AbstractAuthServletTask {
         .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
     Map<String, Object> simpleMap = convertEidasAttrToSimpleMap(eidasResponse.getAttributes().getAttributeMap());
     return eidPostProcessor.postProcess(simpleMap);
+    
   }
 
   private Map<String, Object> convertEidasAttrToSimpleMap(
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index b18104fa..b71d86c8 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -33,6 +33,7 @@ import org.jetbrains.annotations.NotNull;
 import org.springframework.stereotype.Component;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ManualFixNecessaryException;
@@ -56,7 +57,7 @@ import lombok.extern.slf4j.Slf4j;
  * Input:
  * <ul>
  *   <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>
- *   <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li>
+ *   <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li>
  * </ul>
  * Output:
  * <ul>
@@ -125,7 +126,7 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
         
     try {
       SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
-      RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq);
+      RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
       
       RegisterSearchResult residencyResult = 
           registerSearchService.searchWithResidence(initialSearchResult.getOperationStatus(), 
@@ -160,13 +161,14 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractAuthServlet
       /*TODO: check 'equalsRegisterData' because this method maybe this method evaluate to an invalid result.
        *      See TODO in methods body
        */      
-      if (eidasData.equalsRegisterData(residencyResult)) {
+      if (eidasData.equalsRegisterData(residencyResult.getResult())) {
         // update register information
         registerSearchService.step7aKittProcess(residencyResult, eidasData);
                                 
         // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
-        residencyResult.setMatchingFinished(true);
-        MatchingTaskUtils.storeInitialRegisterResult(pendingReq, residencyResult);
+        MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
+            MatchedPersonResult.generateFormMatchingResult(
+                residencyResult.getResult(), eidasData.getCitizenCountryCode()));
         
       } else {
         moveToNextTask(executionContext);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
index fd469f49..e0b05892 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveMobilePhoneSignatureResponseTask.java
@@ -45,6 +45,7 @@ import org.opensaml.saml.saml2.metadata.IDPSSODescriptor;
 import org.springframework.stereotype.Component;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleMobileSignatureData;
@@ -86,7 +87,7 @@ import lombok.extern.slf4j.Slf4j;
  * Input:
  * <ul>
  *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>
- *     <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li>
+ *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li>
  * </ul>
  * Output:
  * <ul>
@@ -160,7 +161,7 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
             
       // load already existing information from session
       SimpleEidasData eidasData = MatchingTaskUtils.getInitialEidasData(pendingReq);
-      RegisterSearchResult initialSearchResult = MatchingTaskUtils.getInitialRegisterResult(pendingReq);
+      RegisterSearchResult initialSearchResult = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
       
       // extract user information from ID Austria authentication
       AssertionAttributeExtractor extractor = new AssertionAttributeExtractor(processedMsg.getFirst().getResponse());
@@ -188,9 +189,10 @@ public class ReceiveMobilePhoneSignatureResponseTask extends AbstractAuthServlet
         // perform kit operation
         registerSearchService.step7aKittProcess(registerResult, eidasData);
         
-        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS
-        registerResult.setMatchingFinished(true);
-        MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerResult);
+        // store search result to re-used in CreateIdentityLink step, because there we need bPK and MDS        
+        MatchingTaskUtils.storeFinalMatchingResult(pendingReq, 
+            MatchedPersonResult.generateFormMatchingResult(registerResult.getResult(), 
+                eidasData.getCitizenCountryCode()));
         
       }            
       
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index 59a6886a..0eb56d0b 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -45,7 +45,7 @@ import lombok.extern.slf4j.Slf4j;
  * Input:
  * <ul>
  *     <li>{@link Constants#DATA_SIMPLE_EIDAS} initial login data from user</li>
- *     <li>{@link Constants#DATA_INITIAL_REGISTER_RESULT} results from search in registers with personIdentifier</li>
+ *     <li>{@link Constants#DATA_INTERMEDIATE_RESULT} results from search in registers with personIdentifier</li>
  * </ul>
  * Output:
  * <ul>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
index 5625a30d..ae4dfb30 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/MatchingTaskUtils.java
@@ -5,6 +5,7 @@ import javax.annotation.Nullable;
 import org.springframework.lang.NonNull;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
 import at.gv.egiz.eaaf.core.api.IRequest;
@@ -41,33 +42,61 @@ public class MatchingTaskUtils {
   }
   
   /**
-   * Get Matching result from session.
+   * Get intermediate matching result from session.
    * 
    * @param pendingReq Current pendingRequest
-   * @return Matching result or <code>null</code> if not exist
+   * @return Intermediate matching result or <code>null</code> if not exist
    */
   @Nullable
-  public static RegisterSearchResult getInitialRegisterResult(IRequest pendingReq) {
-    return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INITIAL_REGISTER_RESULT,
+  public static RegisterSearchResult getIntermediateMatchingResult(IRequest pendingReq) {
+    return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_INTERMEDIATE_RESULT,
         RegisterSearchResult.class);
     
   }
   
   /**
-   * Store matching result into session.
+   * Store intermediate matching result into session.
    * 
    * @param pendingReq Current pendingRequest
-   * @param registerData Matching result information
+   * @param registerData Intermediate matching result information
    * @throws EaafStorageException In case of data can not be add into session
    */
   @Nullable
-  public static void storeInitialRegisterResult(IRequest pendingReq, RegisterSearchResult registerData) 
+  public static void storeIntermediateMatchingResult(IRequest pendingReq, RegisterSearchResult registerData) 
       throws EaafStorageException {
     getAuthProcessDataWrapper(pendingReq).setGenericDataToSession(
-        Constants.DATA_INITIAL_REGISTER_RESULT, registerData);
+        Constants.DATA_INTERMEDIATE_RESULT, registerData);
         
   }
 
+  /**
+   * Get intermediate matching result from session.
+   * 
+   * @param pendingReq Current pendingRequest
+   * @return Intermediate matching result or <code>null</code> if not exist
+   */
+  @Nullable
+  public static MatchedPersonResult getFinalMatchingResult(IRequest pendingReq) {
+    return getAuthProcessDataWrapper(pendingReq).getGenericDataFromSession(Constants.DATA_PERSON_MATCH_RESULT,
+        MatchedPersonResult.class);
+    
+  }
+  
+  /**
+   * Store intermediate matching result into session.
+   * 
+   * @param pendingReq Current pendingRequest
+   * @param personInfos Person information after a successful match
+   * @throws EaafStorageException In case of data can not be add into session
+   */
+  @Nullable
+  public static void storeFinalMatchingResult(IRequest pendingReq, MatchedPersonResult personInfos) 
+      throws EaafStorageException {
+    getAuthProcessDataWrapper(pendingReq).setGenericDataToSession(
+        Constants.DATA_PERSON_MATCH_RESULT, personInfos);
+        
+  }
+  
   /**
    * Get holder for authentication information for the current process.
    * 
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
index 30a801a4..b39281c2 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/zmr/DummyZmrClient.java
@@ -39,7 +39,8 @@ import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
 public class DummyZmrClient implements IZmrClient {
 
   @Override
-  public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier) {
+  public ZmrRegisterResult searchWithPersonIdentifier(BigInteger zmrProzessId, String personIdentifier,
+      String citizenCountryCode) {
     return new ZmrRegisterResult(Collections.emptyList(), null);
     
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
index 2f7782ae..074dd0bb 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummyOA.java
@@ -1,13 +1,19 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
 
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BpkBuilder;
 import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import lombok.Getter;
 import lombok.Setter;
-import org.apache.commons.lang3.StringUtils;
-
-import java.util.*;
 
 public class DummyOA implements IAhSpConfiguration {
 
@@ -115,13 +121,13 @@ public class DummyOA implements IAhSpConfiguration {
   }
 
   @Override
-  public List<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
+  public Set<String> getTargetsWithNoBaseIdInternalProcessingRestriction() {
     // TODO Auto-generated method stub
     return null;
   }
 
   @Override
-  public List<String> getTargetsWithNoBaseIdTransferRestriction() {
+  public Set<String> getTargetsWithNoBaseIdTransferRestriction() {
     // TODO Auto-generated method stub
     return null;
   }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
new file mode 100644
index 00000000..21c9fd80
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/DeSpecificDetailSearchProcessorTest.java
@@ -0,0 +1,105 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class DeSpecificDetailSearchProcessorTest {
+
+  private DeSpecificDetailSearchProcessor handler = new DeSpecificDetailSearchProcessor();
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong handler name", "DeSpecificDetailSearchProcessor", handler.getName());
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_1() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .birthName(RandomStringUtils.randomAlphabetic(5))
+        .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_2() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .birthName(RandomStringUtils.randomAlphabetic(5))
+        .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertTrue("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_3() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .birthName(RandomStringUtils.randomAlphabetic(5))
+        .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertTrue("wrong 'canHandle' flag", handler.canHandle("de", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_4() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .birthName(null)
+        .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_5() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .birthName(RandomStringUtils.randomAlphabetic(5))
+        .placeOfBirth(null)
+        .build();    
+    assertFalse("wrong 'canHandle' flag", handler.canHandle("DE", eidData));
+    
+  }
+
+  @Test
+  public void generateZmrSearchRequest() {
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .citizenCountryCode("DE")
+        .givenName(RandomStringUtils.randomAlphabetic(5))
+        .familyName(RandomStringUtils.randomAlphabetic(5))
+        .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .birthName(RandomStringUtils.randomAlphabetic(5))
+        .placeOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .build();
+    
+    // perform operation
+    PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+    
+    //validate response
+    assertNotNull("no search request", req);
+    assertNotNull("no MDS", req.getNatuerlichePerson());
+    assertNotNull("no MDS PersonName", req.getNatuerlichePerson().getPersonenName());
+    assertEquals("familyName", eidData.getFamilyName(), req.getNatuerlichePerson().getPersonenName().getFamilienname());
+    assertEquals("givenName", eidData.getGivenName(), req.getNatuerlichePerson().getPersonenName().getVorname());
+    assertEquals("birthday", eidData.getDateOfBirth(), req.getNatuerlichePerson().getGeburtsdatum());
+        
+    assertNotNull("no eIDAS documenst", req.getEidasSuchdaten());
+    //TODO: add validation if we can add more than one eIDAS document 
+          
+  }
+  
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
new file mode 100644
index 00000000..9b638ee5
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/handler/ItSpecificDetailSearchProcessorTes.java
@@ -0,0 +1,84 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.handler;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.ItSpecificDetailSearchProcessor;
+import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class ItSpecificDetailSearchProcessorTes {
+
+  private ItSpecificDetailSearchProcessor handler = new ItSpecificDetailSearchProcessor();
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong handler name", "ItSpecificDetailSearchProcessor", handler.getName());
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_1() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .taxNumber(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertFalse("wrong 'canHandle' flag", handler.canHandle("XX", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_2() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .taxNumber(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertTrue("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_3() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .taxNumber(RandomStringUtils.randomAlphabetic(5))
+        .build();    
+    assertTrue("wrong 'canHandle' flag", handler.canHandle("it", eidData));
+    
+  }
+  
+  @Test
+  public void canHandlerCheck_4() {    
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .taxNumber("")
+        .build();    
+    assertFalse("wrong 'canHandle' flag", handler.canHandle("IT", eidData));
+    
+  }
+  
+  @Test
+  public void generateZmrSearchRequest() {
+    SimpleEidasData eidData = SimpleEidasData.builder()
+        .citizenCountryCode("IT")
+        .givenName(RandomStringUtils.randomAlphabetic(5))
+        .familyName(RandomStringUtils.randomAlphabetic(5))
+        .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .taxNumber(RandomStringUtils.randomAlphabetic(5))
+        .build();
+    
+    // perform operation
+    PersonSuchenRequest req = handler.generateSearchRequest(eidData);
+    
+    //validate response
+    assertNotNull("no search request", req);
+
+    //TODO: add validation if we can add more information about taxNumber from Italy 
+          
+  }
+  
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 248b71d9..7af9706e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -18,7 +18,9 @@ import java.util.List;
 import java.util.Map;
 
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
+import org.joda.time.DateTime;
 import org.jose4j.jwa.AlgorithmConstraints;
 import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
 import org.jose4j.jws.AlgorithmIdentifiers;
@@ -39,16 +41,25 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.fasterxml.jackson.databind.ObjectMapper;
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
 import com.skjolberg.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -68,8 +79,10 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
 import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
 import lombok.val;
 import szrservices.JwsHeaderParam;
@@ -96,6 +109,9 @@ public class CreateIdentityLinkTaskEidNewTest {
   @Autowired
   EaafKeyStoreFactory keyStoreFactory;
 
+  @Autowired
+  ICcSpecificEidProcessingService eidPostProcessor;
+  
   @Autowired
   private IRequestStorage requestStorage;
 
@@ -123,9 +139,11 @@ public class CreateIdentityLinkTaskEidNewTest {
 
   /**
    * jUnit test set-up.
+   * @throws EidasAttributeException 
+   * @throws EidPostProcessingException 
    */
   @Before
-  public void setUp() throws EaafStorageException, URISyntaxException {
+  public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
 
     httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
     httpResp = new MockHttpServletResponse();
@@ -144,8 +162,14 @@ public class CreateIdentityLinkTaskEidNewTest {
     response = buildDummyAuthResponse(false);
     pendingReq.getSessionData(AuthProcessDataWrapper.class)
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
-
+    
+    final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap(
+        response.getAttributes().getAttributeMap());                  
+    final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);    
+    MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
+    
+    MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null);
+    
     pendingReq.setSpConfig(oaParam);
     pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
     pendingReq.setAuthUrl("http://test.com/");
@@ -163,8 +187,10 @@ public class CreateIdentityLinkTaskEidNewTest {
     //initialize test
     response = buildDummyAuthResponse(true);
     pendingReq.getSessionData(AuthProcessDataWrapper.class)
-        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
-
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);    
+    MatchingTaskUtils.storeInitialEidasData(pendingReq, eidPostProcessor.postProcess(
+        convertEidasAttrToSimpleMap(response.getAttributes().getAttributeMap())));
+    
     String vsz = RandomStringUtils.randomNumeric(10);
     when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
     val signContentResp = new SignContentResponseType();
@@ -223,7 +249,7 @@ public class CreateIdentityLinkTaskEidNewTest {
     verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
 
     Boolean param5 = argument5.getValue();
-    Assert.assertFalse("insertERnP flag", param5);
+    Assert.assertTrue("insertERnP flag", param5);
     PersonInfoType person = argument4.getValue();
     Assert.assertEquals("FamilyName",
         response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
@@ -296,6 +322,82 @@ public class CreateIdentityLinkTaskEidNewTest {
 
   }
 
+  @Test
+  public void successfulProcessWithDataFromMatching() throws Exception {
+    //initialize test
+    String vsz = RandomStringUtils.randomNumeric(10);
+    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(vsz);
+    val signContentResp = new SignContentResponseType();
+    final SignContentEntry signContentEntry = new SignContentEntry();
+    signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+    signContentResp.getOut().add(signContentEntry);
+    when(szrMock.signContent(any(), any(), any())).thenReturn(signContentResp);
+
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+    MatchedPersonResult matchingInfos = MatchedPersonResult.builder()
+        .bpk(RandomStringUtils.randomAlphabetic(5))
+        .givenName(RandomStringUtils.randomAlphabetic(5))
+        .familyName(RandomStringUtils.randomAlphabetic(5))
+        .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .build();
+        
+    MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    
+    //validate state
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+    Assert.assertNotNull("AuthBlock", authBlock);
+
+    Assert.assertTrue("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU",
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+
+    // check vsz request
+    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);
+    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+
+    Boolean param5 = argument5.getValue();
+    Assert.assertFalse("insertERnP flag", param5);
+    PersonInfoType person = argument4.getValue();
+    Assert.assertEquals("FamilyName",
+        matchingInfos.getFamilyName(),
+        person.getPerson().getName().getFamilyName());
+    Assert.assertEquals("GivenName",
+        matchingInfos.getGivenName(),
+        person.getPerson().getName().getGivenName());
+    Assert.assertEquals("DateOfBirth",
+        matchingInfos.getDateOfBirth(),
+        person.getPerson().getDateOfBirth());
+    Assert.assertEquals("bPK",
+        matchingInfos.getBpk(),
+        person.getPerson().getIdentification().getValue());
+    Assert.assertEquals("bPKType",
+        EaafConstants.URN_PREFIX_CDID + "ZP",
+        person.getPerson().getIdentification().getType());
+    
+    
+    Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());
+    Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+            
+  }
+  
   @Test
   public void successfulProcessWithStandardInfos() throws Exception {
     //initialize test
@@ -337,7 +439,7 @@ public class CreateIdentityLinkTaskEidNewTest {
     verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
 
     Boolean param5 = argument5.getValue();
-    Assert.assertFalse("insertERnP flag", param5);
+    Assert.assertTrue("insertERnP flag", param5);
     PersonInfoType person = argument4.getValue();
     Assert.assertEquals("FamilyName",
         response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
@@ -456,4 +558,53 @@ public class CreateIdentityLinkTaskEidNewTest {
         .attributes(attributeMap.build())
         .build();
   }
+  
+  private Map<String, Object> convertEidasAttrToSimpleMap(
+      ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+    final Map<String, Object> result = new HashMap<>();
+    for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+      final Class<?> parameterizedType = el.getParameterizedType();
+      if (DateTime.class.equals(parameterizedType)) {
+        convertDateTime(attributeMap, result, el);
+      } else if (PostalAddress.class.equals(parameterizedType)) {
+        convertPostalAddress(attributeMap, result, el);
+      } else {
+        convertString(attributeMap, result, el);
+      }
+    }
+    return result;
+  }
+
+  private void convertString(ImmutableMap<AttributeDefinition<?>,
+                             ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                             Map<String, Object> result, AttributeDefinition<?> el) {
+    final List<String> natPersonIdObj = EidasResponseUtils
+        .translateStringListAttribute(el, attributeMap.get(el));
+    final String stringAttr = natPersonIdObj.get(0);
+    if (StringUtils.isNotEmpty(stringAttr)) {
+      result.put(el.getFriendlyName(), stringAttr);
+
+    }
+  }
+
+  private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>,
+                                    ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                                    Map<String, Object> result, AttributeDefinition<?> el) {
+    final PostalAddress addressAttribute = EidasResponseUtils
+        .translateAddressAttribute(el, attributeMap.get(el).asList());
+    if (addressAttribute != null) {
+      result.put(el.getFriendlyName(), addressAttribute);
+
+    }
+  }
+
+  private void convertDateTime(ImmutableMap<AttributeDefinition<?>,
+                               ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                               Map<String, Object> result, AttributeDefinition<?> el) {
+    final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+    if (attribute != null) {
+      result.put(el.getFriendlyName(), attribute);
+
+    }
+  }
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index 556bd2eb..0a2d4271 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -5,6 +5,7 @@ import static org.mockito.ArgumentMatchers.any;
 
 import java.net.URISyntaxException;
 import java.util.HashMap;
+import java.util.List;
 import java.util.Map;
 
 import javax.xml.bind.JAXBContext;
@@ -12,7 +13,9 @@ import javax.xml.bind.JAXBException;
 import javax.xml.bind.Unmarshaller;
 
 import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
 import org.jetbrains.annotations.NotNull;
+import org.joda.time.DateTime;
 import org.junit.Assert;
 import org.junit.Before;
 import org.junit.Rule;
@@ -27,13 +30,22 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import org.springframework.web.context.request.RequestContextHolder;
 import org.springframework.web.context.request.ServletRequestAttributes;
 
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
 import com.skjolberg.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -50,7 +62,9 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egiz.eaaf.core.impl.utils.Random;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
 import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
 import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
 import lombok.val;
 import szrservices.GetBPK;
@@ -79,7 +93,10 @@ public class CreateIdentityLinkTaskTest {
   EaafKeyStoreFactory keyStoreFactory;
 
   @Autowired
-  private IRequestStorage requestStorage;
+  ICcSpecificEidProcessingService eidPostProcessor;
+  
+  @Autowired
+  IRequestStorage requestStorage;
 
   final ExecutionContext executionContext = new ExecutionContextImpl();
   private MockHttpServletRequest httpReq;
@@ -96,9 +113,11 @@ public class CreateIdentityLinkTaskTest {
 
   /**
    * jUnit test set-up.
+   * @throws EidasAttributeException 
+   * @throws EidPostProcessingException 
    */
   @Before
-  public void setUp() throws EaafStorageException, URISyntaxException {
+  public void setUp() throws EaafStorageException, URISyntaxException, EidPostProcessingException, EidasAttributeException {
 
     httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
     httpResp = new MockHttpServletResponse();
@@ -117,9 +136,15 @@ public class CreateIdentityLinkTaskTest {
     pendingReq = new TestRequestImpl();
 
     response = buildDummyAuthResponse();
-
+    final Map<String, Object> eidasAttributes = convertEidasAttrToSimpleMap(
+        response.getAttributes().getAttributeMap());                  
+    final SimpleEidasData eidData = eidPostProcessor.postProcess(eidasAttributes);    
+    MatchingTaskUtils.storeInitialEidasData(pendingReq, eidData);
     pendingReq.getSessionData(AuthProcessDataWrapper.class)
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+    
+    MatchingTaskUtils.storeFinalMatchingResult(pendingReq, null);
+    
     pendingReq.setSpConfig(oaParam);
     pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
     pendingReq.setAuthUrl("http://test.com/");
@@ -181,6 +206,63 @@ public class CreateIdentityLinkTaskTest {
 
   }
 
+  @Test
+  public void successfulProcessWithDataFromMatching() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+
+    MatchedPersonResult matchingInfos = MatchedPersonResult.builder()
+        .bpk(RandomStringUtils.randomAlphabetic(5))
+        .givenName(RandomStringUtils.randomAlphabetic(5))
+        .familyName(RandomStringUtils.randomAlphabetic(5))
+        .dateOfBirth(RandomStringUtils.randomAlphabetic(5))
+        .countryCode(RandomStringUtils.randomAlphabetic(2).toUpperCase())
+        .build();
+        
+    MatchingTaskUtils.storeFinalMatchingResult(pendingReq, matchingInfos);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    
+    //validate state
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(Constants.EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(Constants.SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU",
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+    checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+    checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+    checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+    checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+    checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());
+
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=",
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+            
+  }
+  
   @Test
   public void buildIdentityLinkWithWbpk() throws Exception {
     //initialize test
@@ -444,4 +526,54 @@ public class CreateIdentityLinkTaskTest {
         .attributes(attributeMap)
         .build();
   }
+  
+  private Map<String, Object> convertEidasAttrToSimpleMap(
+      ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+    final Map<String, Object> result = new HashMap<>();
+    for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+      final Class<?> parameterizedType = el.getParameterizedType();
+      if (DateTime.class.equals(parameterizedType)) {
+        convertDateTime(attributeMap, result, el);
+      } else if (PostalAddress.class.equals(parameterizedType)) {
+        convertPostalAddress(attributeMap, result, el);
+      } else {
+        convertString(attributeMap, result, el);
+      }
+    }
+    return result;
+  }
+
+  private void convertString(ImmutableMap<AttributeDefinition<?>,
+                             ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                             Map<String, Object> result, AttributeDefinition<?> el) {
+    final List<String> natPersonIdObj = EidasResponseUtils
+        .translateStringListAttribute(el, attributeMap.get(el));
+    final String stringAttr = natPersonIdObj.get(0);
+    if (StringUtils.isNotEmpty(stringAttr)) {
+      result.put(el.getFriendlyName(), stringAttr);
+
+    }
+  }
+
+  private void convertPostalAddress(ImmutableMap<AttributeDefinition<?>,
+                                    ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                                    Map<String, Object> result, AttributeDefinition<?> el) {
+    final PostalAddress addressAttribute = EidasResponseUtils
+        .translateAddressAttribute(el, attributeMap.get(el).asList());
+    if (addressAttribute != null) {
+      result.put(el.getFriendlyName(), addressAttribute);
+
+    }
+  }
+
+  private void convertDateTime(ImmutableMap<AttributeDefinition<?>,
+                               ImmutableSet<? extends AttributeValue<?>>> attributeMap,
+                               Map<String, Object> result, AttributeDefinition<?> el) {
+    final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+    if (attribute != null) {
+      result.put(el.getFriendlyName(), attribute);
+
+    }
+  }
+  
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
index 34bca782..bb732f1c 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
@@ -24,14 +24,18 @@
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
 
 import static org.apache.commons.lang3.RandomStringUtils.randomAlphabetic;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
 import static org.junit.Assert.assertThrows;
+import static org.junit.Assert.assertTrue;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.ArgumentMatchers.eq;
 
 import java.math.BigInteger;
 import java.net.URI;
 import java.net.URISyntaxException;
-import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Collections;
 import java.util.List;
@@ -44,6 +48,7 @@ import org.apache.commons.lang3.RandomStringUtils;
 import org.jetbrains.annotations.NotNull;
 import org.junit.Assert;
 import org.junit.Before;
+import org.junit.Ignore;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.mockito.Mock;
@@ -62,6 +67,7 @@ import org.springframework.web.context.request.ServletRequestAttributes;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.IZmrClient;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.ernp.IErnpClient;
@@ -69,10 +75,12 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcess
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.CountrySpecificDetailSearchProcessor;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterSearchResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
@@ -100,11 +108,9 @@ public class InitialSearchTaskTest {
   
   private static final String EE = "EE";
   private static final String DE = "DE";
-  private static final String IT = "IT";
   
   private static final String EE_ST = EE + "/ST/";
   private static final String DE_ST = DE + "/ST/";
-  private static final String IT_ST = IT + "/ST/";
 
   @Mock
   private IZmrClient zmrClient;
@@ -173,130 +179,215 @@ public class InitialSearchTaskTest {
    */
   @Test
   @DirtiesContext
-  public void testNode100_UserIdentifiedUpdateNecessary_a() throws Exception {
-    String newFirstName = randomAlphabetic(10);
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+  public void singlePersonalIdMatchUpdateNecessary_Zmr() throws Exception {
+    String oldGivenName = randomAlphabetic(10);
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.singletonList(
             RegisterResult.builder()
                 .bpk(randomBpk)
                 .pseudonym(Arrays.asList(randomPsydonym))
-                .givenName(newFirstName)
+                .givenName(oldGivenName)
                 .familyName(randomFamilyName)
                 .dateOfBirth(randomBirthDate)
                 .build()),
             generateRandomProcessId()));
+    
+    Mockito.when(zmrClient.searchCountrySpecific(any(), any(), any())).thenThrow(
+        new IllegalStateException("CountrySpecific search search should not be neccessary"));
+    Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow(
+        new IllegalStateException("MDS search should not be neccessary"));  
+    
+    // execute test
     task.execute(pendingReq, executionContext);
-    String bPk = readBpkFromSessionData(pendingReq);
-
-    Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+    
+    // validate state
+    //INFO: has to be the old givenName because ZMR allows no update of MDS information
+    checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, oldGivenName, randomBirthDate, DE);
+        
   }
 
+  
   /**
-   * One match, but register update needed
+   * TODO: include again if ERnP update is implementet. Maybe we can update MDS based on ERnP. 
+   * 
+   * One match, but register update needed.
    * @throws EidasSAuthenticationException 
    */
+  @Ignore
   @Test
   @DirtiesContext
-  public void testNode100_UserIdentifiedUpdateNecessary_b() throws TaskExecutionException, EidasSAuthenticationException {
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+  public void singlePersonalIdMatchUpdateNecessary_Ernp() throws TaskExecutionException, EidasSAuthenticationException {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
     
-    String newRandomGivenName = randomAlphabetic(10);
+    String oldRandomGivenName = randomAlphabetic(10);
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList(
         RegisterResult.builder()
         .bpk(randomBpk)
         .pseudonym(Arrays.asList(randomPsydonym))
-        .givenName(newRandomGivenName)
+        .givenName(oldRandomGivenName)
         .familyName(randomFamilyName)
         .dateOfBirth(randomBirthDate)
         .build()));
 
+    // execute test
     task.execute(pendingReq, executionContext);
-    String bPk = readBpkFromSessionData(pendingReq);
-
-    Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+    
+    // validate state
+    checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
   }
 
   /**
-   * Two matches found in ZMR
+   * Two matches by PersonalId found in ZMR
    * @throws EidasSAuthenticationException 
    */
   @Test
   @DirtiesContext
-  public void testNode101_ManualFixNecessary_a() throws EidasSAuthenticationException {
-    ArrayList<RegisterResult> zmrResult = new ArrayList<>();
-    zmrResult.add(
-        RegisterResult.builder()
-        .bpk(randomBpk)
-        .pseudonym(Arrays.asList(randomPsydonym))
-        .givenName(randomGivenName)
-        .familyName(randomFamilyName)
-        .dateOfBirth(randomBirthDate)
-        .build());
-    String newRandomGivenName = randomGivenName + randomAlphabetic(2);
-    zmrResult.add(
-        RegisterResult.builder()
-        .bpk(randomBpk)
-        .pseudonym(Arrays.asList(randomPsydonym))
-        .givenName(newRandomGivenName)
-        .familyName(randomFamilyName)
-        .dateOfBirth(randomBirthDate)
-        .build());
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
-        new ZmrRegisterResult(zmrResult, generateRandomProcessId()));
-    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
+  public void multiPersonalIdMatch_Zmr() throws EidasSAuthenticationException {
+    String newRandomGivenName = randomAlphabetic(10);
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+        new ZmrRegisterResult(Arrays.asList(
+            RegisterResult.builder()
+                .bpk(randomBpk)
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(randomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build(),
+            RegisterResult.builder()
+                .bpk(randomBpk)
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(newRandomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build()
+            ),                         
+            generateRandomProcessId()));
+    Mockito.when(ernpClient.searchWithPersonIdentifier(
+        randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
 
+    // execute task
     TaskExecutionException exception = assertThrows(TaskExecutionException.class,
         () -> task.execute(pendingReq, executionContext));
 
-    Throwable origE = exception.getOriginalException();
-    Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+    
+    // validate state
+    assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+    assertTrue("Wrong flag 'manualFixNeeded'", 
+        ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); 
+        
   }
 
-
   /**
-   * Two matches found in ErnP
+   * Two matches by PersonalId found in ZMR
    * @throws EidasSAuthenticationException 
    */
   @Test
   @DirtiesContext
-  public void testNode101_ManualFixNecessary_b() throws EidasSAuthenticationException {
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
-        new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
-    ArrayList<RegisterResult> ernpResult = new ArrayList<>();
-    ernpResult.add(
-        RegisterResult.builder()
-        .bpk(randomBpk)
-        .pseudonym(Arrays.asList(randomPsydonym))
-        .givenName(randomGivenName)
-        .familyName(randomFamilyName)
-        .dateOfBirth(randomBirthDate)
-        .build());
-    String newRandomGivenName = randomGivenName + randomAlphabetic(2);
-    ernpResult.add(
-        RegisterResult.builder()
-        .bpk(randomBpk)
-        .pseudonym(Arrays.asList(randomPsydonym))
-        .givenName(newRandomGivenName)
-        .familyName(randomFamilyName)
-        .dateOfBirth(randomBirthDate)
-        .build());
-    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(ernpResult);
+  public void withErrorFromZmr() throws EidasSAuthenticationException {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenThrow(
+        new ZmrCommunicationException("jUnit ZMR error", null));
+    Mockito.when(ernpClient.searchWithPersonIdentifier(
+        randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
 
+    // execute task
     TaskExecutionException exception = assertThrows(TaskExecutionException.class,
         () -> task.execute(pendingReq, executionContext));
 
-    Throwable origE = exception.getOriginalException();
-    Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+    
+    // validate state
+    assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+    assertFalse("Wrong flag 'manualFixNeeded'", 
+        ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); 
+        
   }
 
   /**
-   * One match, no register update needed
+   * Two matches by PersonalId found in ErnP
+   * @throws EidasSAuthenticationException 
    */
   @Test
   @DirtiesContext
-  public void testNode102_UserIdentified_a() throws Exception {
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+  public void multiPersonalIdMatch_Ernp() throws EidasSAuthenticationException {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+        new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));    
+    String newRandomGivenName = randomAlphabetic(10);
+    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(
+        Arrays.asList(
+            RegisterResult.builder()
+                .bpk(randomBpk)
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(randomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build(),
+            RegisterResult.builder()
+                .bpk(randomBpk)
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(newRandomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build()            
+            ));
+
+    // execute task
+    TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+   
+    // validate state
+    assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+    assertTrue("Wrong flag 'manualFixNeeded'", 
+        ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); 
+    
+  }
+
+  /**
+   * Two matches by PersonalId
+   * @throws EidasSAuthenticationException 
+   */
+  @Test
+  @DirtiesContext
+  public void multiPersonalIdMatch_ErnpAndZmr() throws EidasSAuthenticationException {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+        new ZmrRegisterResult(Arrays.asList(
+            RegisterResult.builder()
+            .bpk(randomBpk)
+            .pseudonym(Arrays.asList(randomPsydonym))
+            .givenName(randomGivenName)
+            .familyName(randomFamilyName)
+            .dateOfBirth(randomBirthDate)
+            .build()            
+        ), generateRandomProcessId()));    
+    String newRandomGivenName = randomAlphabetic(10);
+    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(
+        Arrays.asList(
+            RegisterResult.builder()
+                .bpk(randomBpk)
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(randomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build()            
+            ));
+
+    // execute task
+    TaskExecutionException exception = assertThrows(TaskExecutionException.class,
+        () -> task.execute(pendingReq, executionContext));
+   
+    // validate state
+    assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+    assertTrue("Wrong flag 'manualFixNeeded'", 
+        ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); 
+    
+  }
+  
+  /**
+   * One match by PersonalId, no register update needed
+   */
+  @Test
+  @DirtiesContext
+  public void singlePersonalIdMatchNoUpdate_Ernp() throws Exception {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), generateRandomProcessId()));
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.singletonList(
         RegisterResult.builder()
@@ -307,18 +398,20 @@ public class InitialSearchTaskTest {
         .dateOfBirth(randomBirthDate)
         .build()));
 
+    // execute test
     task.execute(pendingReq, executionContext);
-    String bPk = readBpkFromSessionData(pendingReq);
-    Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+    
+    // validate state
+    checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
   }
 
   /**
-   * One match, no register update needed
+   * One match by PersonalId, no register update needed
    */
   @Test
   @DirtiesContext
-  public void testNode102_UserIdentified_b() throws Exception {
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+  public void singlePersonalIdMatchNoUpdate_Zmr() throws Exception {
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.singletonList(
             RegisterResult.builder()
                 .bpk(randomBpk)
@@ -330,27 +423,27 @@ public class InitialSearchTaskTest {
             generateRandomProcessId()));
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
 
+    // execute test
     task.execute(pendingReq, executionContext);
-
-    String bPk = readBpkFromSessionData(pendingReq);
-    Assert.assertEquals("Wrong bpk", randomBpk, bPk);
+    
+    // validate state
+    checkMatchingSuccessState(pendingReq, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
   }
 
   /**
-   * Multiple matches found in ZMR and ErnP with detail search
+   * Find single person in ZMR by country specifics.
    */
   @Test
   @DirtiesContext
-  public void testNode103_UserIdentified_DE() throws Exception {        
+  public void singlePersonFindWithCountySpecifics_Zmr() throws Exception {        
     final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
-        randomPersonalIdentifier_DE,
-        randomBirthDate, randomPlaceOfBirth, randomBirthName);
+        randomPersonalIdentifier_DE, randomBirthDate, randomPlaceOfBirth, randomBirthName);
     TestRequestImpl pendingReq1 = new TestRequestImpl();    
     pendingReq1.getSessionData(AuthProcessDataWrapper.class)
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
     
     BigInteger zmrProcessId = generateRandomProcessId();    
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));    
     Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn(
         new ZmrRegisterResult(Collections.singletonList(
@@ -364,23 +457,25 @@ public class InitialSearchTaskTest {
             .birthName(randomBirthName)
             .build())
         ,zmrProcessId));
+    Mockito.when(zmrClient.searchWithMds(any(), any(), any(), any(), any())).thenThrow(
+        new IllegalStateException("MDS search should not be neccessary"));    
+    
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
 
     // execute test
     task.execute(pendingReq1, executionContext);
-
+    
     // validate state
-    String resultBpk = readBpkFromSessionData(pendingReq1);
-    Assert.assertEquals("Wrong bpk", randomBpk, resultBpk);
+    checkMatchingSuccessState(pendingReq1, randomBpk, randomFamilyName, randomGivenName, randomBirthDate, DE);
     
   }
 
   /**
-   * Multiple matches found in ZMR and ErnP with detail search
+   * Multiple matches found in ZMR by country specifics.
    */
   @Test
   @DirtiesContext
-  public void testNode104_ManualFixNecessary_DE() throws Exception {
+  public void multiplePersonFindWithCountySpecifics_Zmr() throws Exception {
     String newRandomPseudonym = randomPersonalIdentifier_DE + RandomStringUtils.randomNumeric(2);
     String newRandomBpk = randomBpk + RandomStringUtils.randomNumeric(6);
     final AuthenticationResponse response = buildDummyAuthResponseDE(randomGivenName, randomFamilyName,
@@ -391,9 +486,8 @@ public class InitialSearchTaskTest {
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
     
     BigInteger zmrProcessId = generateRandomProcessId();    
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
-        new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));    
-    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());            
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
+        new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));                
     Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), eq(DE))).thenReturn(
         new ZmrRegisterResult(Arrays.asList(
             RegisterResult.builder()
@@ -416,14 +510,17 @@ public class InitialSearchTaskTest {
                 .build())
             ,zmrProcessId)); 
                 
+    Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
     
-    // execute test
+    // execute task
     TaskExecutionException exception = assertThrows(TaskExecutionException.class,
         () -> task.execute(pendingReq1, executionContext));
-
-    // check error 
-    Throwable origE = exception.getOriginalException();
-    Assert.assertTrue("Wrong exception", (origE instanceof WorkflowException));
+   
+    // validate state
+    assertTrue("Wrong exception", (exception.getOriginalException() instanceof WorkflowException));
+    assertTrue("Wrong flag 'manualFixNeeded'", 
+        ((WorkflowException)exception.getOriginalException()).isRequiresManualFix()); 
+    
   }
 
   /**
@@ -434,44 +531,51 @@ public class InitialSearchTaskTest {
    */
   @Test
   @DirtiesContext
-  public void testNode505_TransitionToInsertErnbTask() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+  public void noResultByAnySearch() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
     BigInteger zmrProcessId = generateRandomProcessId();
     pendingReq.getSessionData(AuthProcessDataWrapper.class)
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, 
             buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn(
+    
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); 
     Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); 
     
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_EE)).thenReturn(Collections.emptyList());
+    
 
+    // execute task
     task.execute(pendingReq, executionContext);
 
-    String bPk = readBpkFromSessionData(pendingReq);
-    Assert.assertNull("Wrong bpk", bPk);
+    
+    // validate state
+    assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+    
+    assertNull("Find intermediate matching data but matching should be finished", 
+        MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));            
+    assertNull("Find final matching data but no match sould be found",
+        MatchingTaskUtils.getFinalMatchingResult(pendingReq));
 
     Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
     Assert.assertNull("Wrong transition", transitionGUI);
     Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
     Assert.assertTrue("Wrong transition", transitionErnb);
+    
   }
 
   /**
-   * NO match found in ZMR and ErnP with Initial search, one match with MDS search in Ernb
-   * @throws EidasSAuthenticationException 
-   * @throws URISyntaxException 
-   * @throws EaafStorageException 
+   * Find one match with MDS search in ERnP. 
    */
   @Test
   @DirtiesContext
-  public void testNode505_TransitionToGUI_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
+  public void resultByMdsSearch_Ernb() throws TaskExecutionException, EidasSAuthenticationException, URISyntaxException, EaafStorageException {
     BigInteger zmrProcessId = generateRandomProcessId();
     pendingReq.getSessionData(AuthProcessDataWrapper.class)
         .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, 
               buildDummyAuthResponse(randomGivenName, randomFamilyName, randomPersonalIdentifier_EE, randomBirthDate));
     
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_EE)).thenReturn(
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, EE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); 
     Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, EE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
@@ -487,24 +591,22 @@ public class InitialSearchTaskTest {
                 .dateOfBirth(randomBirthDate)
                 .build()));
 
+    // execute test
     task.execute(pendingReq, executionContext);
 
-    assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
-    Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
-    Assert.assertTrue("Wrong transition", transitionGUI);
-    Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
-    Assert.assertNull("Wrong transition", transitionErnb);
+    // validate state
+    checkIntermediateResult(1);
+
   }
 
   /**
-   * NO match found in ZMR and ErnP with Initial search, one match with MDS search in ZMR
-   * @throws EidasSAuthenticationException 
+   * Find one match with MDS search in ZMR. 
    */
   @Test
   @DirtiesContext
-  public void testNode505_TransitionToGUI_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
+  public void resultByMdsSearch_Zmr() throws TaskExecutionException, EidasSAuthenticationException {
     BigInteger zmrProcessId = generateRandomProcessId();    
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); 
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());
 
@@ -518,29 +620,35 @@ public class InitialSearchTaskTest {
             .build()),
             zmrProcessId));
 
+    // execute test
     task.execute(pendingReq, executionContext);
 
-    assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
-    Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
-    Assert.assertTrue("Wrong transition", transitionGUI);
-    Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
-    Assert.assertNull("Wrong transition", transitionErnb);
+    // validate state
+    checkIntermediateResult(1);
+    
   }
 
   /**
-   * NO match found in ZMR and ErnP with Initial search, multiple matches found with MDS search
-   * @throws EidasSAuthenticationException 
+   * resultByMdsSearch
    */
   @Test
   @DirtiesContext
-  public void testNode505_TransitionToGUI_Ernb_multi() throws TaskExecutionException, EidasSAuthenticationException {
+  public void multipleResultsByMdsSearch() throws TaskExecutionException, EidasSAuthenticationException {
     BigInteger zmrProcessId = generateRandomProcessId();    
-    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPersonalIdentifier_DE)).thenReturn(
+    Mockito.when(zmrClient.searchWithPersonIdentifier(null, randomPsydonym, DE)).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId)); 
     Mockito.when(zmrClient.searchCountrySpecific(eq(zmrProcessId), any(PersonSuchenRequest.class), any(String.class))).thenReturn(
         new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
     Mockito.when(zmrClient.searchWithMds(zmrProcessId, randomGivenName, randomFamilyName, randomBirthDate, DE)).thenReturn(
-        new ZmrRegisterResult(Collections.emptyList(), zmrProcessId));
+        new ZmrRegisterResult(Arrays.asList(
+            RegisterResult.builder()
+                .bpk(randomBpk + "2")
+                .pseudonym(Arrays.asList(randomPsydonym))
+                .givenName(randomGivenName)
+                .familyName(randomFamilyName)
+                .dateOfBirth(randomBirthDate)
+                .build()), 
+            zmrProcessId));
         
     Mockito.when(ernpClient.searchWithPersonIdentifier(randomPersonalIdentifier_DE)).thenReturn(Collections.emptyList());            
     Mockito.when(ernpClient.searchWithMds(randomGivenName, randomFamilyName, randomBirthDate)).thenReturn(
@@ -560,13 +668,12 @@ public class InitialSearchTaskTest {
                 .dateOfBirth(randomBirthDate)
                 .build()));
 
+    // execute test
     task.execute(pendingReq, executionContext);
 
-    assertThrows(WorkflowException.class, () -> readBpkFromSessionData(pendingReq));
-    Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
-    Assert.assertTrue("Wrong transition", transitionGUI);
-    Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
-    Assert.assertNull("Wrong transition", transitionErnb);
+    // validate state
+    checkIntermediateResult(3);
+    
   }
 
   @NotNull
@@ -579,6 +686,38 @@ public class InitialSearchTaskTest {
     
   }
   
+  private void checkMatchingSuccessState(IRequest pendingReq, String bpk, String familyName, String givenName, 
+      String birhday, String countryCode) {    
+    assertNull("Find intermediate matching data but matching should be finished", 
+        MatchingTaskUtils.getIntermediateMatchingResult(pendingReq));    
+    assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));
+    
+    MatchedPersonResult personInfo = MatchingTaskUtils.getFinalMatchingResult(pendingReq);
+    assertNotNull("no final matching result", personInfo);
+    assertEquals("wrong bpk", bpk, personInfo.getBpk());
+    assertEquals("wrong givenName", givenName, personInfo.getGivenName());
+    assertEquals("wrong familyName", familyName, personInfo.getFamilyName());
+    assertEquals("wrong dateOfBirth", birhday, personInfo.getDateOfBirth());
+    assertEquals("wrong countryCode", countryCode, personInfo.getCountryCode());
+        
+  }
+  
+  private void checkIntermediateResult(int resultSize) {    
+    Boolean transitionGUI = (Boolean) executionContext.get(Constants.TRANSITION_TO_GENERATE_OTHER_LOGIN_METHOD_GUI_TASK);
+    Assert.assertTrue("Wrong transition", transitionGUI);
+    Boolean transitionErnb = (Boolean) executionContext.get(Constants.TRANSITION_TO_CREATE_NEW_ERNP_ENTRY_TASK);
+    Assert.assertNull("Wrong transition", transitionErnb);
+        
+    assertNotNull("find no eIDAS inbut data", MatchingTaskUtils.getInitialEidasData(pendingReq));                    
+    assertNull("Find final matching data but no match sould be found",
+        MatchingTaskUtils.getFinalMatchingResult(pendingReq));
+    
+    RegisterSearchResult result = MatchingTaskUtils.getIntermediateMatchingResult(pendingReq);
+    assertNotNull("Find no intermediate matching data", result);
+    assertEquals("wrong intermediate result size", resultSize, result.getResultCount());
+    
+  }
+  
   @NotNull
   private AuthenticationResponse buildDummyAuthResponse(String givenName, String familyName, String identifier,
                                                         String dateOfBirth) throws URISyntaxException {
@@ -646,10 +785,4 @@ public class InitialSearchTaskTest {
         .attributeValueMarshaller(marshaller).build();
   }
 
-  private String readBpkFromSessionData(TestRequestImpl pendingReq) throws WorkflowException {
-    return MatchingTaskUtils.getInitialRegisterResult(pendingReq) != null 
-        ? MatchingTaskUtils.getInitialRegisterResult(pendingReq).getBpk()
-        : null;
-    
-  }
 }
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
index 281be36f..77c49bb4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAustrianResidenceGuiResponseTaskTest.java
@@ -101,7 +101,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
     SimpleEidasData eidasData = setupEidasData();
     RegisterSearchResult registerSearchResult = buildEmptyResult();
     mockRegisterSearch(userInput, registerSearchResult, eidasData);
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
     
     task.execute(pendingReq, executionContext);
 
@@ -113,7 +113,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
     UserInput userInput = setupUserInput();
     SimpleEidasData eidasData = setupEidasData();
     RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildMatchingRegisterResult(eidasData));
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
     mockRegisterSearch(userInput, registerSearchResult, eidasData);
 
     task.execute(pendingReq, executionContext);
@@ -128,7 +128,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
     UserInput userInput = setupUserInput();
     SimpleEidasData eidasData = setupEidasData();
     RegisterSearchResult registerSearchResult = buildResultWithOneMatch(buildNotMatchingRegisterResult(eidasData));
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
     mockRegisterSearch(userInput, registerSearchResult, eidasData);
 
     task.execute(pendingReq, executionContext);
@@ -141,7 +141,7 @@ public class ReceiveAustrianResidenceGuiResponseTaskTest {
     UserInput userInput = setupUserInput();
     SimpleEidasData eidasData = setupEidasData();
     RegisterSearchResult registerSearchResult = buildResultWithTwoMatches();
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
     mockRegisterSearch(userInput, registerSearchResult, eidasData);
 
     TaskExecutionException e = assertThrows(TaskExecutionException.class,
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
index 8c137bb2..51077e96 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveMobilePhoneSignatureResponseTaskTest.java
@@ -344,7 +344,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
     authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
     RegisterSearchResult registerSearchResult = new RegisterSearchResult(new RegisterOperationStatus(generateRandomProcessId()),
         Collections.emptyList(), Collections.emptyList());
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
     
     task.execute(pendingReq, executionContext);
 
@@ -363,7 +363,7 @@ public class ReceiveMobilePhoneSignatureResponseTaskTest {
     SimpleEidasData eidData = createEidasDataMatchingToSamlResponse().build();
     authProcessData.setGenericDataToSession(Constants.DATA_SIMPLE_EIDAS, eidData);
     RegisterSearchResult registerSearchResult = buildResultWithOneMatch();
-    MatchingTaskUtils.storeInitialRegisterResult(pendingReq, registerSearchResult);
+    MatchingTaskUtils.storeIntermediateMatchingResult(pendingReq, registerSearchResult);
 
     task.execute(pendingReq, executionContext);
 
diff --git a/pom.xml b/pom.xml
index fd8d816e..e70df243 100644
--- a/pom.xml
+++ b/pom.xml
@@ -22,7 +22,7 @@
     <!-- ===================================================================== -->
     <egiz-spring-api>0.3</egiz-spring-api>
     <egiz-eventlog-slf4jBackend>0.4</egiz-eventlog-slf4jBackend>
-    <eaaf-core.version>1.1.12-SNAPSHOT</eaaf-core.version>
+    <eaaf-core.version>1.1.13.1</eaaf-core.version>
 
     <spring-boot-starter-web.version>2.4.1</spring-boot-starter-web.version>
     <spring-boot-admin-starter-client.version>2.3.1</spring-boot-admin-starter-client.version>
-- 
cgit v1.2.3


From cbf1d0408519d0763a1a87b733c16a1ba5d022ba Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 7 Jul 2021 09:31:43 +0200
Subject: add HTML template for additional eID information

---
 basicConfig/properties/messages.properties         |   9 +-
 basicConfig/templates/other_login_method.html      | 218 +++++++++++++++++++++
 .../config/StaticResourceConfiguration.java        | 207 -------------------
 .../controller/ProcessEngineSignalController.java  |   3 +-
 .../resources/specific_eIDAS_connector.beans.xml   |   3 -
 .../spring/SpringTest_connector.beans.xml          |   2 +-
 connector_lib/pom.xml                              |  10 +
 .../gui/config/StaticResourceConfiguration.java    | 207 +++++++++++++++++++
 .../src/main/resources/common_gui.beans.xml        |   3 +
 eidas_modules/authmodule-eIDAS-v2/pom.xml          |  13 +-
 .../v2/tasks/GenerateOtherLoginMethodGuiTask.java  |  11 +-
 .../ReceiveOtherLoginMethodGuiResponseTask.java    |   8 +-
 .../tasks/GenerateOtherLoginMethodGuiTaskTest.java | 143 ++++++++++++++
 .../resources/config/junit_config_1.properties     |   6 +-
 14 files changed, 617 insertions(+), 226 deletions(-)
 create mode 100644 basicConfig/templates/other_login_method.html
 delete mode 100644 connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
 create mode 100644 connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/config/StaticResourceConfiguration.java
 create mode 100644 eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java

(limited to 'connector/src/test/resources/spring')

diff --git a/basicConfig/properties/messages.properties b/basicConfig/properties/messages.properties
index 9f7f8f7c..60ab474e 100644
--- a/basicConfig/properties/messages.properties
+++ b/basicConfig/properties/messages.properties
@@ -31,6 +31,13 @@ gui.countryselection.infos.general.part.4=, which regulates the mutual cross-bor
 gui.countryselection.infos.general.part.5=After selecting your home country on this page, you are forwarded to the familiar login environment of the selected member state. There, you can login with your eID as usual. After successful completion of the login process, you are automatically forwarded and logged in to the online service, from which you have been redirected to this page. During your first login, your eID data is also registered in the 
 gui.countryselection.infos.general.part.6=This ensures that you will also be successfully and uniquely identified in subsequent logins at Austrian online services.
 
+gui.matching.otherloginmethod.header=Assignment of your login information 
+gui.matching.otherloginmethod.info.text=Your login information could not be clearly integrated into the Austrian eID system. Further information is required for an unique integration. 
+gui.matching.otherloginmethod.ida=You have an ID Austria 
+gui.matching.otherloginmethod.eidas=You can provide additional information via eIDAS 
+gui.matching.otherloginmethod.residence=Have you ever lived in Austria? 
+
+
 gui.countryselection.country.be=Belgium
 gui.countryselection.country.be.logo.alt=Belgium-eID
 gui.countryselection.country.hr=Croatia
@@ -95,4 +102,4 @@ gui.countryselection.country.testcountry.logo.alt=Testcountry-eID
 gui.countryselection.mode.prod=Production
 gui.countryselection.mode.qs=QS
 gui.countryselection.mode.test=Test
-gui.countryselection.mode.dev=Development
\ No newline at end of file
+gui.countryselection.mode.dev=Development
diff --git a/basicConfig/templates/other_login_method.html b/basicConfig/templates/other_login_method.html
new file mode 100644
index 00000000..1e2fb8f3
--- /dev/null
+++ b/basicConfig/templates/other_login_method.html
@@ -0,0 +1,218 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org"
+      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
+      layout:decorator="fragments/base"
+      th:with="lang=${#locale.language}" th:lang="${lang}">
+<head>
+  <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+  <meta name="viewport" content="width=device-width, initial-scale=1">
+  <link rel="stylesheet" href="$contextPath/static/css/css_country.css" th:href="@{/static/css/css_country.css}"/>
+  <title th:text="#{gui.countryselection.title}">eIDAS-Login Länderauswahl</title>
+<script type="text/javascript">
+</script>
+<style>
+body {
+	background-image: none;
+	margin:		0px;
+	font-family:	"Helvetica Neue", Helvetica, Arial, sans-serif;
+}
+
+div.header {
+	background-color: #e9ecef;
+	padding-top: 28px;
+	padding-left: 137px;
+	padding-right: 137px;
+	padding-bottom: 12px;
+}
+div.titlebar {
+	padding: 0px;
+}
+div.titlebar div {
+}
+.hidden {
+	display: none;
+}
+ul.nav_oben {
+	padding: 0px;
+	margin: 0px;
+	text-align: right;
+	text-transform: uppercase;
+}
+li {
+	display: inline-block;
+}
+div.header a {
+	text-decoration: none;
+	color: black;
+}
+a {
+	text-decoration: none;
+	color: #a22c1c;
+}
+.block {
+	/* override country.css */
+	padding-bottom: 20px;
+}
+@media only screen and (min-width: 1000px) {
+	div.header {
+		padding-left: 137px;
+		padding-right: 137px;
+	}
+	.content {
+		padding-left: 137px;
+		padding-right: 137px;
+	}
+	footer {
+		padding-left: 137px;
+		padding-right: 137px;
+	}
+}
+@media only screen and (max-width: 999px) {
+	div.header {
+		padding-left: 1em;
+		padding-right: 1em;
+	}
+	.content {
+		padding-left: 1em;
+		padding-right: 1em;
+	}
+	footer {
+		padding-left: 1em;
+		padding-right: 1em;
+	}
+}
+
+div.subtitle h1 {
+	padding: 0px;
+	margin: 0px;
+	font-size: 130%;
+	align: right;
+}
+div.subtitle h2 {
+	padding: 0px;
+	margin: 0px;
+	font-size: 115%;
+}
+footer {
+    left: 0;
+    padding-top: 1em;
+    bottom: 0;
+    width: 100%;
+    height: 2em;
+    background-color: rgb(162,44,28);
+    color: white;
+}
+.float {
+	float: left;
+}
+.floatright {
+	float: right;
+}
+.copyright {
+	width: 66%;
+	font-size: 80%;
+}
+#countries {
+	padding-bottom: 40px;
+}
+#country {
+	padding-bottom: 20px;
+}
+input[type=submit] {
+	width: inherit;
+/*	text-align: left; */
+}
+form {
+	justify-content: center;
+}
+</style>
+</head>
+<body>
+  <div class="header container">
+    <div class="titlebar">
+      <div>
+	     <a href="https://www.bmi.gv.at/" target="_blank" title="Home">
+	       <img class="toplogo img-responsive" src="/static/BMI.png" alt="Logo BMI"
+              th:attr="alt=#{gui.countryselection.logo.bmi.alt}">
+	       <h1 class="hidden" th:text="#{gui.countryselection.header1}"> Bundesministerium für Inneres </h1>
+	     </a>
+      </div>
+      <ul class="nav_oben">
+        <li>
+          <div class="languageselection" th:include="language_selection :: selectlanguage">
+            LanguageSelectionBlock
+          </div>
+        </li>
+        &nbsp; &nbsp;
+        <li><a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.link.bmi}" > Startseite BMI </a></li>
+      </ul>
+    </div>
+  </div>
+  <div class="content">
+    <div class="subtitle">
+      <h1 th:text="#{gui.countryselection.header2}" > Zentraler eIDAS Knoten der Republik Österreich </h1>
+      <h2 th:text="#{gui.countryselection.header3}" > Betrieben durch das Bundesministerium für Inneres </h2>
+    </div>
+
+    <h1 th:text="#{gui.matching.otherloginmethod.header}"> Zuordnung Ihrer Anmeldeinformationen </h1>
+
+    <p th:text="#{gui.matching.otherloginmethod.info.text}" >Ihre Anmeldeinformationen konnten nicht eindeutig in das österreichische eID System integriert werden.
+      Für eine eindeutig Integration sind weitere Informationen erforderlich. </p>
+
+
+    <div id="country">
+            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+                <input type="submit" role="button" value="Sie verfügen über einen ID Austria" th:attr="value=#{gui.matching.otherloginmethod.ida}" />
+                <input type="hidden" name="loginSelection" value="MOBILE_PHONE_SIGNATURE_LOGIN">
+                <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}" />
+            </form>
+
+            <!-- add this block if additional eIDAS authentication is implemented -->
+            <!--form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+                <input type="submit" role="button" value="Sie können zusätzliche Informationen via eIDAS bereitstellen" th:attr="value=#{gui.matching.otherloginmethod.eidas}" />
+                <input type="hidden" name="loginSelection" value="EIDAS_LOGIN">
+                <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}" />
+            </form-->
+
+            <form class="block" method="post" action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+                <input type="submit" role="button" value="Sie waren bereits einmal in Österreich wohnhaft" th:attr="value=#{gui.matching.otherloginmethod.residence}" />
+                <input type="hidden" name="loginSelection" value="NO_OTHER_LOGIN">
+                <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}" />
+            </form>
+    </div>
+
+
+    <!-- Abbrechen Button -->
+    <form   class="block" method="post"  action="$contextPath$submitEndpoint" th:attr="action=@{${submitEndpoint}}">
+      <input  type="submit" class="btn btn-outline-primary btn-block" value="Abbrechen/Cancel" th:attr="value=#{gui.countryselection.cancel}">
+      <input  type="hidden" name="stopAuthProcess" value="true" >
+      <input  type="hidden" name="pendingid"  value="$pendingid" th:attr="value=${pendingid}">
+    </form>
+
+
+<h2 th:text="#{gui.countryselection.infos.general.header}" > Information zur Anmeldung über Europäische eIDs </h2>
+<p>
+  <span th:text="#{gui.countryselection.infos.general.part.1}"> first part </span>
+  <a href="https://www.bmi.gv.at/" target="_blank" th:text="#{gui.countryselection.header1}" > Bundesministerium für Inneres </a>
+  <span th:text="#{gui.countryselection.infos.general.part.2}"> second part </span>
+</p>
+
+<p>
+  <span th:text="#{gui.countryselection.infos.general.part.3}"> third part </span>
+  <a href="https://eur-lex.europa.eu/legal-content/DE/TXT/HTML/?uri=CELEX:32014R0910&from=DE" target="_blank" th:text="#{gui.countryselection.infos.general.link.1}"> eIDAS-Verordnung der Europäischen Union </a>
+  <span th:text="#{gui.countryselection.infos.general.part.4}"> fourth part </span>
+</p>
+
+<p
+  <span th:text="#{gui.countryselection.infos.general.part.5}"> fived part </span>
+  <a href="https://www.dsb.gv.at/-/das-erganzungsregister-fur-naturliche-personen-ernp-" target="_blank" th:text="#{gui.countryselection.infos.general.link.2}" ></a>
+  <span th:text="#{gui.countryselection.infos.general.part.6}"> sixed part </span>
+</p>
+
+  </div>
+  <footer>
+	<div class="copyright">&copy; BUNDESMINISTERIUM FÜR INNERES</div>
+	<div></div>
+ </footer>
+</body>
+</html>
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
deleted file mode 100644
index a1e953f1..00000000
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/config/StaticResourceConfiguration.java
+++ /dev/null
@@ -1,207 +0,0 @@
-/*
- * Copyright 2019 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-package at.asitplus.eidas.specific.connector.config;
-
-import java.net.MalformedURLException;
-import java.util.List;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.context.support.ReloadableResourceBundleMessageSource;
-import org.springframework.web.servlet.config.annotation.EnableWebMvc;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-import org.thymeleaf.templateresolver.FileTemplateResolver;
-
-import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
-import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
-import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-
-/**
- * Spring configurator for Web resources.
- * 
- * @author tlenz
- *
- */
-@Configuration
-@EnableWebMvc
-public class StaticResourceConfiguration implements WebMvcConfigurer {
-  private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class);
-  private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
-      "/"
-  };
-
-  private static final String DEFAULT_MESSAGE_SOURCE = "classpath:properties/status_messages";
-
-  @Autowired
-  private IConfiguration basicConfig;
-
-  @Override
-  public void addResourceHandlers(ResourceHandlerRegistry registry) {
-    final String staticResources = basicConfig.getBasicConfiguration(
-        MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_STATIC_PATH);
-    try {
-      if (StringUtils.isNotEmpty(staticResources)) {
-        String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig
-            .getConfigurationRootDirectory());
-        if (!absPath.endsWith("/")) {
-          absPath += "/";
-        }
-
-        registry.addResourceHandler("/static/**").addResourceLocations(absPath);
-        log.info("Add Ressourcefolder: " + absPath + " for static Web content");
-
-      } else {
-        log.debug("No Ressourcefolder for static Web content");
-      }
-
-    } catch (final MalformedURLException e) {
-      log.warn("Can NOT initialize ressourcefolder for static Web content", e);
-
-    }
-
-    registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS);
-
-  }
-
-  /**
-   * Get a message source with only internal message properties.
-   *
-   * @param ressourceLocations List of source-locations
-   * @return
-   */
-  @Bean
-  public ReloadableResourceBundleMessageSource internalMessageSource(
-      @Autowired(required = false) final List<IMessageSourceLocation> ressourceLocations) {
-    final ReloadableResourceBundleMessageSource messageSource =
-        new ReloadableResourceBundleMessageSource();
-
-    // add default message source
-    messageSource.setBasename(DEFAULT_MESSAGE_SOURCE);
-
-    if (ressourceLocations != null) {
-      // load more message sources
-      for (final IMessageSourceLocation el : ressourceLocations) {
-        if (el.getMessageSourceLocation() != null) {
-          for (final String source : el.getMessageSourceLocation()) {
-            messageSource.addBasenames(source);
-            log.debug("Add additional messageSources: {}", el.getMessageSourceLocation().toArray());
-
-          }
-        }
-      }
-    }
-
-    messageSource.setDefaultEncoding("UTF-8");
-    return messageSource;
-
-  }
-
-  /**
-   * Get full message source with internal and external message-properties files.
-   *
-   * @param ressourceLocations List of source-locations
-   * @return
-   */
-  @Bean
-  public ReloadableResourceBundleMessageSource messageSource(
-      @Autowired(required = false) final List<IMessageSourceLocation> ressourceLocations) {
-    final ReloadableResourceBundleMessageSource messageSource =
-        new ReloadableResourceBundleMessageSource();
-    messageSource.setDefaultEncoding("UTF-8");
-    messageSource.setParentMessageSource(internalMessageSource(ressourceLocations));
-
-    final String staticResources = basicConfig
-        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH);
-    try {
-      if (StringUtils.isNotEmpty(staticResources)) {
-        final String absPath =
-            FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory());
-        messageSource.setBasename(absPath);
-
-      } else {
-        log.debug("No Ressourcefolder for dynamic Web content templates");
-
-      }
-
-    } catch (final MalformedURLException e) {
-      log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
-
-    }
-
-    return messageSource;
-
-  }
-    
-  /**
-   * Get a Tyhmeleaf Template-Resolver with external configuration path.
-   *
-   * @return
-   */
-  @Bean(name = "templateResolver")
-  public FileTemplateResolver templateResolver() {
-    final String staticResources = basicConfig
-        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH);
-    try {
-      if (StringUtils.isNotEmpty(staticResources)) {
-        String absPath =
-            FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory());
-        if (!absPath.endsWith("/")) {
-          absPath += "/";
-
-        }
-
-        if (absPath.startsWith("file:")) {
-          absPath = absPath.substring("file:".length());
-
-        }
-
-        final FileTemplateResolver viewResolver = new FileTemplateResolver();
-        viewResolver.setPrefix(absPath);
-        viewResolver.setSuffix(".html");
-        viewResolver.setTemplateMode("HTML");
-        viewResolver.setCacheable(false);
-
-        log.info("Add Ressourcefolder: {} for dynamic Web content templates", absPath);
-        return viewResolver;
-
-      } else {
-        log.debug("No Ressourcefolder for dynamic Web content templates");
-
-      }
-
-    } catch (final MalformedURLException e) {
-      log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
-
-    }
-
-    throw new RuntimeException("Can NOT initialize HTML template resolver");
-
-  }
-}
diff --git a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
index 1bf1ad67..6e2879a8 100644
--- a/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
+++ b/connector/src/main/java/at/asitplus/eidas/specific/connector/controller/ProcessEngineSignalController.java
@@ -46,7 +46,8 @@ import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalContr
 public class ProcessEngineSignalController extends AbstractProcessEngineSignalController {
 
   @RequestMapping(value = { 
-      MsEidasNodeConstants.ENDPOINT_COUNTRYSELECTION
+          MsEidasNodeConstants.ENDPOINT_COUNTRYSELECTION,
+          MsEidasNodeConstants.ENDPOINT_OTHER_LOGIN_METHOD_SELECTION
       },
       method = { RequestMethod.POST, RequestMethod.GET })
   public void performGenericAuthenticationProcess(HttpServletRequest req, HttpServletResponse resp)
diff --git a/connector/src/main/resources/specific_eIDAS_connector.beans.xml b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
index 4608086e..ec16a7d2 100644
--- a/connector/src/main/resources/specific_eIDAS_connector.beans.xml
+++ b/connector/src/main/resources/specific_eIDAS_connector.beans.xml
@@ -13,9 +13,6 @@
 
   <import resource="common_gui.beans.xml"/>
 
-  <bean id="WebResourceConfiguration"
-        class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
-
   <bean id="processEngineSignalController"
         class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
 
diff --git a/connector/src/test/resources/spring/SpringTest_connector.beans.xml b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
index ac5455d3..81fff7dd 100644
--- a/connector/src/test/resources/spring/SpringTest_connector.beans.xml
+++ b/connector/src/test/resources/spring/SpringTest_connector.beans.xml
@@ -19,7 +19,7 @@
         class="at.gv.egiz.eaaf.core.impl.idp.auth.services.DefaultErrorService"/>
 
   <bean id="WebResourceConfiguration"
-    class="at.asitplus.eidas.specific.connector.config.StaticResourceConfiguration" />
+    class="at.asitplus.eidas.specific.connector.gui.config.StaticResourceConfiguration" />
 
   <bean id="ProcessEngineSignalController"
     class="at.asitplus.eidas.specific.connector.controller.ProcessEngineSignalController" />
diff --git a/connector_lib/pom.xml b/connector_lib/pom.xml
index 8ed561f3..a8a88e71 100644
--- a/connector_lib/pom.xml
+++ b/connector_lib/pom.xml
@@ -27,6 +27,14 @@
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
     </dependency>
+    <dependency>
+      <groupId>org.thymeleaf</groupId>
+      <artifactId>thymeleaf-spring5</artifactId>
+    </dependency>
+    <dependency>
+        <groupId>org.hibernate.validator</groupId>
+        <artifactId>hibernate-validator</artifactId>
+    </dependency>     
     <dependency>
       <groupId>javax.validation</groupId>
       <artifactId>validation-api</artifactId>
@@ -37,6 +45,8 @@
       <artifactId>javax.servlet-api</artifactId>
       <scope>provided</scope>
     </dependency>
+ 
+
 
     <!-- jUnit test dependencies -->
     <dependency>
diff --git a/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/config/StaticResourceConfiguration.java b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/config/StaticResourceConfiguration.java
new file mode 100644
index 00000000..1f357674
--- /dev/null
+++ b/connector_lib/src/main/java/at/asitplus/eidas/specific/connector/gui/config/StaticResourceConfiguration.java
@@ -0,0 +1,207 @@
+/*
+ * Copyright 2019 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.connector.gui.config;
+
+import java.net.MalformedURLException;
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.context.support.ReloadableResourceBundleMessageSource;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
+import org.thymeleaf.templateresolver.FileTemplateResolver;
+
+import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.logging.IMessageSourceLocation;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+
+/**
+ * Spring configurator for Web resources.
+ * 
+ * @author tlenz
+ *
+ */
+@Configuration
+@EnableWebMvc
+public class StaticResourceConfiguration implements WebMvcConfigurer {
+  private static final Logger log = LoggerFactory.getLogger(StaticResourceConfiguration.class);
+  private static final String[] CLASSPATH_RESOURCE_LOCATIONS = {
+      "/"
+  };
+
+  private static final String DEFAULT_MESSAGE_SOURCE = "classpath:properties/status_messages";
+
+  @Autowired
+  private IConfiguration basicConfig;
+
+  @Override
+  public void addResourceHandlers(ResourceHandlerRegistry registry) {
+    final String staticResources = basicConfig.getBasicConfiguration(
+        MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_STATIC_PATH);
+    try {
+      if (StringUtils.isNotEmpty(staticResources)) {
+        String absPath = FileUtils.makeAbsoluteUrl(staticResources, basicConfig
+            .getConfigurationRootDirectory());
+        if (!absPath.endsWith("/")) {
+          absPath += "/";
+        }
+
+        registry.addResourceHandler("/static/**").addResourceLocations(absPath);
+        log.info("Add Ressourcefolder: " + absPath + " for static Web content");
+
+      } else {
+        log.debug("No Ressourcefolder for static Web content");
+      }
+
+    } catch (final MalformedURLException e) {
+      log.warn("Can NOT initialize ressourcefolder for static Web content", e);
+
+    }
+
+    registry.addResourceHandler("/**").addResourceLocations(CLASSPATH_RESOURCE_LOCATIONS);
+
+  }
+
+  /**
+   * Get a message source with only internal message properties.
+   *
+   * @param ressourceLocations List of source-locations
+   * @return
+   */
+  @Bean
+  public ReloadableResourceBundleMessageSource internalMessageSource(
+      @Autowired(required = false) final List<IMessageSourceLocation> ressourceLocations) {
+    final ReloadableResourceBundleMessageSource messageSource =
+        new ReloadableResourceBundleMessageSource();
+
+    // add default message source
+    messageSource.setBasename(DEFAULT_MESSAGE_SOURCE);
+
+    if (ressourceLocations != null) {
+      // load more message sources
+      for (final IMessageSourceLocation el : ressourceLocations) {
+        if (el.getMessageSourceLocation() != null) {
+          for (final String source : el.getMessageSourceLocation()) {
+            messageSource.addBasenames(source);
+            log.debug("Add additional messageSources: {}", el.getMessageSourceLocation().toArray());
+
+          }
+        }
+      }
+    }
+
+    messageSource.setDefaultEncoding("UTF-8");
+    return messageSource;
+
+  }
+
+  /**
+   * Get full message source with internal and external message-properties files.
+   *
+   * @param ressourceLocations List of source-locations
+   * @return
+   */
+  @Bean
+  public ReloadableResourceBundleMessageSource messageSource(
+      @Autowired(required = false) final List<IMessageSourceLocation> ressourceLocations) {
+    final ReloadableResourceBundleMessageSource messageSource =
+        new ReloadableResourceBundleMessageSource();
+    messageSource.setDefaultEncoding("UTF-8");
+    messageSource.setParentMessageSource(internalMessageSource(ressourceLocations));
+
+    final String staticResources = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_PROPERTIES_PATH);
+    try {
+      if (StringUtils.isNotEmpty(staticResources)) {
+        final String absPath =
+            FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory());
+        messageSource.setBasename(absPath);
+
+      } else {
+        log.debug("No Ressourcefolder for dynamic Web content templates");
+
+      }
+
+    } catch (final MalformedURLException e) {
+      log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
+
+    }
+
+    return messageSource;
+
+  }
+    
+  /**
+   * Get a Tyhmeleaf Template-Resolver with external configuration path.
+   *
+   * @return
+   */
+  @Bean(name = "templateResolver")
+  public FileTemplateResolver templateResolver() {
+    final String staticResources = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_WEBCONTENT_TEMPLATES_PATH);
+    try {
+      if (StringUtils.isNotEmpty(staticResources)) {
+        String absPath =
+            FileUtils.makeAbsoluteUrl(staticResources, basicConfig.getConfigurationRootDirectory());
+        if (!absPath.endsWith("/")) {
+          absPath += "/";
+
+        }
+
+        if (absPath.startsWith("file:")) {
+          absPath = absPath.substring("file:".length());
+
+        }
+
+        final FileTemplateResolver viewResolver = new FileTemplateResolver();
+        viewResolver.setPrefix(absPath);
+        viewResolver.setSuffix(".html");
+        viewResolver.setTemplateMode("HTML");
+        viewResolver.setCacheable(false);
+
+        log.info("Add Ressourcefolder: {} for dynamic Web content templates", absPath);
+        return viewResolver;
+
+      } else {
+        log.debug("No Ressourcefolder for dynamic Web content templates");
+
+      }
+
+    } catch (final MalformedURLException e) {
+      log.warn("Can NOT initialize ressourcefolder for dynamic Web content templates", e);
+
+    }
+
+    throw new RuntimeException("Can NOT initialize HTML template resolver");
+
+  }
+}
diff --git a/connector_lib/src/main/resources/common_gui.beans.xml b/connector_lib/src/main/resources/common_gui.beans.xml
index 969a40f7..fc19efdc 100644
--- a/connector_lib/src/main/resources/common_gui.beans.xml
+++ b/connector_lib/src/main/resources/common_gui.beans.xml
@@ -11,6 +11,9 @@
     http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd 
     http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task-3.0.xsd">
 
+  <bean id="WebResourceConfiguration"
+        class="at.asitplus.eidas.specific.connector.gui.config.StaticResourceConfiguration" />
+
   <bean id="contentNegotiationManager"
     class="org.springframework.web.accept.ContentNegotiationManagerFactoryBean"
     primary="true">
diff --git a/eidas_modules/authmodule-eIDAS-v2/pom.xml b/eidas_modules/authmodule-eIDAS-v2/pom.xml
index 0477ee23..95ad2856 100644
--- a/eidas_modules/authmodule-eIDAS-v2/pom.xml
+++ b/eidas_modules/authmodule-eIDAS-v2/pom.xml
@@ -103,6 +103,12 @@
     <dependency>
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-actuator</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>org.springframework.boot</groupId>
+          <artifactId>spring-boot-starter-tomcat</artifactId>
+        </exclusion>
+      </exclusions>
     </dependency>
     <dependency>
       <groupId>org.apache.commons</groupId>
@@ -171,7 +177,12 @@
       <groupId>org.springframework.boot</groupId>
       <artifactId>spring-boot-starter-test</artifactId>
       <scope>test</scope>
-    </dependency>
+    </dependency>        
+    <dependency>
+      <groupId>org.springframework.boot</groupId>
+      <artifactId>spring-boot-starter-tomcat</artifactId>
+      <scope>test</scope>
+    </dependency>        
     <dependency>
       <groupId>com.github.skjolber</groupId>
       <artifactId>mockito-soap-cxf</artifactId>
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
index 8c3cc994..dbdda78e 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateOtherLoginMethodGuiTask.java
@@ -23,6 +23,12 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
 import at.asitplus.eidas.specific.connector.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.connector.gui.StaticGuiBuilderConfiguration;
 import at.gv.egiz.eaaf.core.api.gui.IGuiBuilderConfiguration;
@@ -32,11 +38,6 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import lombok.extern.slf4j.Slf4j;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import javax.servlet.http.HttpServletRequest;
-import javax.servlet.http.HttpServletResponse;
 
 /**
  * Task that provides GUI for user to select an alternative login method.
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
index 0eb56d0b..8431d968 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
+++ b/eidas_modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveOtherLoginMethodGuiResponseTask.java
@@ -36,7 +36,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.InvalidUserInputException;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.idp.controller.tasks.AbstractLocaleAuthServletTask;
 import lombok.extern.slf4j.Slf4j;
 
 /**
@@ -62,11 +62,11 @@ import lombok.extern.slf4j.Slf4j;
  */
 @Slf4j
 @Component("ReceiveOtherLoginMethodGuiResponseTask")
-public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractAuthServletTask {
+public class ReceiveOtherLoginMethodGuiResponseTask extends AbstractLocaleAuthServletTask {
 
   @Override
-  public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
-      throws TaskExecutionException {
+  public void executeWithLocale(ExecutionContext executionContext, HttpServletRequest request, 
+      HttpServletResponse response) throws TaskExecutionException {
     try {
       SelectedLoginMethod selection = SelectedLoginMethod.valueOf(extractUserSelection(request));
       executionContext.put(Constants.REQ_SELECTED_LOGIN_METHOD_PARAMETER, selection);
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java
new file mode 100644
index 00000000..0b169ca4
--- /dev/null
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateOtherLoginMethodGuiTaskTest.java
@@ -0,0 +1,143 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import java.io.UnsupportedEncodingException;
+import java.text.MessageFormat;
+import java.util.Locale;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.i18n.LocaleContextHolder;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.test.context.web.WebAppConfiguration;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SelectedLoginMethod;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateOtherLoginMethodGuiTask;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml",
+    "/common_gui.beans.xml"
+})
+@WebAppConfiguration
+public class GenerateOtherLoginMethodGuiTaskTest {
+
+  private static final String TEST_PATTER_REQ_PARAM = 
+      "<input type=\"hidden\" name=\"loginSelection\" value=\"{0}\">";
+  
+  @Autowired GenerateOtherLoginMethodGuiTask task;
+  
+  private ExecutionContextImpl executionContext = new ExecutionContextImpl();
+  private TestRequestImpl pendingReq;
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void initialize() {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setAuthUrl("https://localhost/ms_connector");
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    
+    LocaleContextHolder.resetLocaleContext();
+  }
+  
+  @Test
+  public void validHtmlResponseWithOutLocale() throws TaskExecutionException, UnsupportedEncodingException {    
+    
+    task.execute(pendingReq, executionContext);
+    
+    //result validation
+    String html = doBasicValidation();
+    
+    Assert.assertTrue("No english text", 
+        html.contains("Information on Logins with European eIDs"));
+    
+  }
+  
+  @Test
+  public void validHtmlResponseWithDE() throws TaskExecutionException, UnsupportedEncodingException {    
+    LocaleContextHolder.setLocale(Locale.GERMAN);
+    httpReq.addHeader("Accept-Language", "de");
+    
+    task.execute(pendingReq, executionContext);
+    
+    //result validation
+    String html = doBasicValidation();
+    
+    Assert.assertTrue("No english text", 
+        html.contains("Information zur Anmeldung über Europäische eIDs"));
+    
+  }
+  
+  @Test
+  public void validHtmlResponseWithEN() throws TaskExecutionException, UnsupportedEncodingException {    
+    LocaleContextHolder.setLocale(Locale.ENGLISH);
+    
+    task.execute(pendingReq, executionContext);
+    
+    //result validation
+    String html = doBasicValidation();
+    
+    Assert.assertTrue("No english text", 
+        html.contains("Information on Logins with European eIDs"));
+    
+  }
+  
+  @Test
+  public void validHtmlResponseWithFR() throws TaskExecutionException, UnsupportedEncodingException {    
+    LocaleContextHolder.setLocale(Locale.FRANCE);
+    httpReq.addHeader("Accept-Language", "fr");
+    
+    task.execute(pendingReq, executionContext);
+    
+    //result validation
+    String html = doBasicValidation();
+    
+    Assert.assertTrue("No english text", 
+        html.contains("Information on Logins with European eIDs"));
+    
+  }
+  
+  private String doBasicValidation() throws UnsupportedEncodingException {
+    Assert.assertEquals("Wrong http StatusCode", 200, httpResp.getStatus());
+    Assert.assertEquals("Wrong http ContentType", "text/html;charset=UTF-8", httpResp.getContentType());
+    
+    String html = httpResp.getContentAsString();
+    Assert.assertNotNull("html result is null", html);
+    Assert.assertFalse("html result is empty", html.isEmpty());    
+    
+    Assert.assertTrue("Missing IDA Login", 
+        html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.MOBILE_PHONE_SIGNATURE_LOGIN)));
+    Assert.assertTrue("Missing residence infos", 
+        html.contains(MessageFormat.format(TEST_PATTER_REQ_PARAM, SelectedLoginMethod.NO_OTHER_LOGIN)));
+        
+    Assert.assertTrue("No language selector with pendingRequestId", 
+        html.contains("/otherLoginMethod?pendingid=" + pendingReq.getPendingRequestId()));
+    Assert.assertTrue("No country-selection form", 
+        html.contains("<form class=\"block\" method=\"post\" action=\"/otherLoginMethod\">"));
+        
+    return html;
+    
+  }
+}
diff --git a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
index f5895f76..9e6876f4 100644
--- a/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
+++ b/eidas_modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -19,9 +19,9 @@ eidas.ms.revisionlog.write.MDS.into.revisionlog=true
 eidas.ms.revisionlog.logIPAddressOfUser=true
 
 ##Directory for static Web content
-eidas.ms.webcontent.static.directory=webcontent/
-eidas.ms.webcontent.templates=templates/
-eidas.ms.webcontent.properties=properties/messages
+eidas.ms.webcontent.static.directory=../../../../../../basicConfig/webcontent/
+eidas.ms.webcontent.templates=../../../../../../basicConfig/templates/
+eidas.ms.webcontent.properties=../../../../../../basicConfig/properties/messages
 
 ## extended validation of pending-request Id's
 eidas.ms.core.pendingrequestid.maxlifetime=300
-- 
cgit v1.2.3