From 7bf7c3c03fd3a1efeaf3f8e3dd75922e2f5f9921 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 8 Mar 2022 19:06:10 +0100
Subject: refactor(core): move all project libs into sub-project 'modules'

---
 .../checks/spotbugs-exclude.xml                    |  44 +
 modules/authmodule-eIDAS-v2/pom.xml                | 295 +++++++
 .../specific/modules/auth/eidas/v2/Constants.java  | 192 +++++
 .../eidas/v2/EidasAuthenticationModulImpl.java     |  87 ++
 .../EidasAuthenticationSpringResourceProvider.java |  52 ++
 .../modules/auth/eidas/v2/EidasSignalServlet.java  | 161 ++++
 .../modules/auth/eidas/v2/dao/ErnbEidData.java     | 115 +++
 .../v2/exception/EidPostProcessingException.java   |  40 +
 .../v2/exception/EidasAttributeException.java      |  34 +
 .../exception/EidasSAuthenticationException.java   |  41 +
 .../v2/exception/EidasValidationException.java     |  34 +
 .../eidas/v2/exception/SqliteServiceException.java |  40 +
 .../v2/exception/SzrCommunicationException.java    |  38 +
 .../eidas/v2/handler/AbstractEidProcessor.java     | 425 ++++++++++
 .../auth/eidas/v2/handler/DeEidProcessor.java      | 113 +++
 .../auth/eidas/v2/handler/GenericEidProcessor.java |  61 ++
 .../eidas/v2/handler/INationalEidProcessor.java    |  81 ++
 .../auth/eidas/v2/handler/LuEidProcessor.java      |  61 ++
 .../auth/eidas/v2/handler/NlEidProcessor.java      |  54 ++
 .../eidas/v2/service/AuthBlockSigningService.java  | 211 +++++
 .../v2/service/CcSpecificEidProcessingService.java | 135 +++
 .../eidas/v2/service/EidasAttributeRegistry.java   | 180 ++++
 .../auth/eidas/v2/service/EidasDataStore.java      | 363 ++++++++
 .../service/ICcSpecificEidProcessingService.java   |  61 ++
 .../modules/auth/eidas/v2/szr/SzrClient.java       | 522 ++++++++++++
 .../modules/auth/eidas/v2/szr/SzrService.java      | 164 ++++
 .../eidas/v2/tasks/CreateIdentityLinkTask.java     | 503 +++++++++++
 .../eidas/v2/tasks/GenerateAuthnRequestTask.java   | 255 ++++++
 .../eidas/v2/tasks/ReceiveAuthnResponseTask.java   | 130 +++
 .../auth/eidas/v2/utils/EidasResponseUtils.java    | 179 ++++
 .../modules/auth/eidas/v2/utils/JoseUtils.java     | 305 +++++++
 .../auth/eidas/v2/utils/LoggingHandler.java        |  72 ++
 .../eidas/v2/validator/EidasResponseValidator.java | 175 ++++
 ...iz.components.spring.api.SpringResourceProvider |   1 +
 .../resources/eIDAS.Authentication.process.xml     |  29 +
 .../main/resources/eIDAS/additional-attributes.xml |  42 +
 .../src/main/resources/eIDAS/eidas-attributes.xml  | 379 +++++++++
 .../src/main/resources/eidas_v2_auth.beans.xml     | 100 +++
 .../resources/xmldata/fakeIdL_IdL_template.xml     | 122 +++
 .../src/main/resources/szr_client/SZR-1.1.WSDL     | 939 +++++++++++++++++++++
 .../src/main/resources/szr_client/SZR-1.WSDL       | 901 ++++++++++++++++++++
 .../src/main/resources/szr_client/SZR_v4.0.wsdl    | 441 ++++++++++
 .../src/main/resources/szr_client/pvp1.xsd         | 133 +++
 .../src/main/resources/szr_client/pvp19.xsd        | 133 +++
 .../src/main/resources/szr_client/szr.xsd          | 388 +++++++++
 .../src/main/resources/szr_client/szr_ecdsa.xsd    |  30 +
 .../main/resources/szr_client/szr_persondata.xsd   |  54 ++
 .../src/main/resources/szr_client/szr_pvp_sec.xsd  |  10 +
 .../main/resources/szr_client/szr_v4.0-schemas.xml |  54 ++
 .../main/resources/szr_client/szr_v4.0-wsdl.xml    |  10 +
 .../src/main/resources/szr_client/szr_v4.0.xsd     | 443 ++++++++++
 .../src/main/resources/szr_client/szr_xmldsig.xsd  |  31 +
 .../resources/templates/eidas_node_forward.html    |  36 +
 .../test/EidasAuthSpringResourceProviderTest.java  |  56 ++
 .../v2/test/EidasAuthenticationModulImplTest.java  | 121 +++
 .../auth/eidas/v2/test/EidasDataStoreTest.java     | 118 +++
 .../auth/eidas/v2/test/EidasSignalServletTest.java | 244 ++++++
 .../modules/auth/eidas/v2/test/SzrClientTest.java  | 439 ++++++++++
 .../eidas/v2/test/SzrClientTestProduction.java     | 236 ++++++
 .../dummy/DummySpecificCommunicationService.java   |  66 ++
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    | 491 +++++++++++
 .../v2/test/tasks/CreateIdentityLinkTaskTest.java  | 464 ++++++++++
 .../test/tasks/GenerateAuthnRequestTaskTest.java   | 637 ++++++++++++++
 .../test/tasks/ReceiveEidasResponseTaskTest.java   | 223 +++++
 .../auth/eidas/v2/test/utils/JoseUtilsTest.java    | 139 +++
 .../EidasAttributePostProcessingTest.java          | 460 ++++++++++
 .../EidasRequestPreProcessingFirstTest.java        | 193 +++++
 .../EidasRequestPreProcessingSecondTest.java       | 157 ++++
 .../validation/EidasResponseValidatorTest.java     | 333 ++++++++
 .../SpringTest-context_basic_mapConfig.xml         |  20 +
 .../SpringTest-context_basic_realConfig.xml        |  25 +
 .../resources/SpringTest-context_basic_test.xml    |  73 ++
 .../resources/SpringTest-context_tasks_test.xml    |  67 ++
 .../resources/config/additional-attributes.xml     |  39 +
 .../src/test/resources/config/eidas-attributes.xml | 376 +++++++++
 .../resources/config/junit_config_1.properties     | 117 +++
 .../resources/config/junit_config_2.properties     | 114 +++
 .../resources/config/junit_config_3.properties     | 118 +++
 .../resources/config/junit_config_4.properties     | 114 +++
 .../config/junit_config_de_attributes.properties   | 116 +++
 .../src/test/resources/data/junit.jks              | Bin 0 -> 5738 bytes
 .../test/resources/data/szr/signed_eidasBind.jws   |   1 +
 .../data/szr/szr_resp_error_travelerdocexists.xml  |   6 +
 .../test/resources/data/szr/szr_resp_valid_1.xml   |  50 ++
 .../test/resources/data/szr/szr_resp_valid_2.xml   |  50 ++
 .../src/test/resources/keystore/teststore.jks      | Bin 0 -> 2028 bytes
 86 files changed, 15162 insertions(+)
 create mode 100644 modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
 create mode 100644 modules/authmodule-eIDAS-v2/pom.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml
 create mode 100644 modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
new file mode 100644
index 00000000..d961b4d6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<FindBugsFilter>
+    <Match>
+      <!-- Do not check code generated by Apache CXF framework -->
+      <Class name="~szrservices.*"/>
+      <Class name="~at.gv.e_government.reference.namespace.persondata.*" />
+      <Class name="~org.w3._2000._09.xmldsig.*" />
+    </Match>
+    <Match>
+      <!-- Logging of SAML2 responses in case of errors or for debugging is allowed -->
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+      <Method name="getPendingRequestId" />
+      <Bug pattern="CRLF_INJECTION_LOGS" />               
+    </Match>
+    <Match>
+      <!-- CSFR protection is implemented by pendingRequestId that is an one-time token -->
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+      <Method name="restoreEidasAuthProcess" />
+      <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
+    </Match>
+    <Match>
+      <!-- File path is only loaded from configuration -->
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" />
+      <Method name="initialize" />
+      <Bug pattern="PATH_TRAVERSAL_IN" />               
+    </Match>
+    <Match>
+      <!-- Redirect URL is only loaded from configuration -->
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
+      <Method name="execute" />
+      <Bug pattern="UNVALIDATED_REDIRECT" />               
+    </Match>
+  <Match>
+    <!-- Builder pattern does not expose date elements -->
+    <OR>
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData" />
+      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils$JwsResult"/>
+    </OR>
+    <OR>
+      <Bug pattern="EI_EXPOSE_REP" />
+      <Bug pattern="EI_EXPOSE_REP2" />
+    </OR>
+  </Match>        
+</FindBugsFilter>
diff --git a/modules/authmodule-eIDAS-v2/pom.xml b/modules/authmodule-eIDAS-v2/pom.xml
new file mode 100644
index 00000000..f16edb2d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/pom.xml
@@ -0,0 +1,295 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <parent>
+    <groupId>at.asitplus.eidas.ms_specific</groupId>
+    <artifactId>modules</artifactId>
+    <version>1.2.4-SNAPSHOT</version>
+  </parent>
+  <groupId>at.asitplus.eidas.ms_specific.modules</groupId>
+  <artifactId>authmodule-eIDAS-v2</artifactId>
+  <name>eIDAS v2 authentication module</name>
+  <description>eIDAS module based on eIDAS node reference implementation v2.x</description>
+
+  <profiles>
+    <profile>
+      <id>default</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+      </activation>
+      <repositories>
+        <repository>
+          <id>egiz-commons</id>
+          <url>https://apps.egiz.gv.at/maven/</url>
+          <releases>
+            <enabled>true</enabled>
+          </releases>
+        </repository>
+        <repository>
+          <id>eIDASNode-local</id>
+          <name>local</name>
+          <url>file:${basedir}/../../repository</url>
+        </repository>
+      </repositories>
+    </profile>
+  </profiles>
+
+  <dependencies>
+    <dependency>
+      <groupId>at.gv.egiz.components</groupId>
+      <artifactId>egiz-spring-api</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_common_lib</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+    </dependency>
+
+    <!-- eIDAS reference implemenation libs -->
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-commons</artifactId>
+      <exclusions>
+        <exclusion>
+          <groupId>log4j</groupId>
+          <artifactId>log4j</artifactId>
+        </exclusion>
+        <exclusion>
+          <artifactId>log4j-over-slf4j</artifactId>
+          <groupId>org.slf4j</groupId>
+        </exclusion>
+      </exclusions>
+    </dependency>
+
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-light-commons</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-specific-communication-definition</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>eu.eidas</groupId>
+      <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+    </dependency>
+
+    <!-- other third party libs -->
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-lang3</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.google.guava</groupId>
+      <artifactId>guava</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>joda-time</groupId>
+      <artifactId>joda-time</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.commons</groupId>
+      <artifactId>commons-text</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-webmvc</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-core</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-rt-frontend-jaxws</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>org.apache.cxf</groupId>
+      <artifactId>cxf-rt-transports-http</artifactId>
+    </dependency>
+    <dependency>
+      <groupId>com.fasterxml.jackson.datatype</groupId>
+      <artifactId>jackson-datatype-jsr310</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>org.bitbucket.b_c</groupId>
+      <artifactId>jose4j</artifactId>
+    </dependency>
+
+    <dependency>
+      <groupId>javax.servlet</groupId>
+      <artifactId>javax.servlet-api</artifactId>
+      <scope>provided</scope>
+    </dependency>
+
+    <!-- Testing -->
+    <dependency>
+      <groupId>junit</groupId>
+      <artifactId>junit</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.springframework</groupId>
+      <artifactId>spring-test</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_common_lib</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_core_utils</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    
+    <dependency>
+      <groupId>com.github.skjolber</groupId>
+      <artifactId>mockito-soap-cxf</artifactId>
+      <scope>test</scope>      
+    </dependency>
+    
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-module-junit4</artifactId>
+      <scope>test</scope>
+    </dependency>
+    <dependency>
+      <groupId>org.powermock</groupId>
+      <artifactId>powermock-api-mockito2</artifactId>
+      <scope>test</scope>
+    </dependency>
+    
+  </dependencies>
+
+  <build>
+    <resources>
+      <resource>
+        <directory>src/main/resources</directory>
+      </resource>
+      <resource>
+        <directory>target/generated-sources/cxf</directory>
+      </resource>
+    </resources>
+
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <configuration>
+          <source>1.8</source>
+          <target>1.8</target>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-codegen-plugin</artifactId>
+        <dependencies>
+          <dependency>
+            <groupId>xerces</groupId>
+            <artifactId>xercesImpl</artifactId>
+            <version>2.8.1</version>
+          </dependency>
+          <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-impl</artifactId>
+            <version>2.2.5</version>
+          </dependency>
+          <dependency>
+            <groupId>com.sun.xml.bind</groupId>
+            <artifactId>jaxb-xjc</artifactId>
+            <version>2.2.5</version>
+          </dependency>
+        </dependencies>
+        <executions>
+          <execution>
+            <id>generate-sources</id>
+            <phase>generate-sources</phase>
+            <configuration>
+              <sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
+              <wsdlOptions>
+                <wsdlOption>
+                  <wsdl>${basedir}/src/main/resources/szr_client/SZR_v4.0.wsdl</wsdl>
+                  <extraargs>
+                    <extraarg>-verbose </extraarg>
+                  </extraargs>
+                </wsdlOption>
+              </wsdlOptions>
+            </configuration>
+            <goals>
+              <goal>wsdl2java</goal>
+            </goals>
+          </execution>
+        </executions>
+      </plugin>
+      
+      <plugin>
+        <groupId>com.github.spotbugs</groupId>
+        <artifactId>spotbugs-maven-plugin</artifactId>
+        <version>${spotbugs-maven-plugin.version}</version>
+        <configuration>
+          <excludeFilterFile>checks/spotbugs-exclude.xml</excludeFilterFile>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.jacoco</groupId>
+        <artifactId>jacoco-maven-plugin</artifactId>
+        <executions>
+          <execution>
+            <id>post-unit-check</id>
+            <phase>test</phase>
+            <goals>
+              <goal>check</goal>
+              <goal>report</goal>
+            </goals>
+            <configuration>
+              <haltOnFailure>true</haltOnFailure>
+              <excludes>
+                <exclude>**/at/gv/e_government/reference/namespace/persondata/_20020228/*</exclude>
+                <exclude>**/org/w3/_2000/_09/*</exclude>
+                <exclude>**/org/w3/_2001/_04/*</exclude>
+                <exclude>**/szrservices/*</exclude>
+                <exclude>**/generated/cxf/*</exclude>                           
+              </excludes>                         
+            </configuration>
+          </execution>
+        </executions>
+      </plugin>
+
+      <!-- enable co-existence of testng and junit -->
+      <plugin>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <configuration>
+          <threadCount>1</threadCount>
+        </configuration>
+        <dependencies>
+          <dependency>
+            <groupId>org.apache.maven.surefire</groupId>
+            <artifactId>surefire-junit47</artifactId>
+            <version>${surefire.version}</version>
+          </dependency>
+        </dependencies>
+      </plugin>
+    </plugins>
+  </build>
+</project>
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
new file mode 100644
index 00000000..a554bf57
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -0,0 +1,192 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+
+public class Constants {
+
+  public static final String DATA_REQUESTERID = "req_requesterId";
+  public static final String DATA_PROVIDERNAME = "req_providerName";
+  public static final String DATA_REQUESTED_LOA_LIST = "req_requestedLoA";
+  public static final String DATA_REQUESTED_LOA_COMPERISON = "req_requestedLoAComperision";
+  public static final String DATA_FULL_EIDAS_RESPONSE = "resp_fulleIDASResponse";
+
+  // templates for post-binding forwarding
+  public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
+  public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint";
+  public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName";
+  public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue";
+
+  // configuration properties
+  public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
+  public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = CONIG_PROPS_EIDAS_PREFIX 
+      + ".eid.testidentity.default";
+  public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
+  public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
+  public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE
+      + ".publicSectorTargets";
+  public static final String CONIG_PROPS_EIDAS_NODE_ENTITYID = CONIG_PROPS_EIDAS_NODE + ".entityId";
+  public static final String CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL = CONIG_PROPS_EIDAS_NODE
+      + ".forward.endpoint";
+    
+  public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE
+      + ".forward.method";
+  public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL =
+      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural";
+  public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL =
+      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";
+  public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =
+      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation";
+  
+  public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION =
+      CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";
+  public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX =
+      CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll";
+  
+  public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME =
+      CONIG_PROPS_EIDAS_NODE + ".workarounds.addAlwaysProviderName";  
+  public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER =
+      CONIG_PROPS_EIDAS_NODE + ".workarounds.useRequestIdAsTransactionIdentifier";
+  
+  public static final String CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT = 
+      CONIG_PROPS_EIDAS_NODE + ".requested.nameIdFormat";
+  
+  public static final String CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = CONIG_PROPS_EIDAS_NODE
+      + ".staticProviderNameForPublicSPs";
+  public static final String DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP = "Austria";
+
+  public static final String FORWARD_METHOD_POST = "POST";
+  public static final String FORWARD_METHOD_GET = "GET";
+
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".szrclient";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".useTestService";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".debug.logfullmessages";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".debug.useDummySolution";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".eidasbind.mds.inject";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".timeout.connection";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".timeout.response";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".endpoint.prod";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".endpoint.test";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".ssl.keyStore.path";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".ssl.keyStore.password";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".ssl.trustStore.path";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".ssl.trustStore.password";
+
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".params.documenttype";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".params.vkz";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_DATE = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".params.issuingdate";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_ISSUING_AUTHORITY =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".params.issuingauthority";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_KEYS_USEDUMMY = CONIG_PROPS_EIDAS_SZRCLIENT
+      + ".params.usedummykeys";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".params.useSZRForbPKCalculation";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setPlaceOfBirthIfAvailable";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".params.setBirthNameIfAvailable";
+
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
+
+  public static final String DEFAULT_MS_NODE_COUNTRY_CODE = "AT";
+  
+  @Deprecated
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.url";
+  @Deprecated
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_ACTIVE =
+      CONIG_PROPS_EIDAS_SZRCLIENT + ".workarounds.datastore.sqlite.active";
+
+  // http endpoint descriptions
+  public static final String eIDAS_HTTP_ENDPOINT_SP_POST = "/eidas/light/sp/post";
+  public static final String eIDAS_HTTP_ENDPOINT_SP_REDIRECT = "/eidas/light/sp/redirect";
+  public static final String eIDAS_HTTP_ENDPOINT_IDP_COLLEAGUEREQUEST = "/eidas/light/ColleagueRequest";
+  public static final String eIDAS_HTTP_ENDPOINT_METADATA = "/eidas/light/metadata";
+
+  // eIDAS request parameters
+  public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
+
+  // eIDAS attribute names
+  public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier";
+  public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth";
+  public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
+  public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
+  public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
+  public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
+  public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
+
+  public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
+  public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
+
+  public static final String eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER = "RepresentativePersonIdentifier";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH = "RepresentativeDateOfBirth";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME = "RepresentativeFirstName";
+  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME = "RepresentativeFamilyName";
+  
+  
+  public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public";
+  public static final String eIDAS_REQ_PARAM_SECTOR_PRIVATE = "private";
+  
+  public static final String POLICY_DEFAULT_ALLOWED_TARGETS =
+      EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*";
+
+  // SAML2 Constants
+  public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success";
+  public static final String ERROR_URI = "urn:oasis:names:tc:SAML:2.0:status:Responder";
+
+  public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION = "30"; // seconds
+  public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; // seconds
+
+  public static final String SZR_SCHEMA_LOCATIONS =
+      "urn:SZRServices" + " " + "/szr_client/szr.xsd";
+
+  // Default values for SZR communication
+  public static final String SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE = "ELEKTR_DOKUMENT";
+
+  // TODO remove!!!
+  public static final String SZR_CONSTANTS_DEFAULT_ISSUING_DATE = "2014-01-01";
+  public static final String SZR_CONSTANTS_DEFAULT_ISSUING_AUTHORITY = "ms-specific eIDAS-Node for AT";
+  public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_EXPONENT = "AQAB";
+  public static final String SZR_CONSTANTS_DEFAULT_PUBKEY_MODULUS =
+      "AJZyj/+sdCMDRq9RkvbFcgSTVn/OfS8EUE81ddwP8MNuJ1kd1SWBUJPaQX2JLJHrL54mkOhrkhH2M/zcuOTu8nW9TOEg"
+      + "XGjrRB/0HpiYKpV+VDJViyyc/GacNLxN4Anw4pima6gHYaJIw9hQkL/nuO2hyh8PGJd7rxeFXJmbLy+X";
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java
new file mode 100644
index 00000000..85f0873e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationModulImpl.java
@@ -0,0 +1,87 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import java.io.Serializable;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+
+/**
+ * eIDAS authentication-process selector.
+ * 
+ * @author tlenz
+ *
+ */
+public class EidasAuthenticationModulImpl implements AuthModule {
+
+  private int priority = 1;
+
+  @Override
+  public int getPriority() {
+    return priority;
+  }
+
+  /**
+   * Sets the priority of this module. Default value is {@code 0}.
+   * 
+   * @param priority The priority.
+   */
+  public void setPriority(int priority) {
+    this.priority = priority;
+  }
+
+  /*
+   * (non-Javadoc)
+   * 
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext)
+   */
+  @Override
+  public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+    Serializable flagObj = context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+    if (flagObj != null && flagObj instanceof String 
+        && StringUtils.isNotBlank((String) context.get(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY))) {
+      return "eIDASAuthentication_v2";
+    } else {
+      return null;
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   * 
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+   */
+  @Override
+  public String[] getProcessDefinitions() {
+    return new String[] { "classpath:eIDAS.Authentication.process.xml" };
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java
new file mode 100644
index 00000000..535e4f97
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasAuthenticationSpringResourceProvider.java
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+public class EidasAuthenticationSpringResourceProvider implements SpringResourceProvider {
+
+  @Override
+  public String getName() {
+    return "Auth. module for eIDAS Ref. Impl. v2.x";
+  }
+
+  @Override
+  public String[] getPackagesToScan() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+
+  @Override
+  public Resource[] getResourcesToLoad() {
+    final ClassPathResource eidasAuthConfig = new ClassPathResource("/eidas_v2_auth.beans.xml",
+        EidasAuthenticationSpringResourceProvider.class);
+
+    return new Resource[] { eidasAuthConfig };
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
new file mode 100644
index 00000000..d3cac80c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
@@ -0,0 +1,161 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2;
+
+import java.io.IOException;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+
+/**
+ * Controler implementation for eIDAS Node communication.
+ * 
+ * @author tlenz
+ *
+ */
+@Controller
+public class EidasSignalServlet extends AbstractProcessEngineSignalController {
+
+  private static final Logger log = LoggerFactory.getLogger(EidasSignalServlet.class);
+  @Autowired
+  private ApplicationContext context;
+  @Autowired
+  private EidasAttributeRegistry attrRegistry;
+
+  /**
+   * eIDAS Node communication end-point implementation.
+   * 
+   */
+  public EidasSignalServlet() {
+    super();
+    log.debug("Registering servlet {} with mappings '{}' and '{}'.", 
+        getClass().getName(), Constants.eIDAS_HTTP_ENDPOINT_SP_POST, 
+        Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT);
+
+  }
+
+  @RequestMapping(value = { 
+      Constants.eIDAS_HTTP_ENDPOINT_SP_POST,
+      Constants.eIDAS_HTTP_ENDPOINT_SP_REDIRECT
+      },
+      method = { RequestMethod.POST, RequestMethod.GET })
+  public void restoreEidasAuthProcess(HttpServletRequest req, HttpServletResponse resp) throws IOException,
+      EaafException {
+    signalProcessManagement(req, resp);
+  }
+
+  /**
+   * Protocol specific implementation to get the pending-requestID from http
+   * request object.
+   *
+   * @param request The http Servlet-Request object
+   * @return The Pending-request id
+   *
+   */
+  @Override
+  public String getPendingRequestId(HttpServletRequest request) {
+    // String sessionId = super.getPendingRequestId(request);
+
+    try {
+      // get token from Request
+      final String tokenBase64 = request.getParameter(EidasParameterKeys.TOKEN.toString());
+      if (StringUtils.isEmpty(tokenBase64)) {
+        log.warn("NO eIDAS message token found.");
+        throw new EidasSAuthenticationException("eidas.04", null);
+
+      }
+      log.trace("Receive eIDAS-node token: " + tokenBase64 + " Starting transaction-restore process ... ");
+
+      final SpecificCommunicationService specificConnectorCommunicationService =
+          (SpecificCommunicationService) context.getBean(
+              SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
+      final ILightResponse eidasResponse = specificConnectorCommunicationService.getAndRemoveResponse(
+          tokenBase64,
+          ImmutableSortedSet.copyOf(attrRegistry.getCoreAttributeRegistry().getAttributes()));
+
+      String pendingReqId = null;
+      if (StringUtils.isEmpty(eidasResponse.getRelayState())) {
+        log.debug("eIDAS Node returns no RelayState. ");
+
+        if (authConfig.getBasicConfigurationBoolean(
+            Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
+            false)) {
+          log.trace("Use lightRequestId to recover session ... ");
+          pendingReqId = transactionStorage.get(eidasResponse.getInResponseToId(), String.class);
+          if (StringUtils.isNotEmpty(pendingReqId)) {
+            log.debug("Restoring session with lightRequestId ... ");
+            transactionStorage.remove(eidasResponse.getInResponseToId());
+
+          }
+        }
+
+      } else {
+        log.debug("Find transaction identifier in SAML2 'RelayState': " + eidasResponse.getRelayState());
+        pendingReqId = eidasResponse.getRelayState();
+
+      }
+
+      if (StringUtils.isNotEmpty(pendingReqId)) {
+        request.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+        return pendingReqId;
+
+      }
+
+      log.info("NO transaction identifier found! Stopping process ....");
+      log.trace("FullResponse: " + eidasResponse.toString());
+
+    } catch (final SpecificCommunicationException e) {
+      log.warn("Can NOT load eIDAS Response from cache.", e);
+      log.debug("eIDAS response token was: " + request.getParameter(EidasParameterKeys.TOKEN.toString()));
+
+    } catch (final Exception e) {
+      log.warn("Unable to retrieve moa session id.", e);
+
+    }
+
+    return null;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java
new file mode 100644
index 00000000..6c7eeb6b
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ErnbEidData.java
@@ -0,0 +1,115 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.dao;
+
+import java.text.SimpleDateFormat;
+
+import org.joda.time.DateTime;
+
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+
+public class ErnbEidData {
+
+  private String citizenCountryCode = null;
+
+  // MDS
+  private String pseudonym = null;
+  private String givenName = null;
+  private String familyName = null;
+  private DateTime dateOfBirth = null;
+
+  // additional attributes
+  private String placeOfBirth = null;
+  private String birthName = null;
+  private PostalAddressType address = null;
+
+  public String getCitizenCountryCode() {
+    return citizenCountryCode;
+  }
+
+  public void setCitizenCountryCode(String citizenCountryCode) {
+    this.citizenCountryCode = citizenCountryCode;
+  }
+
+  public String getPseudonym() {
+    return pseudonym;
+  }
+
+  public void setPseudonym(String pseudonym) {
+    this.pseudonym = pseudonym;
+  }
+
+  public String getGivenName() {
+    return givenName;
+  }
+
+  public void setGivenName(String givenName) {
+    this.givenName = givenName;
+  }
+
+  public String getFamilyName() {
+    return familyName;
+  }
+
+  public void setFamilyName(String familyName) {
+    this.familyName = familyName;
+  }
+
+  public DateTime getDateOfBirth() {
+    return dateOfBirth;
+  }
+
+  public void setDateOfBirth(DateTime dateOfBirth) {
+    this.dateOfBirth = dateOfBirth;
+  }
+
+  public String getPlaceOfBirth() {
+    return placeOfBirth;
+  }
+
+  public void setPlaceOfBirth(String placeOfBirth) {
+    this.placeOfBirth = placeOfBirth;
+  }
+
+  public String getBirthName() {
+    return birthName;
+  }
+
+  public void setBirthName(String birthName) {
+    this.birthName = birthName;
+  }
+
+  public PostalAddressType getAddress() {
+    return address;
+  }
+
+  public void setAddress(PostalAddressType address) {
+    this.address = address;
+  }
+
+  public String getFormatedDateOfBirth() {
+    return new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth.toDate());
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java
new file mode 100644
index 00000000..f4c0be67
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidPostProcessingException.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class EidPostProcessingException extends EidasSAuthenticationException {
+
+  private static final long serialVersionUID = 6780652273831172456L;
+
+  public EidPostProcessingException(String internalMsgId, Object[] params) {
+    super(internalMsgId, params);
+
+  }
+
+  public EidPostProcessingException(String internalMsgId, Object[] params, Throwable e) {
+    super(internalMsgId, params, e);
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java
new file mode 100644
index 00000000..49736d58
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasAttributeException.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class EidasAttributeException extends EidasSAuthenticationException {
+  private static final long serialVersionUID = 1L;
+
+  public EidasAttributeException(String attrbuteName) {
+    super("eidas.00", new Object[] { attrbuteName });
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java
new file mode 100644
index 00000000..8ff218e3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasSAuthenticationException.java
@@ -0,0 +1,41 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+import at.gv.egiz.eaaf.core.exceptions.EaafAuthenticationException;
+
+public class EidasSAuthenticationException extends EaafAuthenticationException {
+
+
+  private static final long serialVersionUID = 1L;
+
+  public EidasSAuthenticationException(String internalMsgId, Object[] params) {
+    super(internalMsgId, params);
+  }
+
+  public EidasSAuthenticationException(String internalMsgId, Object[] params, Throwable e) {
+    super(internalMsgId, params, e);
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java
new file mode 100644
index 00000000..2988dd6f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/EidasValidationException.java
@@ -0,0 +1,34 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class EidasValidationException extends EidasSAuthenticationException {
+
+  private static final long serialVersionUID = 1L;
+
+  public EidasValidationException(String internalMsgId, Object[] params) {
+    super(internalMsgId, params);
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java
new file mode 100644
index 00000000..d48abec9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SqliteServiceException.java
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class SqliteServiceException extends EidasSAuthenticationException {
+
+  private static final long serialVersionUID = 2278259367925102676L;
+
+  public SqliteServiceException(String internalMsgId, Object[] params, Throwable e) {
+    super(internalMsgId, params, e);
+
+  }
+
+  public SqliteServiceException(String internalMsgId, Object[] params) {
+    super(internalMsgId, params);
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java
new file mode 100644
index 00000000..c736cadb
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/exception/SzrCommunicationException.java
@@ -0,0 +1,38 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.exception;
+
+public class SzrCommunicationException extends EidasSAuthenticationException {
+
+  private static final long serialVersionUID = 1L;
+
+  public SzrCommunicationException(String internalMsgId, Object[] params) {
+    super(internalMsgId, params);
+  }
+
+  public SzrCommunicationException(String internalMsgId, Object[] params, Throwable e) {
+    super(internalMsgId, params, e);
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
new file mode 100644
index 00000000..4a3218e9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
@@ -0,0 +1,425 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.nio.charset.StandardCharsets;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.Map;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.lang.NonNull;
+
+import com.google.common.collect.ImmutableSortedSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import eu.eidas.auth.commons.protocol.eidas.SpType;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public abstract class AbstractEidProcessor implements INationalEidProcessor {
+  private static final Logger log = LoggerFactory.getLogger(AbstractEidProcessor.class);
+
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+  @Autowired
+  protected IConfigurationWithSP basicConfig;
+
+  @Override
+  public final void preProcess(IRequest pendingReq, Builder authnRequestBuilder) {
+
+    buildLevelOfAssurance(pendingReq.getServiceProviderConfiguration(), authnRequestBuilder);
+    buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder);
+    buildRequestedAttributes(authnRequestBuilder);
+
+  }
+
+
+  @Override
+  public final ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+      EidasAttributeException {
+    final ErnbEidData result = new ErnbEidData();
+
+    final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj);
+    result.setCitizenCountryCode(eIdentifier.getFirst());
+
+    // MDS attributes
+    result.setPseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)));
+    result.setFamilyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)));
+    result.setGivenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)));
+    result.setDateOfBirth(processDateOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)));
+
+    // additional attributes
+    result.setPlaceOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)));
+    result.setBirthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)));
+    result.setAddress(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
+
+    return result;
+
+  }
+
+  
+  /**
+   * Get a Map of country-specific requested attributes.
+   * 
+   * @return
+   */
+  @NonNull
+  protected abstract Map<String, Boolean> getCountrySpecificRequestedAttributes();
+
+  /**
+   * Post-Process the eIDAS CurrentAddress attribute.
+   * 
+   * @param currentAddressObj eIDAS current address information
+   * @return current address or null if no attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   * @throws EidasAttributeException    if eIDAS attribute is of a wrong type
+   */
+  protected PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException,
+      EidasAttributeException {
+
+    if (currentAddressObj != null) {
+      if (currentAddressObj instanceof PostalAddress) {
+        final PostalAddressType result = new PostalAddressType();
+        result.setPostalCode(((PostalAddress) currentAddressObj).getPostCode());
+        result.setMunicipality(((PostalAddress) currentAddressObj).getPostName());
+
+        // TODO: add more mappings
+        
+        return result;
+
+      } else {
+        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
+        throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);
+
+      }
+
+    } else {
+      log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
+    }
+
+    return null;
+
+  }
+
+  /**
+   * Post-Process the eIDAS BirthName attribute.
+   * 
+   * @param birthNameObj eIDAS birthname information
+   * @return birthName or null if no attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   * @throws EidasAttributeException    if eIDAS attribute is of a wrong type
+   */
+  protected String processBirthName(Object birthNameObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (birthNameObj != null) {
+      if (birthNameObj instanceof String) {
+        return (String) birthNameObj;
+
+      } else {
+        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
+        throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);
+
+      }
+
+    } else {
+      log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
+    }
+
+    return null;
+
+  }
+
+  /**
+   * Post-Process the eIDAS PlaceOfBirth attribute.
+   * 
+   * @param placeOfBirthObj eIDAS Place-of-Birth information
+   * @return place of Birth or null if no attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   * @throws EidasAttributeException    if eIDAS attribute is of a wrong type
+   */
+  protected String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (placeOfBirthObj != null) {
+      if (placeOfBirthObj instanceof String) {
+        return (String) placeOfBirthObj;
+
+      } else {
+        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
+        throw new EidasAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);
+
+      }
+
+    } else {
+      log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
+    }
+
+    return null;
+
+  }
+
+  /**
+   * Post-Process the eIDAS DateOfBirth attribute.
+   * 
+   * @param dateOfBirthObj eIDAS date-of-birth attribute information
+   * @return formated user's date-of-birth
+   * @throws EidasAttributeException    if NO attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   */
+  protected DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (dateOfBirthObj == null || !(dateOfBirthObj instanceof DateTime)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+    }
+
+    return (DateTime) dateOfBirthObj;
+
+  }
+
+  /**
+   * Post-Process the eIDAS GivenName attribute.
+   * 
+   * @param givenNameObj eIDAS givenName attribute information
+   * @return formated user's givenname
+   * @throws EidasAttributeException    if NO attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   */
+  protected String processGivenName(Object givenNameObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (givenNameObj == null || !(givenNameObj instanceof String)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+    }
+
+    return (String) givenNameObj;
+
+  }
+
+  /**
+   * Post-Process the eIDAS FamilyName attribute.
+   * 
+   * @param familyNameObj eIDAS familyName attribute information
+   * @return formated user's familyname
+   * @throws EidasAttributeException    if NO attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   */
+  protected String processFamilyName(Object familyNameObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (familyNameObj == null || !(familyNameObj instanceof String)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
+    }
+
+    return (String) familyNameObj;
+
+  }
+
+  /**
+   * Post-Process the eIDAS pseudonym to ERnB unique identifier.
+   * 
+   * @param personalIdObj eIDAS PersonalIdentifierAttribute
+   * @return Unique personal identifier without country-code information
+   * @throws EidasAttributeException    if NO attribute is available
+   * @throws EidPostProcessingException if post-processing fails
+   */
+  protected String processPseudonym(Object personalIdObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (personalIdObj == null || !(personalIdObj instanceof String)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    }
+
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj);
+
+    return eIdentifier.getThird();
+
+  }
+
+  /**
+   * Set ProviderName and RequestId into eIDAS AuthnRequest.
+   * 
+   * @param pendingReq Current pendingRequest
+   * @param authnRequestBuilder AuthnRequest builder
+   */
+  protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+    final ISpConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+
+    // set correct SPType for requested target sector
+    final String publicSectorTargetSelector = basicConfig.getBasicConfiguration(
+        Constants.CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS,
+        Constants.POLICY_DEFAULT_ALLOWED_TARGETS);
+    final Pattern p = Pattern.compile(publicSectorTargetSelector);
+    final Matcher m = p.matcher(spConfig.getAreaSpecificTargetIdentifier());
+    if (m.matches()) {
+      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PublicSector'");
+      authnRequestBuilder.spType(SpType.PUBLIC.getValue());
+
+      final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+      if (basicConfig.getBasicConfigurationBoolean(
+              Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_ADD_ALWAYS_PROVIDERNAME,
+              false)) {
+        //TODO: only for eIDAS ref. node 2.0 and 2.1 because it need 'Providername' for
+        if (StringUtils.isNotEmpty(providerName)) {
+          log.debug("Set 'providername' to: {}", providerName);
+          authnRequestBuilder.providerName(providerName);  
+          
+        } else {
+          authnRequestBuilder.providerName(basicConfig.getBasicConfiguration(
+              Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+              Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP));
+          
+        }                 
+      }
+
+    } else {
+      log.debug("Map " + spConfig.getAreaSpecificTargetIdentifier() + " to 'PrivateSector'");
+      authnRequestBuilder.spType(SpType.PRIVATE.getValue());
+
+      // TODO: switch to RequesterId in further version
+      // set provider name for private sector applications
+      final String providerName = pendingReq.getRawData(Constants.DATA_PROVIDERNAME, String.class);
+      if (StringUtils.isNotEmpty(providerName)) {
+        authnRequestBuilder.providerName(providerName);
+                      
+      }
+      
+      authnRequestBuilder.requesterId(
+          generateRequesterId(pendingReq.getRawData(Constants.DATA_REQUESTERID, String.class)));
+            
+    }
+  }
+  
+  /**
+   * Build LoA based on Service-Provider configuration.
+   * 
+   * @param spConfig Current SP configuration
+   * @param authnRequestBuilder AuthnRequest builder
+   */
+  protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {
+    // TODO: set matching mode if eIDAS ref. impl. support this method
+
+    // TODO: update if eIDAS ref. impl. supports exact matching for non-notified LoA
+    // schemes
+    String loa = EaafConstants.EIDAS_LOA_HIGH;
+    if (spConfig.getRequiredLoA() != null) {
+      if (spConfig.getRequiredLoA().isEmpty()) {
+        log.info("No eIDAS LoA requested. Use LoA HIGH as default");
+      } else {
+        if (spConfig.getRequiredLoA().size() > 1) {
+          log.info(
+              "Currently only ONE requested LoA is supported for service provider. Use first one ... ");
+        }
+
+        loa = spConfig.getRequiredLoA().get(0);
+
+      }
+    }
+
+    log.debug("Request eIdAS node with LoA: " + loa);
+    authnRequestBuilder.levelsOfAssuranceValues(Arrays.asList(loa));
+    
+  }
+  
+  private String generateRequesterId(String requesterId) {
+    if (requesterId != null && basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION, true)) {            
+      try {
+        log.trace("Building hashed 'requesterId' for private SP ... ");
+        MessageDigest digest = MessageDigest.getInstance("SHA-256");
+        String encodedRequesterId = Base64.getEncoder().encodeToString(
+            digest.digest(requesterId.getBytes(StandardCharsets.UTF_8)));                
+        log.debug("Set 'requesterId' for: {} to: {}", requesterId, encodedRequesterId);
+        return encodedRequesterId;
+        
+      } catch (NoSuchAlgorithmException e) {
+        log.error("Can NOT generate hashed 'requesterId' from: {}. Use it as it is", requesterId, e);
+        
+      }
+            
+    }
+    
+    return requesterId;
+    
+  }
+
+
+  private void buildRequestedAttributes(Builder authnRequestBuilder) {
+    // build and add requested attribute set
+    final Map<String, Boolean> ccSpecificReqAttr = getCountrySpecificRequestedAttributes();
+    log.debug("Get #{} country-specific requested attributes", ccSpecificReqAttr.size());
+
+    final Map<String, Boolean> mdsReqAttr = attrRegistry.getDefaultAttributeSetFromConfiguration();
+    log.trace("Get #{} default requested attributes", mdsReqAttr.size());
+
+    // put it together
+    ccSpecificReqAttr.putAll(mdsReqAttr);
+
+    // convert it to eIDAS attributes
+    final ImmutableAttributeMap reqAttrMap = translateToEidasAttributes(ccSpecificReqAttr);
+    authnRequestBuilder.requestedAttributes(reqAttrMap);
+
+  }
+
+  private ImmutableAttributeMap translateToEidasAttributes(final Map<String, Boolean> requiredAttributes) {
+    final ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
+    for (final Map.Entry<String, Boolean> attribute : requiredAttributes.entrySet()) {
+      final String name = attribute.getKey();
+      final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry
+          .getCoreAttributeRegistry().getByFriendlyName(name);
+      if (!byFriendlyName.isEmpty()) {
+        final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
+        builder.put(AttributeDefinition.builder(attributeDefinition).required(attribute.getValue()).build());
+
+      } else {
+        log.warn("Can NOT request UNKNOWN attribute: " + attribute.getKey() + " Ignore it!");
+      }
+
+    }
+
+    return builder.build();
+
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
new file mode 100644
index 00000000..6dc08181
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.io.UnsupportedEncodingException;
+import java.util.Base64;
+import java.util.Map;
+
+import org.apache.commons.codec.DecoderException;
+import org.apache.commons.codec.binary.Hex;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+
+
+public class DeEidProcessor extends AbstractEidProcessor {
+  private static final Logger log = LoggerFactory.getLogger(DeEidProcessor.class);
+  private static final String canHandleCC = "DE";
+
+  private int priority = 1;
+
+  @Override
+  public int getPriority() {
+    return priority;
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+
+  }
+
+  public void setPriority(int priority) {
+    this.priority = priority;
+  }
+
+  @Override
+  public String getName() {
+    return "DE-PostProcessor";
+
+  }
+
+  @Override
+  protected String processPseudonym(Object uniqeIdentifierObj) throws EidPostProcessingException,
+      EidasAttributeException {
+    if (uniqeIdentifierObj == null || !(uniqeIdentifierObj instanceof String)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    }
+
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier((String) uniqeIdentifierObj);
+
+    log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    final String result = convertDeIdentifier(eIdentifier.getThird());
+    log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+
+    return result;
+
+  }
+
+  private String convertDeIdentifier(String hexEncodedDeIdentifier) throws EidPostProcessingException {
+    if (hexEncodedDeIdentifier.length() != 64) {
+      throw new EidPostProcessingException("ernb.03", new Object[] {
+          "Input has wrong length, expected 64 chars" });
+    }
+
+    byte[] data;
+    try {
+      data = Hex.decodeHex(hexEncodedDeIdentifier);
+      final byte[] encoded = Base64.getEncoder().encode(data);
+      return new String(encoded, "UTF-8");
+
+    } catch (final DecoderException | UnsupportedEncodingException e) {
+      throw new EidPostProcessingException("ernb.03", null, e);
+
+    }
+
+    
+  }
+
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return attrRegistry.getAttributeSetFromConfiguration(canHandleCC);
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java
new file mode 100644
index 00000000..69949435
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/GenericEidProcessor.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.HashMap;
+import java.util.Map;
+
+public class GenericEidProcessor extends AbstractEidProcessor {
+
+  private int priority = 0;
+
+  @Override
+  public int getPriority() {
+    return priority;
+
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return true;
+
+  }
+
+  public void setPriority(int priority) {
+    this.priority = priority;
+  }
+
+  @Override
+  public String getName() {
+    return "Default-PostProcessor";
+
+  }
+
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return new HashMap<>();
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java
new file mode 100644
index 00000000..577efbcd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/INationalEidProcessor.java
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+public interface INationalEidProcessor {
+
+  /**
+   * Get a friendlyName of this post-processor implementation.
+   * 
+   * @return
+   */
+  String getName();
+
+  /**
+   * Get the priority of this eID Post-Processor <br>
+   * If more than one Post-Processor implementations can handle the eID data, the
+   * post-processor with the highest priority are selected. The Default-Processor
+   * has priority '0'
+   * 
+   * @return Priority of this handler
+   */
+  int getPriority();
+
+  /**
+   * Check if this postProcessor is sensitive for a specific country.
+   * 
+   * @param countryCode of the eID data that should be processed
+   * @return true if this implementation can handle the country, otherwise false
+   * 
+   */
+  boolean canHandle(String countryCode);
+
+  /**
+   * Post-Process eIDAS eID data into national format.
+   * 
+   * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and
+   *                     attribute
+   * @throws EidPostProcessingException In case of a post-processing error
+   * @throws EidasAttributeException In case of an invalid eIDAS attribute
+   */
+  ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+      EidasAttributeException;
+
+  /**
+   * Pre-Process eIDAS Request to national requirements.
+   * 
+   * @param pendingReq          current pending request
+   * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+   */
+  void preProcess(IRequest pendingReq, Builder authnRequestBuilder);
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java
new file mode 100644
index 00000000..8402457f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/LuEidProcessor.java
@@ -0,0 +1,61 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class LuEidProcessor extends AbstractEidProcessor {
+
+  
+  
+  private static final String canHandleCC = "LU";
+
+  @Getter
+  @Setter
+  private int priority = 1;
+  
+  @Override
+  public String getName() {
+    return "LU-PostProcessor";
+    
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+    
+  }
+
+  @Override
+  protected void buildProviderNameAndRequesterIdAttribute(IRequest pendingReq, Builder authnRequestBuilder) {
+    super.buildProviderNameAndRequesterIdAttribute(pendingReq, authnRequestBuilder);    
+    if (basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX, true)) {      
+      String staticName = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP,
+          Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP);                
+      authnRequestBuilder.providerName(staticName);
+      authnRequestBuilder.requesterId(staticName);
+      log.debug("Use static name: {} as 'providerName' and 'RequesterId' for all 'LU' requests ", staticName);
+                 
+    } else { 
+      log.info("Static 'providerName' and 'RequesterId' for country: LU is deactivated");
+      
+    }
+    
+  }
+  
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return new HashMap<>();
+    
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java
new file mode 100644
index 00000000..2dd22927
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/NlEidProcessor.java
@@ -0,0 +1,54 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.handler;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISpConfiguration;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+import lombok.Getter;
+import lombok.Setter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class NlEidProcessor extends AbstractEidProcessor {
+
+  
+  
+  private static final String canHandleCC = "NL";
+
+  @Getter
+  @Setter
+  private int priority = 1;
+  
+  @Override
+  public String getName() {
+    return "NL-PostProcessor";
+    
+  }
+
+  @Override
+  public boolean canHandle(String countryCode) {
+    return countryCode != null && countryCode.equalsIgnoreCase(canHandleCC);
+    
+  }
+
+  protected void buildLevelOfAssurance(ISpConfiguration spConfig, Builder authnRequestBuilder) {    
+    super.buildLevelOfAssurance(spConfig, authnRequestBuilder);
+    
+    //check requested level
+    if (authnRequestBuilder.build().getLevelOfAssurance().equals(EaafConstants.EIDAS_LOA_LOW)) {
+      log.debug("Upgrade LoA to {}, because NL needs it as minimum.", EaafConstants.EIDAS_LOA_SUBSTANTIAL);
+      authnRequestBuilder.levelsOfAssuranceValues(Arrays.asList(EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+      
+    }        
+  }
+  
+  @Override
+  protected Map<String, Boolean> getCountrySpecificRequestedAttributes() {
+    return new HashMap<>();
+    
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
new file mode 100644
index 00000000..098e76ce
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/AuthBlockSigningService.java
@@ -0,0 +1,211 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.time.LocalDateTime;
+import java.time.ZoneOffset;
+import java.time.temporal.ChronoUnit;
+import java.util.Base64;
+import java.util.UUID;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.jose4j.lang.JoseException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import com.fasterxml.jackson.annotation.JsonFormat;
+import com.fasterxml.jackson.annotation.JsonInclude;
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
+import com.fasterxml.jackson.databind.annotation.JsonSerialize;
+import com.fasterxml.jackson.datatype.jsr310.deser.LocalDateTimeDeserializer;
+import com.fasterxml.jackson.datatype.jsr310.ser.LocalDateTimeSerializer;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exception.EaafKeyAccessException;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Service to build and sign AuthBlock's for E-ID system.
+ * 
+ * @author tlenz
+ *
+ */
+@Slf4j
+@Service("authBlockSigningService")
+public class AuthBlockSigningService {
+
+  private static final String KEYSTORE_FRIENDLYNAME = "AuthBlock_Signing";
+
+  private static ObjectMapper mapper = new ObjectMapper();
+  
+  @Autowired
+  IConfiguration basicConfig;
+  
+  @Autowired
+  EaafKeyStoreFactory keyStoreFactory;
+
+  
+  private Pair<KeyStore, Provider> keyStore;
+  
+  /**
+   * Build and sign an AuthBlock for E-ID system. 
+   * 
+   * @param pendingReq data that should be added into AuthBlock
+   * @return serialized JWS
+   * @throws JsonProcessingException In case of a AuthBlock generation error 
+   * @throws JoseException  In case of a JWS signing error
+   * @throws EaafException  In case of a KeyStore or Key error
+   */
+  public String buildSignedAuthBlock(IRequest pendingReq) 
+      throws JsonProcessingException, EaafException, JoseException {
+    
+    //TODO: set Challenge to SAML2 requestId to create link between authentication request and authBlock
+    
+    // build AuthBlock
+    EidasAuchBlock authBlock = new EidasAuchBlock();
+    authBlock.setChallenge(UUID.randomUUID().toString());
+    authBlock.setTimestamp(LocalDateTime.now(ZoneOffset.UTC).truncatedTo(ChronoUnit.SECONDS));
+    authBlock.setUniqueId(pendingReq.getRawData(MsEidasNodeConstants.DATA_REQUESTERID, String.class)); 
+    authBlock.setPiiTransactionId(pendingReq.getUniquePiiTransactionIdentifier());
+    
+    //set Binding PublicKey if available
+    Object bindingPubKey = pendingReq.getRawData(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME);
+    if (bindingPubKey instanceof String) {
+      authBlock.setBindingPublicKey((String) bindingPubKey);
+      
+    }
+    
+    String jwsPayload = mapper.writeValueAsString(authBlock);
+    log.debug("Building and sign authBlock with data: {}", jwsPayload);
+    
+    //sign JWS
+    return JoseUtils
+        .createSignature(keyStore, getKeyAlias(), getKeyPassword(), jwsPayload, false,
+                         KEYSTORE_FRIENDLYNAME);    
+  }
+  
+
+  /**
+   * Get the Base64 encoded PublicKey that is used to sign the AuthBlock.
+   * 
+   * @return Base64 encoded PublicKey
+   * @throws EaafKeyAccessException In case of an unknown or invalid key
+   */
+  public String getBase64EncodedPublicKey() throws EaafKeyAccessException {       
+    Pair<Key, X509Certificate[]> keyPair = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+        keyStore.getFirst(), getKeyAlias(), getKeyPassword(), true, KEYSTORE_FRIENDLYNAME);       
+    return Base64.getEncoder().encodeToString(keyPair.getSecond()[0].getPublicKey().getEncoded());
+    
+  }
+
+  @PostConstruct
+  private void initialize() throws KeyStoreException, EaafException {   
+    log.debug("Initializing AuthBlock signing service ... ");
+    // read Connector wide config data TODO connector wide!   
+    String keyStoreName = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
+    String keyStorePw = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD);
+    String keyStorePath = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH);
+    String keyStoreType = basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE);
+
+    
+    //build new KeyStore configuration
+    KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration();
+    keyStoreConfiguration.setFriendlyName(KEYSTORE_FRIENDLYNAME);
+    
+    keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath);
+    keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw);
+    keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType));    
+    keyStoreConfiguration.setKeyStoreName(keyStoreName);
+    
+    //validate KeyStore configuration
+    keyStoreConfiguration.validate();
+        
+    //validate key alias
+    if (StringUtils.isEmpty(getKeyAlias())) {
+      throw new EaafConfigurationException("config.08", 
+          new Object[] {MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_ALIAS});
+      
+    }
+        
+    //build new KeyStore based on configuration
+    keyStore =  keyStoreFactory.buildNewKeyStore(keyStoreConfiguration);
+    
+    //check if Key is accessible
+    EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+        keyStore.getFirst(), getKeyAlias(), getKeyPassword(), true, KEYSTORE_FRIENDLYNAME);
+    
+    log.info("AuthBlock signing-service successful initialized");
+    
+  }   
+  
+  private char[] getKeyPassword() {
+    final String value = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_PASSWORD);
+    if (value != null) {
+      return value.trim().toCharArray();
+    }
+
+    return null;
+    
+  }
+
+
+  private String getKeyAlias() {
+    return basicConfig
+        .getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEY_ALIAS);
+    
+  }
+  
+  /**
+   * Technical AuthBlock for eIDAS Authentication.
+   * 
+   * @author tlenz
+   *
+   */
+  @Data
+  @JsonInclude(JsonInclude.Include.NON_NULL)
+  private static class EidasAuchBlock {
+
+    @JsonProperty("challenge")
+    private String challenge;
+    
+    @JsonProperty("timestamp")
+    @JsonSerialize(using = LocalDateTimeSerializer.class)
+    @JsonDeserialize(using = LocalDateTimeDeserializer.class)
+    @JsonFormat(pattern = "yyyy-MM-dd'T'HH:mm:ss.SSS'Z'", timezone = "UTC")
+    private LocalDateTime timestamp;
+    
+    @JsonProperty("appId")
+    private String uniqueId;
+    
+    @JsonProperty("piiTransactionId")
+    private String piiTransactionId;
+    
+    @JsonProperty("bindingPublicKey")
+    private String bindingPublicKey;
+    
+  }
+
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
new file mode 100644
index 00000000..230d6052
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
@@ -0,0 +1,135 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.INationalEidProcessor;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@Service
+public class CcSpecificEidProcessingService implements ICcSpecificEidProcessingService {
+  private static final Logger log = LoggerFactory.getLogger(CcSpecificEidProcessingService.class);
+
+  @Autowired
+  private ApplicationContext context;
+
+  private final List<INationalEidProcessor> handlers = new ArrayList<>();
+
+  @PostConstruct
+  private void initialize() {
+    log.debug("Initialize eID PostProcessing-Service ... ");
+    final Map<String, INationalEidProcessor> postProcessors = context.getBeansOfType(
+        INationalEidProcessor.class);
+    final Iterator<Entry<String, INationalEidProcessor>> iterator = postProcessors.entrySet().iterator();
+    while (iterator.hasNext()) {
+      final Entry<String, INationalEidProcessor> el = iterator.next();
+      log.debug("Find eID-PostProcessor with name: " + el.getKey());
+      handlers.add(el.getValue());
+
+    }
+
+    log.trace("Sorting eID-PostProcessors on priority ... ");
+    Collections.sort(handlers, (thisAuthModule, otherAuthModule) -> {
+      final int thisOrder = thisAuthModule.getPriority();
+      final int otherOrder = otherAuthModule.getPriority();
+      return thisOrder < otherOrder ? 1 : thisOrder == otherOrder ? 0 : -1;
+    });
+
+    log.info("# " + handlers.size() + " eID PostProcessing services are registrated");
+
+  }
+
+  @Override
+  public void preProcess(String selectedCitizenCountry, IRequest pendingReq, Builder authnRequestBuilder)
+      throws EidPostProcessingException {
+    if (StringUtils.isEmpty(selectedCitizenCountry)) {
+      log.info("No CountryCode for eID Pre-Processor. Default Pre-Processor will be used");
+    }
+
+    for (final INationalEidProcessor el : handlers) {
+      if (el.canHandle(selectedCitizenCountry)) {
+        log.debug("Pre-Process eIDAS request for " + selectedCitizenCountry + " by using:  " + el.getName());
+        el.preProcess(pendingReq, authnRequestBuilder);
+        return;
+
+      }
+    }
+
+    log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+    throw new EidPostProcessingException("internal.00", null);
+
+  }
+
+  @Override
+  public ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+      EidasAttributeException {
+    // extract citizen country from eIDAS unique identifier
+    final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) {
+      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    }
+
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier((String) eIdentifierObj);
+    final String citizenCountry = eIdentifier.getFirst();
+
+    if (StringUtils.isEmpty(citizenCountry)) {
+      log.info("No CountryCode for eID PostProcessor. Default-PostProcessor will be used");
+    }
+
+    for (final INationalEidProcessor el : handlers) {
+      if (el.canHandle(citizenCountry)) {
+        log.debug("Post-Process eIDAS eID from " + citizenCountry + " by using:  " + el.getName());
+        return el.postProcess(eidasAttrMap);
+
+      }
+    }
+
+    log.error("NO eID PostProcessor FOUND. Looks like a depentency problem!");
+    throw new EidPostProcessingException("internal.00", null);
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
new file mode 100644
index 00000000..e73491ab
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
@@ -0,0 +1,180 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.io.File;
+import java.text.MessageFormat;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.lang.NonNull;
+import org.springframework.stereotype.Service;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import eu.eidas.auth.commons.attribute.AttributeRegistries;
+import eu.eidas.auth.commons.attribute.AttributeRegistry;
+
+@Service("attributeRegistry")
+public class EidasAttributeRegistry {
+  private static final Logger log = LoggerFactory.getLogger(EidasAttributeRegistry.class);
+  @Autowired
+  private IConfigurationWithSP basicConfig;
+
+  private AttributeRegistry coreAttributeRegistry;
+
+  private String eidasAttributesFile;
+  private String additionalAttributesFile;
+
+  @PostConstruct
+  private void initialize() throws RuntimeException {
+    try {
+      if (eidasAttributesFile.isEmpty()) {
+        log.error("Basic eIDAS addribute definition NOT defined");
+        throw new EaafConfigurationException("config.30",
+            new Object[] { "eidas-attributes.xml" });
+
+      }
+
+      boolean additionalAttrAvailabe = false;
+      if (!additionalAttributesFile.isEmpty()) {
+        final File file = new File(additionalAttributesFile);
+        if (file.exists()) {
+          additionalAttrAvailabe = true;
+        }
+
+      }
+
+      if (!additionalAttrAvailabe) {
+        log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... ");
+        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null);
+
+      } else {
+        // load attribute definitions
+        log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... ");
+        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null,
+            additionalAttributesFile);
+
+      }
+
+    } catch (final Throwable e) {
+      log.error("Can NOT initialize eIDAS attribute definition.", e);
+      throw new RuntimeException("Can NOT initialize eIDAS attribute definition.", e);
+
+    }
+  }
+
+  public AttributeRegistry getCoreAttributeRegistry() {
+    return coreAttributeRegistry;
+  }
+
+  /**
+   * Get Map of attributes that are requested by default.
+   * 
+   * @return Map of AttributeIdentifier, isRequired flag
+   */
+  @NonNull
+  public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
+    /*
+     * TODO: select set for representation if mandates should be used. It's an open
+     * task in respect to requested eIDAS attributes and isRequired flag, because
+     * there can be a decision problem in case of natural or legal person
+     * representation! From an Austrian use-case point of view, an Austrian service
+     * provider can support mandates for natural and legal persons at the same time.
+     * However, we CAN NOT request attributes for natural AND legal persons on the
+     * same time, because it's not possible to represent both simultaneously.
+     */
+    final Map<String, String> configAttributes =
+        basicConfig.getBasicConfigurationWithPrefix(
+            Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
+    return processAttributeInfosFromConfig(configAttributes);
+
+  }
+
+  /**
+   * Get a Map of attributes that are additionally requested for a specific country.
+   * 
+   * @param countryCode Country Code
+   * @return Map of AttributeIdentifier, isRequired flag
+   */
+  @NonNull
+  public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
+
+    /*
+     * TODO: select set for representation if mandates should be used. It's an open
+     * task in respect to requested eIDAS attributes and isRequired flag, because
+     * there can be a decision problem in case of natural or legal person
+     * representation! From an Austrian use-case point of view, an Austrian service
+     * provider can support mandates for natural and legal persons at the same time.
+     * However, we CAN NOT request attributes for natural AND legal persons on the
+     * same time, because it's not possible to represent both simultaneously.
+     */
+    final Map<String, String> configAttributes =
+        basicConfig.getBasicConfigurationWithPrefix(
+            MessageFormat.format(
+                Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
+                countryCode.toLowerCase()));
+    return processAttributeInfosFromConfig(configAttributes);
+
+  }
+
+  private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
+
+    final Map<String, Boolean> result = new HashMap<>();
+    for (final String el : configAttributes.values()) {
+      if (StringUtils.isNotEmpty(el.trim())) {
+        final List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim());
+        boolean isRequired = false;
+        if (attrDef.size() == 2) {
+          isRequired = Boolean.parseBoolean(attrDef.get(1));
+        }
+
+        result.put(attrDef.get(0), isRequired);
+
+      }
+    }
+
+    log.trace("Load #" + result.size() + " requested attributes from configuration");
+    return result;
+
+  }
+
+  public void setEidasAttributesFile(String eidasAttributesFile) {
+    this.eidasAttributesFile = eidasAttributesFile;
+  }
+
+  public void setAdditionalAttributesFile(String additionalAttributesFile) {
+    this.additionalAttributesFile = additionalAttributesFile;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java
new file mode 100644
index 00000000..549aa65c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasDataStore.java
@@ -0,0 +1,363 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed
+ * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License. You may
+ * obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses. The "NOTICE" text file
+ * is part of the distribution. Any derivative works that you distribute must
+ * include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+//import java.io.File;
+//import java.io.IOException;
+//import java.sql.Connection;
+//import java.sql.DriverManager;
+//import java.sql.PreparedStatement;
+//import java.sql.ResultSet;
+//import java.sql.SQLException;
+//import java.sql.Statement;
+//import java.time.Instant;
+//import java.util.Properties;
+//
+//import javax.annotation.PostConstruct;
+//
+//import org.slf4j.Logger;
+//import org.slf4j.LoggerFactory;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.stereotype.Component;
+//import org.sqlite.SQLiteConfig;
+//import org.sqlite.SQLiteConfig.LockingMode;
+//import org.sqlite.SQLiteConfig.SynchronousMode;
+//import org.sqlite.SQLiteErrorCode;
+//
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.DAO.eIDASPersonalIdStoreDAO;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException;
+//import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+//import at.gv.egiz.eaaf.core.impl.data.Pair;
+//import at.gv.egiz.eaaf.core.impl.data.Trible;
+//
+//@Component
+//@Deprecated
+//public class EidasDataStore {
+//
+//  private static final String SQLITE_JDBC_DRIVER_CLASS = "org.sqlite.JDBC";
+//  private static final String SQLITE_CONNECTION_PARAM = "jdbc:sqlite:%s";
+//  private static final boolean sleep = true;
+//  private static final int howLongToSleepOnBusyLock_ = 100;
+//
+//  private static final Logger log = LoggerFactory.getLogger(EidasDataStore.class);
+//
+//  @Autowired
+//  private IConfiguration basicConfig;
+//
+//  private String connectionUrl;
+//  private Connection conn = null;
+//
+//  @PostConstruct
+//  private void initialize() throws SQLiteServiceException {
+//    try {
+//      final String sqlLiteDbUrl = basicConfig.getBasicConfiguration(
+//          Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL,
+//          basicConfig.getConfigurationRootDirectory().toString() + "/sqlite/database.db"
+//
+//      );
+//
+//      log.info("Use SQLite database with URL: " + sqlLiteDbUrl);
+//
+//      // check if SQLite lib is in Classpath
+//      Class.forName(SQLITE_JDBC_DRIVER_CLASS);
+//
+//      // open DB connection
+//      boolean isNewFileCreated = false;
+//
+//      // open file or create file if not already exists
+//      final File dbFile = new File(sqlLiteDbUrl);
+//      if (!dbFile.exists()) {
+//        log.info("SQLite database does not exist. Creating new database file ... ");
+//        dbFile.createNewFile();
+//        isNewFileCreated = true;
+//
+//      }
+//
+//      // open database connection
+//      connectionUrl = String.format(SQLITE_CONNECTION_PARAM, dbFile.getPath());
+//
+//      // create DB scheme if new DB file was created
+//      if (isNewFileCreated) {
+//        executeUpdate(startConnection().createStatement(), eIDASPersonalIdStoreDAO.CREATE);
+//        log.debug("SQLite db scheme created");
+//
+//      }
+//
+//    } catch (final ClassNotFoundException e) {
+//      log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
+//      throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//    } catch (SQLException | IOException e) {
+//      log.warn("Can NOT initialize SQLite database for temporarly identity mapping. ", e);
+//      throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//    }
+//
+//  }
+//
+//  /**
+//   * Store a mapping entry with eIDAS personal identifier (source country /
+//   * destination country / personal identifier) and the identifier that is used
+//   * for ERnB communication.
+//   *
+//   * @param transactionId Id of this authentication transaction
+//   * @param eidasId       eIDAS personal identifier without country prefixes
+//   * @param ernbId        personal identifier that is used to request the ERnB
+//   * @throws SQLiteServiceException In case of a database error
+//   */
+//  public void storeNationalId(String transactionId, Trible<String, String, String> eidasId, String ernbId)
+//      throws SQLiteServiceException {
+//    try {
+//      final PreparedStatement preStatment = startConnection().prepareStatement(
+//          eIDASPersonalIdStoreDAO.INSERT,
+//          Statement.RETURN_GENERATED_KEYS);
+//
+//      for (int i = 1; i <= eIDASPersonalIdStoreDAO.TABLE_COLS.size(); i++) {
+//        final Pair<String, eIDASPersonalIdStoreDAO.T> col = eIDASPersonalIdStoreDAO.TABLE_COLS.get(i - 1);
+//        if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.timestamp.name())) {
+//          preStatment.setDate(i, new java.sql.Date(Instant.now().toEpochMilli()));
+//        } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.transactionId.name())) {
+//          preStatment.setString(i, transactionId);
+//        } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasId.name())) {
+//          preStatment.setString(i, eidasId.getThird());
+//        } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasSourceCountry.name())) {
+//          preStatment.setString(i, eidasId.getFirst());
+//        } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.eidasDestinationCountry.name())) {
+//          preStatment.setString(i, eidasId.getSecond());
+//        } else if (col.getFirst().equals(eIDASPersonalIdStoreDAO.COLS.ernbId.name())) {
+//          preStatment.setString(i, ernbId);
+//        } else {
+//          log.warn("SQLite table:" + eIDASPersonalIdStoreDAO.NAME + " contains no col with name:" + col
+//              .getFirst());
+//        }
+//
+//      }
+//
+//      // execute SQL query
+//      final int sqlResult = preStatment.executeUpdate();
+//
+//      if (sqlResult != 1) {
+//        log.warn("SQLite query execution FAILED!");
+//        throw new SQLiteServiceException("internal.06", new Object[] { "Queryresult is '-1'" });
+//
+//      }
+//
+//    } catch (SQLiteServiceException | SQLException e) {
+//      log.warn("SQLite query execution FAILED!", e);
+//      throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//    }
+//
+//  }
+//
+//  /**
+//   * Get the ERnB related national identifier from mapping database.
+//   * 
+//   * @param eidasId eIDAS related identifier
+//   * @return Mapped ERnB identifier
+//   * @throws SQLiteServiceException In case of a database error
+//   */
+//  public String getErnbNationalId(Trible<String, String, String> eidasId) throws SQLiteServiceException {
+//    try {
+//      final PreparedStatement preStatment = startConnection().prepareStatement(
+//          eIDASPersonalIdStoreDAO.SELECT_BY_EIDAS_RAW_ID,
+//          Statement.RETURN_GENERATED_KEYS);
+//
+//      preStatment.setString(1, eidasId.getThird());
+//      preStatment.setString(2, eidasId.getFirst());
+//
+//      final ResultSet rs = preStatment.executeQuery();
+//
+//      if (!rs.next()) {
+//        return null;
+//      } else {
+//        return rs.getString(eIDASPersonalIdStoreDAO.COLS.ernbId.name());
+//      }
+//
+//    } catch (SQLiteServiceException | SQLException e) {
+//      log.warn("SQLite query execution FAILED!", e);
+//      throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//    }
+//
+//  }
+//
+//  /**
+//   * Get the eIDAS identifier from an ERnB identifier.
+//   * 
+//   * @param ernbId ERnB specific identifier
+//   * @return eIDAS unqiue identifier
+//   * @throws SQLiteServiceException In case of a database error
+//   */
+//  public String getEidasRawNationalId(String ernbId) throws SQLiteServiceException {
+//    try {
+//      final PreparedStatement preStatment = startConnection().prepareStatement(
+//          eIDASPersonalIdStoreDAO.SELECT_BY_ERNB_ID,
+//          Statement.RETURN_GENERATED_KEYS);
+//
+//      preStatment.setString(1, ernbId);
+//
+//      final ResultSet rs = preStatment.executeQuery();
+//
+//      if (!rs.next()) {
+//        return null;
+//      } else {
+//        return rs.getString(eIDASPersonalIdStoreDAO.COLS.eidasId.name());
+//      }
+//
+//    } catch (SQLiteServiceException | SQLException e) {
+//      log.warn("SQLite query execution FAILED!", e);
+//      throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//    }
+//
+//  }
+//
+//  private Connection startConnection() throws SQLiteServiceException {
+//    int i = howLongToSleepOnBusyLock_;
+//
+//    while (true) {
+//      try {
+//        if (conn == null) {
+//          log.info("Initializing SQLite database with URL: " + connectionUrl + " ... ");
+//          conn = DriverManager.getConnection(connectionUrl, getConnectionProperties());
+//
+//        } else {
+//          if (!conn.isValid(10)) {
+//            log.info("SQLite connection is not valid any more --> restarting connection ...");
+//            conn.close();
+//            conn = DriverManager.getConnection(connectionUrl, getConnectionProperties());
+//          }
+//        }
+//
+//        log.info("SQLite database connected");
+//        return conn;
+//
+//      } catch (final SQLException e) {
+//        final String msg = e.getLocalizedMessage();
+//        if (isBusyLocked(e)) {
+//          log.warn(msg, e);
+//          try {
+//            if (sleep) {
+//              Thread.sleep(i++);
+//            }
+//
+//          } catch (final InterruptedException e1) {
+//            throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1);
+//
+//          }
+//          continue;
+//
+//        }
+//        throw new SQLiteServiceException("internal.05", new Object[] { e.getMessage() }, e);
+//
+//      }
+//    }
+//  }
+//
+//  /*
+//   * SQLite query code
+//   */
+//
+//  protected Properties getConnectionProperties() {
+//    final SQLiteConfig config = new SQLiteConfig();
+//    config.enforceForeignKeys(true);
+//    config.setCacheSize(8000);
+//    config.setLockingMode(LockingMode.NORMAL);
+//    config.setSharedCache(false);
+//    config.setReadUncommited(true);
+//    config.setSynchronous(SynchronousMode.NORMAL);
+//    return config.toProperties();
+//
+//  }
+//
+//  private int executeUpdate(Statement statement, String sql) throws SQLiteServiceException {
+//    final int i = 10;
+//
+//    int rc = -1;
+//    while (true) {
+//      try {
+//        rc = statement.executeUpdate(sql);
+//        break;
+//
+//      } catch (final SQLException e) {
+//        try {
+//          if (executeUpdateError(e, i)) {
+//            continue;
+//          } else {
+//            throw new SQLiteServiceException("internal.06",
+//                new Object[] { e.getMessage() }, e);
+//          }
+//
+//        } catch (final SQLiteServiceException e1) {
+//          log.warn("\n" + sql + "\n" + e1.getMessage());
+//          throw e1;
+//
+//        }
+//      }
+//    }
+//
+//    return rc;
+//
+//  }
+//
+//  private boolean isBusyLocked(SQLException e) {
+//    final int eC = e.getErrorCode();
+//
+//    if (eC == SQLiteErrorCode.SQLITE_LOCKED.code
+//        || eC == SQLiteErrorCode.SQLITE_BUSY.code) {
+//      log.trace("SQLite db is busy looked");
+//      return true;
+//
+//    }
+//
+//    final String msg = e.getMessage();
+//    if (msg.contains("[SQLITE_LOCKED]") || msg.contains("[SQLITE_BUSY]")) {
+//      log.trace("SQLite db is busy looked");
+//      return true;
+//    }
+//
+//    return false;
+//  }
+//
+//  private boolean executeUpdateError(SQLException e, int theadSleepCounter) throws SQLiteServiceException {
+//    if (isBusyLocked(e)) {
+//      try {
+//        if (sleep) {
+//          Thread.sleep(theadSleepCounter++);
+//        }
+//
+//      } catch (final InterruptedException e1) {
+//        throw new SQLiteServiceException("internal.05", new Object[] { e1.getMessage() }, e1);
+//
+//      }
+//
+//      return true;
+//    }
+//
+//    return false;
+//
+//  }
+//}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java
new file mode 100644
index 00000000..ebbc15e4
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ICcSpecificEidProcessingService.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.util.Map;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+public interface ICcSpecificEidProcessingService {
+
+  /**
+   * Post-process eIDAS eID attributes into national format.
+   * 
+   * @param eidasAttrMap Map of eIDAS attributes in format friendlyName and
+   *                     attribute
+   * 
+   * @return eID attributes for SZR request
+   * @throws EidPostProcessingException In case of a post-processing error
+   * @throws EidasAttributeException In case of an invalid eIDAS attribute value
+   */
+  ErnbEidData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
+      EidasAttributeException;
+
+  /**
+   * Pre Process eIDAS request into national requirements.
+   * 
+   * @param selectedCC          Citizen Country from selection
+   * @param pendingReq          current pending request
+   * @param authnRequestBuilder eIDAS {@link ILightRequest} builder
+   * @throws EidPostProcessingException In case of a pre-processing error
+   */
+  void preProcess(String selectedCC, IRequest pendingReq, Builder authnRequestBuilder)
+      throws EidPostProcessingException;
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
new file mode 100644
index 00000000..1f5837d6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrClient.java
@@ -0,0 +1,522 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.net.URL;
+import java.security.KeyManagementException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.annotation.PostConstruct;
+import javax.net.ssl.KeyManager;
+import javax.net.ssl.KeyManagerFactory;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.TrustManagerFactory;
+import javax.xml.XMLConstants;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.Marshaller;
+import javax.xml.namespace.QName;
+import javax.xml.transform.Source;
+import javax.xml.transform.Transformer;
+import javax.xml.transform.TransformerException;
+import javax.xml.transform.TransformerFactory;
+import javax.xml.transform.stream.StreamResult;
+import javax.xml.transform.stream.StreamSource;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.Dispatch;
+import javax.xml.ws.handler.Handler;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.configuration.jsse.TLSClientParameters;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.jaxws.DispatchImpl;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.HTTPClientPolicy;
+import org.apache.xpath.XPathAPI;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+import org.w3c.dom.Document;
+import org.w3c.dom.Element;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.XmlNamespaceConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidas;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.IdentityLinkType;
+import szrservices.JwsHeaderParam;
+import szrservices.ObjectFactory;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+import szrservices.SignContent;
+import szrservices.SignContentEntry;
+import szrservices.SignContentResponseType;
+
+
+@Service("SZRClientForeIDAS")
+public class SzrClient {
+  private static final Logger log = LoggerFactory.getLogger(SzrClient.class);
+
+  private static final String CLIENT_DEFAULT = "DefaultClient";
+  private static final String CLIENT_RAW = "RawClient";
+
+  private static final String ATTR_NAME_VSZ = "urn:eidgvat:attributes.vsz.value";
+  private static final String ATTR_NAME_PUBKEYS = "urn:eidgvat:attributes.user.pubkeys";
+  private static final String ATTR_NAME_STATUS = "urn:eidgvat:attributes.eid.status";
+  private static final String KEY_BC_BIND = "bcBindReq";
+  private static final String JOSE_HEADER_USERCERTPINNING_TYPE = "urn:at.gv.eid:bindtype";
+  private static final String JOSE_HEADER_USERCERTPINNING_EIDASBIND = "urn:at.gv.eid:eidasBind";
+  public static final String ATTR_NAME_MDS = "urn:eidgvat:mds";
+  
+  @Autowired
+  private IConfiguration basicConfig;
+
+  // client for anything, without identitylink
+  private SZR szr = null;
+
+  // RAW client is needed for identitylink
+  private Dispatch<Source> dispatch = null;
+
+  private SzrService szrService = null;
+  private String szrUrl = null;
+  private QName qname = null;
+
+  final ObjectMapper mapper = new ObjectMapper();
+
+  /**
+   * Get IdentityLink of a person.
+   *
+   * @param personInfo Person identification information
+   * @return IdentityLink
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public IdentityLinkType getIdentityLinkInRawMode(PersonInfoType personInfo)
+      throws SzrCommunicationException {
+    try {
+      final GetIdentityLinkEidas getIdl = new GetIdentityLinkEidas();
+      getIdl.setPersonInfo(personInfo);
+
+      final JAXBContext jaxbContext = JAXBContext.newInstance(ObjectFactory.class);
+      final Marshaller jaxbMarshaller = jaxbContext.createMarshaller();
+
+      final ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
+      jaxbMarshaller.marshal(getIdl, outputStream);
+      outputStream.flush();
+
+      final Source source = new StreamSource(new ByteArrayInputStream(outputStream.toByteArray()));
+      outputStream.close();
+
+      log.trace("Requesting SZR ... ");
+      final Source response = dispatch.invoke(source);
+      log.trace("Receive RAW response from SZR");
+
+      final byte[] szrResponse = sourceToByteArray(response);
+      final GetIdentityLinkEidasResponse jaxbElement = (GetIdentityLinkEidasResponse) jaxbContext
+          .createUnmarshaller().unmarshal(new ByteArrayInputStream(szrResponse));
+
+      // build response
+      log.trace(new String(szrResponse, "UTF-8"));
+
+      // ok, we have success
+      final Document doc = DomUtils.parseDocument(
+          new ByteArrayInputStream(szrResponse),
+          true,
+          XmlNamespaceConstants.ALL_SCHEMA_LOCATIONS + " " + Constants.SZR_SCHEMA_LOCATIONS,
+          null, null);
+      final String xpathExpression = "//saml:Assertion";
+      final Element nsNode = doc.createElementNS("urn:oasis:names:tc:SAML:1.0:assertion", "saml:NSNode");
+
+      log.trace("Selecting signed doc " + xpathExpression);
+      final Element documentNode = (Element) XPathAPI.selectSingleNode(doc,
+          xpathExpression, nsNode);
+      log.trace("Signed document: " + DomUtils.serializeNode(documentNode));
+
+      final IdentityLinkType idl = new IdentityLinkType();
+      idl.setAssertion(documentNode);
+      idl.setPersonInfo(jaxbElement.getGetIdentityLinkReturn().getPersonInfo());
+
+      return idl;
+
+    } catch (final Exception e) {
+      log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+
+    }
+
+  }
+
+  /**
+   * Get bPK of person.
+   *
+   * @param personInfo Person identification information
+   * @param target     requested bPK target
+   * @param vkz        Verfahrenskennzeichen
+   * @return bPK for this person
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public List<String> getBpk(PersonInfoType personInfo, String target, String vkz)
+      throws SzrCommunicationException {
+    try {
+      final GetBPK parameters = new GetBPK();
+      parameters.setPersonInfo(personInfo);
+      parameters.getBereichsKennung().add(target);
+      parameters.setVKZ(vkz);
+      final GetBPKResponse result = this.szr.getBPK(parameters);
+
+      return result.getGetBPKReturn();
+
+    } catch (final SZRException_Exception e) {
+      log.warn("SZR communication FAILED. Reason: " + e.getMessage(), e);
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+
+    }
+
+  }
+
+  /**
+   * Request a encryped baseId from SRZ.
+   *
+   * @param personInfo Minimum dataset of person
+   * @return encrypted baseId
+   * @throws SzrCommunicationException    In case of a SZR error
+   */
+  public String getEncryptedStammzahl(final PersonInfoType personInfo)
+      throws SzrCommunicationException {
+
+    final String resp;
+    try {
+      resp = this.szr.getStammzahlEncrypted(personInfo, true);
+    } catch (SZRException_Exception e) {
+      throw new SzrCommunicationException("ernb.02", new Object[]{e.getMessage()}, e);
+    }
+
+    if (StringUtils.isEmpty(resp)) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"Stammzahl response empty"}); // TODO error handling
+    }
+
+    return resp;
+
+  }
+
+  /**
+   * Sign an eidasBind data-structure that combines vsz with user's pubKey and E-ID status.
+   *
+   * @param vsz encryped baseId
+   * @param bindingPubKey  binding PublikKey as PKCS1# (ASN.1) container
+   * @param eidStatus Status of the E-ID
+   * @param eidData eID information that was used for ERnP registration
+   * @return bPK for this person
+   * @throws SzrCommunicationException In case of a SZR error
+   */
+  public String getEidsaBind(final String vsz, final String bindingPubKey, final String eidStatus,
+      ErnbEidData eidData)throws SzrCommunicationException {
+
+    final Map<String, Object> eidsaBindMap = new HashMap<>();
+    eidsaBindMap.put(ATTR_NAME_VSZ, vsz);
+    eidsaBindMap.put(ATTR_NAME_STATUS, eidStatus);
+    eidsaBindMap.put(ATTR_NAME_PUBKEYS, Arrays.asList(bindingPubKey));
+    eidsaBindMap.put(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, eidData.getCitizenCountryCode());
+    injectMdsIfAvailableAndActive(eidsaBindMap, eidData);        
+    
+    try {
+      final String serializedEidasBind = mapper.writeValueAsString(eidsaBindMap);
+      final SignContent req = new SignContent();
+      final SignContentEntry eidasBindInfo = new SignContentEntry();
+      eidasBindInfo.setKey(KEY_BC_BIND);
+      eidasBindInfo.setValue(serializedEidasBind);
+      req.getIn().add(eidasBindInfo);
+      req.setAppendCert(false);
+      final JwsHeaderParam eidasBindJoseHeader = new JwsHeaderParam();
+      eidasBindJoseHeader.setKey(JOSE_HEADER_USERCERTPINNING_TYPE);
+      eidasBindJoseHeader.setValue(JOSE_HEADER_USERCERTPINNING_EIDASBIND);
+      req.getJWSHeaderParam().add(eidasBindJoseHeader);
+
+      log.trace("Requesting SZR to sign bcBind datastructure ... ");
+      final SignContentResponseType resp = szr.signContent(req.isAppendCert(), req.getJWSHeaderParam(), req.getIn());
+      log.trace("Receive SZR response on bcBind siging operation ");
+
+      if (resp == null || resp.getOut() == null
+          || resp.getOut().isEmpty()
+          || StringUtils.isEmpty(resp.getOut().get(0).getValue())) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"BcBind response empty"});
+      }
+
+      return resp.getOut().get(0).getValue();
+
+    } catch (final JsonProcessingException | SZRException_Exception e) {
+      log.warn("Requesting bcBind by using SZR FAILED. Reason: {}", e.getMessage(), null, e);
+      throw new SzrCommunicationException("ernb.02",
+          new Object[]{e.getMessage()}, e);
+    }
+  }
+
+  @PostConstruct
+  private void initialize() {
+    log.info("Starting SZR-Client initialization .... ");
+    final URL url = SzrClient.class.getResource("/szr_client/SZR_v4.0.wsdl");
+
+    final boolean useTestSzr = basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE,
+        true);
+
+    if (useTestSzr) {
+      log.debug("Initializing SZR test environment configuration.");
+      qname = SzrService.SZRTestumgebung;
+      szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService"));
+      szr = szrService.getSzrTestumgebung();
+      szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_TEST);
+
+    } else {
+      log.debug("Initializing SZR productive configuration.");
+      qname = SzrService.SZRProduktionsumgebung;
+      szrService = new SzrService(url, new QName("urn:SZRServices", "SZRService"));
+      szr = szrService.getSzrProduktionsumgebung();
+      szrUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_ENDPOINT_PROD);
+
+    }
+
+    // create raw client;
+    dispatch = szrService.createDispatch(qname, Source.class, javax.xml.ws.Service.Mode.PAYLOAD);
+
+    if (StringUtils.isEmpty(szrUrl)) {
+      log.error("No SZR service-URL found. SZR-Client initalisiation failed.");
+      throw new RuntimeException("No SZR service URL found. SZR-Client initalisiation failed.");
+
+    }
+
+    // check if Clients can be initialized
+    if (szr == null) {
+      log.error("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
+      throw new RuntimeException("SZR " + CLIENT_DEFAULT + " is 'NULL'. Something goes wrong");
+
+    }
+    if (dispatch == null) {
+      log.error("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
+      throw new RuntimeException("SZR " + CLIENT_RAW + " is 'NULL'. Something goes wrong");
+
+    }
+
+    // inject handler
+    log.info("Use SZR service-URL: " + szrUrl);
+    injectBindingProvider((BindingProvider) szr, CLIENT_DEFAULT);
+    injectBindingProvider(dispatch, CLIENT_RAW);
+
+    // inject http parameters and SSL context
+    log.debug("Inject HTTP client settings ... ");
+    injectHttpClient(szr, CLIENT_DEFAULT);
+    injectHttpClient(dispatch, CLIENT_RAW);
+
+    log.info("SZR-Client initialization successfull");
+  }
+
+  private void injectHttpClient(Object raw, String clientType) {
+    // extract client from implementation
+    Client client = null;
+    if (raw instanceof DispatchImpl<?>) {
+      client = ((DispatchImpl<?>) raw).getClient();
+    } else if (raw instanceof Client) {
+      client = ClientProxy.getClient(raw);
+    } else {
+      throw new RuntimeException("SOAP Client for SZR connection is of UNSUPPORTED type: " + raw.getClass()
+          .getName());
+    }
+
+    // set basic connection policies
+    final HTTPConduit http = (HTTPConduit) client.getConduit();
+
+    // set timeout policy
+    final HTTPClientPolicy httpClientPolicy = new HTTPClientPolicy();
+    httpClientPolicy.setConnectionTimeout(
+        Integer.parseInt(basicConfig.getBasicConfiguration(
+            Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_CONNECTION,
+            Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION)) * 1000);
+    httpClientPolicy.setReceiveTimeout(
+        Integer.parseInt(basicConfig.getBasicConfiguration(
+            Constants.CONIG_PROPS_EIDAS_SZRCLIENT_TIMEOUT_RESPONSE,
+            Constants.HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE)) * 1000);
+    http.setClient(httpClientPolicy);
+
+    // inject SSL context in case of https
+    if (szrUrl.toLowerCase().startsWith("https")) {
+      log.debug("Adding SSLContext to client: " + clientType + " ... ");
+      final TLSClientParameters tlsParams = new TLSClientParameters();
+      tlsParams.setSSLSocketFactory(createSslContext(clientType).getSocketFactory());
+      http.setTlsClientParameters(tlsParams);
+      log.info("SSLContext initialized for client: " + clientType);
+
+    }
+
+  }
+
+  private void injectBindingProvider(BindingProvider bindingProvider, String clientType) {
+    final Map<String, Object> requestContext = bindingProvider.getRequestContext();
+    requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, szrUrl);
+
+    log.trace("Adding JAX-WS request/response trace handler to client: " + clientType);
+    List<Handler> handlerList = bindingProvider.getBinding().getHandlerChain();
+    if (handlerList == null) {
+      handlerList = new ArrayList<>();
+      bindingProvider.getBinding().setHandlerChain(handlerList);
+
+    }
+
+    // add logging handler to trace messages if required
+    if (basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES,
+        false)) {
+      final LoggingHandler loggingHandler = new LoggingHandler();
+      handlerList.add(loggingHandler);
+
+    }
+    bindingProvider.getBinding().setHandlerChain(handlerList);
+  }
+
+  private SSLContext createSslContext(String clientType) {
+    try {
+      final SSLContext context = SSLContext.getInstance("TLS");
+
+      // initialize key-mangager for SSL client-authentication
+      KeyManager[] keyManager = null;
+      final String keyStorePath = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PATH);
+      final String keyStorePassword = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_KEYSTORE_PASSWORD);
+      if (StringUtils.isNotEmpty(keyStorePath)) {
+        log.trace("Find keyStore path: " + keyStorePath + " Injecting SSL client certificate ... ");
+        try {
+          final KeyStore keyStore = KeyStoreUtils.loadKeyStore(
+              FileUtils.makeAbsoluteUrl(keyStorePath, basicConfig.getConfigurationRootDirectory()),
+              keyStorePassword);
+
+          final KeyManagerFactory kmf = KeyManagerFactory.getInstance("SunX509");
+          kmf.init(keyStore, keyStorePassword.toCharArray());
+          keyManager = kmf.getKeyManagers();
+          log.debug("SSL client certificate injected to client: " + clientType);
+
+        } catch (KeyStoreException | IOException | UnrecoverableKeyException e) {
+          log.error("Can NOT load SSL client certificate from path: " + keyStorePath);
+          throw new RuntimeException("Can NOT load SSL client certificate from path: " + keyStorePath, e);
+
+        }
+      } else {
+        log.debug(
+            "No KeyStore for SSL Client Auth. found. Initializing SSLContext without authentication ... ");
+
+      }
+
+      // initialize SSL TrustStore
+      TrustManager[] trustManager = null;
+      final String trustStorePath = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PATH);
+      final String trustStorePassword = basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SSL_TRUSTSTORE_PASSWORD);
+      if (StringUtils.isNotEmpty(trustStorePath)) {
+        log.trace("Find trustStore path: " + trustStorePath + " Injecting SSL TrustStore ... ");
+        try {
+          final KeyStore trustStore = KeyStoreUtils.loadKeyStore(
+              FileUtils.makeAbsoluteUrl(trustStorePath, basicConfig.getConfigurationRootDirectory()),
+              trustStorePassword);
+
+          final TrustManagerFactory tmf = TrustManagerFactory.getInstance("SunX509");
+          tmf.init(trustStore);
+          trustManager = tmf.getTrustManagers();
+          log.debug("SSL TrustStore injected to client: " + clientType);
+
+        } catch (KeyStoreException | IOException e) {
+          log.error("Can NOT open SSL TrustStore from path: " + trustStorePath);
+          throw new RuntimeException("Can NOT open SSL TrustStore from path: " + trustStorePath, e);
+
+        }
+
+      } else {
+        log.debug("No custom SSL TrustStore found. Initializing SSLContext with JVM default truststore ... ");
+
+      }
+
+      context.init(keyManager, trustManager, new SecureRandom());
+      return context;
+
+    } catch (NoSuchAlgorithmException | KeyManagementException e) {
+      log.error("SSLContext initialization FAILED.", e);
+      throw new RuntimeException("SSLContext initialization FAILED.", e);
+
+    }
+
+  }
+
+  private void injectMdsIfAvailableAndActive(Map<String, Object> eidsaBindMap, ErnbEidData eidData) {
+    if (basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_SET_MDS_TO_EIDASBIND, false)) {
+      log.info("Injecting MDS into eidasBind ... ");
+      final Map<String, Object> mds = new HashMap<>();      
+      mds.put(PvpAttributeDefinitions.PRINCIPAL_NAME_NAME, eidData.getFamilyName());
+      mds.put(PvpAttributeDefinitions.GIVEN_NAME_NAME, eidData.getGivenName());
+      mds.put(PvpAttributeDefinitions.BIRTHDATE_NAME, eidData.getFormatedDateOfBirth());     
+      eidsaBindMap.put(ATTR_NAME_MDS, mds);
+      
+    }
+  }
+  
+  private byte[] sourceToByteArray(Source result) throws TransformerException {
+    final TransformerFactory factory = TransformerFactory.newInstance();
+    factory.setFeature(XMLConstants.FEATURE_SECURE_PROCESSING, true);
+    final Transformer transformer = factory.newTransformer();
+    transformer.setOutputProperty("omit-xml-declaration", "yes");
+    transformer.setOutputProperty("method", "xml");
+    final ByteArrayOutputStream out = new ByteArrayOutputStream();
+    final StreamResult streamResult = new StreamResult();
+    streamResult.setOutputStream(out);
+    transformer.transform(result, streamResult);
+    return out.toByteArray();
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java
new file mode 100644
index 00000000..dde868b1
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/szr/SzrService.java
@@ -0,0 +1,164 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.szr;
+
+import java.net.URL;
+
+import javax.xml.namespace.QName;
+import javax.xml.ws.Service;
+import javax.xml.ws.WebEndpoint;
+import javax.xml.ws.WebServiceClient;
+import javax.xml.ws.WebServiceFeature;
+
+import szrservices.SZR;
+
+/**
+ * This class was generated by Apache CXF 3.1.16 2018-07-10T09:36:01.466+02:00
+ * Generated source version: 3.1.16
+ *
+ */
+@WebServiceClient(name = "SZRService",
+    wsdlLocation = "./src/main/resources/szr_client/SZR-1.WSDL",
+    targetNamespace = "urn:SZRServices")
+public class SzrService extends Service {
+
+  public static final URL WSDL_LOCATION;
+
+  public static final QName SERVICE = new QName("urn:SZRServices", "SZRService");
+  public static final QName SZRProduktionsumgebung = new QName("urn:SZRServices", "SZRProduktionsumgebung");
+  public static final QName SZRTestumgebung = new QName("urn:SZRServices", "SZRTestumgebung");
+  public static final QName SZRBusinesspartnerTestumgebung = new QName("urn:SZRServices",
+      "SZRBusinesspartnerTestumgebung");
+  
+  static {
+    URL url = SzrService.class.getResource("./src/main/resources/szr_client/SZR-1.WSDL");
+    if (url == null) {
+      url = SzrService.class.getClassLoader().getResource("/szr_client/SZR-1.WSDL");
+    }
+    if (url == null) {
+      java.util.logging.Logger.getLogger(SzrService.class.getName())
+          .log(java.util.logging.Level.INFO,
+              "Can not initialize the default wsdl from {0}", "/szr_client/SZR-1.WSDL");
+    }
+    WSDL_LOCATION = url;
+
+  }
+
+  public SzrService(URL wsdlLocation) {
+    super(wsdlLocation, SERVICE);
+  }
+
+  public SzrService(URL wsdlLocation, QName serviceName) {
+    super(wsdlLocation, serviceName);
+  }
+
+  public SzrService() {
+    super(WSDL_LOCATION, SERVICE);
+  }
+
+  public SzrService(WebServiceFeature... features) {
+    super(WSDL_LOCATION, SERVICE, features);
+  }
+
+  public SzrService(URL wsdlLocation, WebServiceFeature... features) {
+    super(wsdlLocation, SERVICE, features);
+  }
+
+  public SzrService(URL wsdlLocation, QName serviceName, WebServiceFeature... features) {
+    super(wsdlLocation, serviceName, features);
+  }
+
+  /**
+   * Get SZR Web-Service.
+   *
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRProduktionsumgebung")
+  public SZR getSzrProduktionsumgebung() {
+    return super.getPort(SZRProduktionsumgebung, SZR.class);
+  }
+
+  /**
+   * Get SZR Web-Service.
+   * 
+   * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+   *                 on the proxy. Supported features not in the
+   *                 <code>features</code> parameter will have their default
+   *                 values.
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRProduktionsumgebung")
+  public SZR getSzrProduktionsumgebung(WebServiceFeature... features) {
+    return super.getPort(SZRProduktionsumgebung, SZR.class, features);
+  }
+
+  /**
+   *Get SZR Web-Service.
+   *
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRTestumgebung")
+  public SZR getSzrTestumgebung() {
+    return super.getPort(SZRTestumgebung, SZR.class);
+  }
+
+  /**
+   * Get SZR Web-Service.
+   * 
+   * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+   *                 on the proxy. Supported features not in the
+   *                 <code>features</code> parameter will have their default
+   *                 values.
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRTestumgebung")
+  public SZR getSzrTestumgebung(WebServiceFeature... features) {
+    return super.getPort(SZRTestumgebung, SZR.class, features);
+  }
+
+  /**
+   * Get SZR Web-Service.
+   *
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
+  public SZR getSzrBusinesspartnerTestumgebung() {
+    return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class);
+  }
+
+  /**
+   * Get SZR Web-Service.
+   * 
+   * @param features A list of {@link javax.xml.ws.WebServiceFeature} to configure
+   *                 on the proxy. Supported features not in the
+   *                 <code>features</code> parameter will have their default
+   *                 values.
+   * @return returns SZR
+   */
+  @WebEndpoint(name = "SZRBusinesspartnerTestumgebung")
+  public SZR getSzrBusinesspartnerTestumgebung(WebServiceFeature... features) {
+    return super.getPort(SZRBusinesspartnerTestumgebung, SZR.class, features);
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
new file mode 100644
index 00000000..6b1b96de
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -0,0 +1,503 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+import org.xml.sax.SAXException;
+
+import com.google.common.collect.ImmutableMap;
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.core.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.AlternativeNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.builder.BpkBuilder;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+import lombok.Data;
+import lombok.extern.slf4j.Slf4j;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.TravelDocumentType;
+
+/**
+ * Task that creates the IdentityLink for an eIDAS authenticated person.
+ *
+ * @author tlenz
+ */
+@Slf4j
+@Component("CreateIdentityLinkTask")
+public class CreateIdentityLinkTask extends AbstractAuthServletTask {
+
+  @Autowired
+  private IConfiguration basicConfig;
+  @Autowired
+  private SzrClient szrClient;
+  @Autowired
+  private ICcSpecificEidProcessingService eidPostProcessor;
+  
+  @Autowired
+  private AuthBlockSigningService authBlockSigner;
+
+  private static final String EID_STATUS = "urn:eidgvat:eid.status.eidas";
+  
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.process.springweb.MoaIdTask#execute(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext,
+   * javax.servlet.http.HttpServletRequest,
+   * javax.servlet.http.HttpServletResponse)
+   */
+  @Override
+  public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
+      throws TaskExecutionException {
+    try {
+      final AuthProcessDataWrapper authProcessData = pendingReq.getSessionData(AuthProcessDataWrapper.class);
+      final ILightResponse eidasResponse = authProcessData
+          .getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE, ILightResponse.class);
+
+      final Map<String, Object> simpleAttrMap = convertEidasAttrToSimpleMap(
+          eidasResponse.getAttributes().getAttributeMap());
+
+      // post-process eIDAS attributes
+      final ErnbEidData eidData = eidPostProcessor.postProcess(simpleAttrMap);
+
+      // write MDS into technical log and revision log
+      writeMdsLogInformation(eidData);
+
+      //build IdentityLink or VSZ and eidasBind
+      if (basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USEDUMMY, false)) {
+        SzrResultHolder idlResult = createDummyIdentityLinkForTestDeployment(eidData);
+        //inject personal-data into session
+        authProcessData.setIdentityLink(idlResult.getIdentityLink());  
+        
+        // set bPK and bPKType into auth session
+        authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix(
+            idlResult.getBpK(), pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()));
+        authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
+                                                pendingReq.getServiceProviderConfiguration()
+                                                          .getAreaSpecificTargetIdentifier());
+                 
+      } else {
+        //build SZR request from eIDAS data        
+        final PersonInfoType personInfo = generateSzrRequest(eidData);
+        
+        //request SZR based on IDL or E-ID mode
+        if (pendingReq.getServiceProviderConfiguration()
+            .isConfigurationValue(MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE, false)) {
+
+          // get encrypted baseId
+          String vsz = szrClient.getEncryptedStammzahl(personInfo);
+                    
+          //write revision-Log entry and extended infos personal-identifier mapping
+          revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_VSZ_RECEIVED);
+          writeExtendedRevisionLogEntry(simpleAttrMap, eidData);
+          
+          
+          // get eIDAS bind
+          String signedEidasBind = szrClient.getEidsaBind(vsz, 
+              authBlockSigner.getBase64EncodedPublicKey(), 
+              EID_STATUS, eidData);
+          revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_EIDASBIND_RECEIVED);
+          authProcessData.setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, signedEidasBind);
+          
+          //get signed AuthBlock
+          String jwsSignature = authBlockSigner.buildSignedAuthBlock(pendingReq);
+          revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.TECH_AUCHBLOCK_CREATED);
+          authProcessData.setGenericDataToSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, jwsSignature);
+          
+          //inject personal-data into session
+          authProcessData.setEidProcess(true);
+               
+        } else {
+          //request SZR
+          SzrResultHolder idlResult = requestSzrForIdentityLink(personInfo);
+          
+          //write revision-Log entry for personal-identifier mapping
+          writeExtendedRevisionLogEntry(simpleAttrMap, eidData);
+          
+          //check result-data and write revision-log based on current state
+          checkStateAndWriteRevisionLog(idlResult);
+          
+          //inject personal-data into session
+          authProcessData.setIdentityLink(idlResult.getIdentityLink());  
+          authProcessData.setEidProcess(false);
+          
+          // set bPK and bPKType into auth session
+          authProcessData.setGenericDataToSession(PvpAttributeDefinitions.BPK_NAME, extendBpkByPrefix(
+              idlResult.getBpK(), pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier()));
+          authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME,
+                                                  pendingReq.getServiceProviderConfiguration()
+                                                            .getAreaSpecificTargetIdentifier());
+          
+        }
+      }
+      
+      //add generic info's into session
+      authProcessData.setForeigner(true);
+      authProcessData.setGenericDataToSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, EidasResponseUtils
+          .parseEidasPersonalIdentifier((String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER))
+          .getFirst());
+      authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+           
+      // store pending-request
+      requestStoreage.storePendingRequest(pendingReq);
+      
+      
+    } catch (final EidasAttributeException e) {
+      throw new TaskExecutionException(pendingReq, "Minimum required eIDAS attributeset not found.", e);
+
+    } catch (final EaafException e) {
+      throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
+    } catch (final Exception e) {
+      log.error("IdentityLink generation for foreign person FAILED.", e);
+      throw new TaskExecutionException(pendingReq, "IdentityLink generation for foreign person FAILED.", e);
+
+    }
+  }
+
+  private void writeExtendedRevisionLogEntry(Map<String, Object> simpleAttrMap, ErnbEidData eidData) {
+    // write ERnB input-data into revision-log
+    if (basicConfig.getBasicConfigurationBoolean(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE, false)) {
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_RAW_ID,
+                               (String) simpleAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER));
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_ERNB_EIDAS_ERNB_ID, eidData.getPseudonym());
+
+    }
+  }
+  
+  private PersonInfoType generateSzrRequest(ErnbEidData eidData) {
+    log.debug("Starting connecting SZR Gateway");
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    final TravelDocumentType eDocument = new TravelDocumentType();
+
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    personInfo.setTravelDocument(eDocument);
+
+    // person information
+    personName.setFamilyName(eidData.getFamilyName());
+    personName.setGivenName(eidData.getGivenName());
+    naturalPerson.setDateOfBirth(eidData.getFormatedDateOfBirth());
+    eDocument.setIssuingCountry(eidData.getCitizenCountryCode());
+    eDocument.setDocumentNumber(eidData.getPseudonym());
+
+    // eID document information
+    eDocument.setDocumentType(basicConfig
+                                  .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+                                                         Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+    // set PlaceOfBirth if available
+    if (eidData.getPlaceOfBirth() != null) {
+      log.trace("Find 'PlaceOfBirth' attribute: " + eidData.getPlaceOfBirth());
+      if (basicConfig
+          .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETPLACEOFBIRTHIFAVAILABLE,
+                                        true)) {
+        naturalPerson.setPlaceOfBirth(eidData.getPlaceOfBirth());
+        log.trace("Adding 'PlaceOfBirth' to ERnB request ... ");
+
+      }
+    }
+
+    // set BirthName if available
+    if (eidData.getBirthName() != null) {
+      log.trace("Find 'BirthName' attribute: " + eidData.getBirthName());
+      if (basicConfig
+          .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_SETBIRTHNAMEIFAVAILABLE,
+                                        true)) {
+        final AlternativeNameType alternativeName = new AlternativeNameType();
+        naturalPerson.setAlternativeName(alternativeName);
+        alternativeName.setFamilyName(eidData.getBirthName());
+        log.trace("Adding 'BirthName' to ERnB request ... ");
+
+      }
+    }
+    
+    return personInfo;
+    
+  }
+
+  private SzrResultHolder requestSzrForIdentityLink(PersonInfoType personInfo) 
+      throws SzrCommunicationException, EaafException {
+    //request IdentityLink from SZR
+    final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(personInfo);
+    
+    final Element idlFromSzr = (Element) result.getAssertion();
+    IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
+
+    // get bPK from SZR
+    String bpk = null;
+    if (basicConfig
+        .getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_USESRZFORBPKGENERATION, true)) {
+      List<String> bpkList = szrClient
+          .getBpk(personInfo, pendingReq.getServiceProviderConfiguration().getAreaSpecificTargetIdentifier(),
+                  basicConfig
+                      .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"));
+      if (!bpkList.isEmpty()) {
+        bpk = bpkList.get(0);
+        
+      }
+        
+
+    } else {
+      log.debug("Calculating bPK from baseId ... ");
+      new BpkBuilder();
+      final Pair<String, String> bpkCalc = BpkBuilder
+          .generateAreaSpecificPersonIdentifier(identityLink.getIdentificationValue(),
+                                                identityLink.getIdentificationType(),
+                                                pendingReq.getServiceProviderConfiguration()
+                                                          .getAreaSpecificTargetIdentifier());
+      bpk = bpkCalc.getFirst();
+
+    }
+    
+    return new SzrResultHolder(identityLink, bpk);
+    
+  }
+  
+  private void checkStateAndWriteRevisionLog(SzrResultHolder idlResult) throws SzrCommunicationException {
+    // write some infos into revision log
+    if (idlResult.getIdentityLink() == null) {
+      log.error("ERnB did not return an identity link.");
+      throw new SzrCommunicationException("ernb.00", null);
+
+    }
+    revisionsLogger.logEvent(pendingReq,
+                             MsConnectorEventCodes.SZR_IDL_RECEIVED,
+                             idlResult.getIdentityLink().getSamlAssertion()
+                                         .getAttribute(SimpleIdentityLinkAssertionParser.ASSERTIONID));
+
+    if (idlResult.getBpK() == null) {
+      log.error("ERnB did not return a bPK for target: " + pendingReq.getServiceProviderConfiguration()
+                                                                     .getAreaSpecificTargetIdentifier());
+      throw new SzrCommunicationException("ernb.01", null);
+
+    }
+    revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.SZR_BPK_RECEIVED);
+    log.debug("ERnB communication was successfull");
+        
+  }
+  
+  private String extendBpkByPrefix(String bpk, String type) {
+    String bpkType = null;
+
+    if (type.startsWith(EaafConstants.URN_PREFIX_WBPK)) {
+      bpkType = type.substring(EaafConstants.URN_PREFIX_WBPK.length());
+    } else if (type.startsWith(EaafConstants.URN_PREFIX_CDID)) {
+      bpkType = type.substring(EaafConstants.URN_PREFIX_CDID.length());
+    } else if (type.startsWith(EaafConstants.URN_PREFIX_EIDAS)) {
+      bpkType = type.substring(EaafConstants.URN_PREFIX_EIDAS.length());
+    }
+
+    if (bpkType != null) {
+      log.trace("Authenticate user with bPK/wbPK " + bpk + " and Type=" + bpkType);
+      return bpkType + ":" + bpk;
+
+    } else {
+      log.warn("Service Provider Target with: " + type + " is NOT supported. Set bPK as it is ...");
+      return bpk;
+
+    }
+
+  }
+
+  private Map<String, Object> convertEidasAttrToSimpleMap(
+      ImmutableMap<AttributeDefinition<?>, ImmutableSet<? extends AttributeValue<?>>> attributeMap) {
+    final Map<String, Object> result = new HashMap<>();
+
+    for (final AttributeDefinition<?> el : attributeMap.keySet()) {
+
+      final Class<?> parameterizedType = el.getParameterizedType();
+      if (DateTime.class.equals(parameterizedType)) {
+        final DateTime attribute = EidasResponseUtils.translateDateAttribute(el, attributeMap.get(el).asList());
+        if (attribute != null) {
+          result.put(el.getFriendlyName(), attribute);
+          log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + attribute.toString());
+
+        } else {
+          log.info("Ignore empty 'DateTime' attribute");
+        }
+
+      } else if (PostalAddress.class.equals(parameterizedType)) {
+        final PostalAddress addressAttribute = EidasResponseUtils
+            .translateAddressAttribute(el, attributeMap.get(el).asList());
+        if (addressAttribute != null) {
+          result.put(el.getFriendlyName(), addressAttribute);
+          log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + addressAttribute.toString());
+
+        } else {
+          log.info("Ignore empty 'PostalAddress' attribute");
+        }
+
+      } else {
+        final List<String> natPersonIdObj = EidasResponseUtils
+            .translateStringListAttribute(el, attributeMap.get(el));
+        final String stringAttr = natPersonIdObj.get(0);
+        if (StringUtils.isNotEmpty(stringAttr)) {
+          result.put(el.getFriendlyName(), stringAttr);
+          log.trace("Find attr '" + el.getFriendlyName() + "' with value: " + stringAttr);
+
+        } else {
+          log.info("Ignore empty 'String' attribute");
+        }
+
+      }
+    }
+
+    log.debug("Receive #" + result.size() + " attributes with names: " + result.keySet().toString());
+
+    return result;
+  }
+
+  private void writeMdsLogInformation(ErnbEidData eidData) {
+    // log MDS and country code into technical log
+    if (basicConfig
+        .getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_TECHNICALLOG_WRITE_MDS_INTO_TECH_LOG, false)) {
+      log.info("eIDAS Auth. for user: " + eidData.getGivenName() + " " + eidData.getFamilyName() + " " + eidData
+          .getFormatedDateOfBirth() + " " + "from " + eidData.getCitizenCountryCode());
+    }
+
+    // log MDS and country code into revision log
+    if (basicConfig
+        .getBasicConfigurationBoolean(MsEidasNodeConstants.PROP_CONFIG_REVISIONLOG_WRITE_MDS_INTO_REVISION_LOG,
+                                      false)) {
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_MDSDATA,
+                               "{" + eidData.getGivenName() + "," + eidData.getFamilyName() + "," + eidData
+                                   .getFormatedDateOfBirth() + "," + eidData.getCitizenCountryCode() + "}");
+    }
+
+  }
+  
+  @Data
+  private static class SzrResultHolder {    
+    final IIdentityLink identityLink;
+    final String bpK;
+    
+  }
+    
+  /**
+   * Build a dummy IdentityLink and a dummy bPK based on eIDAS information.
+   * 
+   * <br><br>
+   * <b>FOR LOCAL TESTING ONLY!!!</b>
+   * 
+   * @param eidData Information from eIDAS response
+   * @return IdentityLink and bPK
+   * @throws ParserConfigurationException In case of an IDL processing error
+   * @throws SAXException In case of an IDL processing error
+   * @throws IOException In case of an IDL processing error
+   * @throws EaafException In case of a bPK generation error
+   */
+  private SzrResultHolder createDummyIdentityLinkForTestDeployment(ErnbEidData eidData) 
+      throws ParserConfigurationException, SAXException, IOException, EaafException {
+    log.warn("SZR-Dummy IS ACTIVE! IdentityLink is NOT VALID!!!!");
+    // create fake IdL
+    // - fetch IdL template from resources
+    final InputStream s = CreateIdentityLinkTask.class
+        .getResourceAsStream("/resources/xmldata/fakeIdL_IdL_template.xml");
+    final Element idlTemplate = DomUtils.parseXmlValidating(s);
+
+    IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlTemplate).parseIdentityLink();
+
+    // replace data
+    final Element idlassertion = identityLink.getSamlAssertion();
+
+    // - set fake baseID;
+    final Node prIdentification = XPathUtils
+        .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_IDENT_VALUE_XPATH);
+    prIdentification.getFirstChild().setNodeValue(eidData.getPseudonym());
+
+    // - set last name
+    final Node prFamilyName = XPathUtils
+        .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_FAMILY_NAME_XPATH);
+    prFamilyName.getFirstChild().setNodeValue(eidData.getFamilyName());
+
+    // - set first name
+    final Node prGivenName = XPathUtils
+        .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_GIVEN_NAME_XPATH);
+    prGivenName.getFirstChild().setNodeValue(eidData.getGivenName());
+
+    // - set date of birth
+    final Node prDateOfBirth = XPathUtils
+        .selectSingleNode(idlassertion, SimpleIdentityLinkAssertionParser.PERSON_DATE_OF_BIRTH_XPATH);
+
+    prDateOfBirth.getFirstChild().setNodeValue(eidData.getFormatedDateOfBirth());
+
+    identityLink = new SimpleIdentityLinkAssertionParser(idlassertion).parseIdentityLink();
+
+    final Pair<String, String> bpkCalc = BpkBuilder
+        .generateAreaSpecificPersonIdentifier(identityLink.getIdentificationValue(),
+                                              identityLink.getIdentificationType(),
+                                              pendingReq.getServiceProviderConfiguration()
+                                                        .getAreaSpecificTargetIdentifier());   
+    return new SzrResultHolder(identityLink, bpkCalc.getFirst());
+    
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
new file mode 100644
index 00000000..b43c1bc2
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
@@ -0,0 +1,255 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import java.util.UUID;
+
+import javax.servlet.ServletException;
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.stereotype.Component;
+import org.springframework.web.util.UriComponentsBuilder;
+
+import at.asitplus.eidas.specific.core.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.gui.StaticGuiBuilderConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.extern.slf4j.Slf4j;
+
+/**
+ * Authentication-process task that generates the Authn. Request to eIDAS Node.
+ * 
+ * @author tlenz
+ *
+ */
+@Slf4j
+@Component("ConnecteIDASNodeTask")
+public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
+
+  @Autowired
+  IConfiguration basicConfig;
+  @Autowired
+  ApplicationContext context;
+  @Autowired
+  ITransactionStorage transactionStore;
+  @Autowired
+  ISpringMvcGuiFormBuilder guiBuilder;
+  @Autowired
+  ICcSpecificEidProcessingService ccSpecificProcessing;
+
+  @Override
+  public void execute(ExecutionContext executionContext,
+      HttpServletRequest request, HttpServletResponse response)
+      throws TaskExecutionException {
+
+    try {
+      // get target, environment and validate citizen countryCode
+      final String citizenCountryCode = (String) executionContext.get(
+          MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+      final String environment = (String) executionContext.get(
+          MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT);
+
+      if (StringUtils.isEmpty(citizenCountryCode)) {
+        // illegal state; task should not have been executed without a selected country
+        throw new EidasSAuthenticationException("eidas.03", new Object[] { "" });
+
+      }
+
+      // TODO: maybe add countryCode validation before request ref. impl. eIDAS node
+      log.info("Request eIDAS auth. for citizen of country: " + citizenCountryCode);
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.COUNTRY_SELECTED, citizenCountryCode);
+
+      // build eIDAS AuthnRequest
+      final LightRequest.Builder authnRequestBuilder = LightRequest.builder();
+      authnRequestBuilder.id(UUID.randomUUID().toString());
+
+      // set nameIDFormat
+      authnRequestBuilder.nameIdFormat(
+          authConfig.getBasicConfiguration(Constants.CONFIG_PROP_EIDAS_NODE_NAMEIDFORMAT));
+
+      // set citizen country code for foreign uses
+      authnRequestBuilder.citizenCountryCode(citizenCountryCode);
+      
+      //set Issuer
+      final String issur = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID);
+      if (StringUtils.isEmpty(issur)) {
+        log.error("Found NO 'eIDAS node issuer' in configuration. Authentication NOT possible!");
+        throw new EaafConfigurationException("config.27",
+            new Object[] { "Application config containts NO " + Constants.CONIG_PROPS_EIDAS_NODE_ENTITYID });
+
+      }
+      authnRequestBuilder.issuer(issur);
+
+      
+      // Add country-specific informations into eIDAS request
+      ccSpecificProcessing.preProcess(citizenCountryCode, pendingReq, authnRequestBuilder);
+
+      // build request
+      final LightRequest lightAuthnReq = authnRequestBuilder.build();
+
+      // put request into Hazelcast cache
+      final BinaryLightToken token = putRequestInCommunicationCache(lightAuthnReq);
+      final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token);
+
+      // Workaround, because eIDAS node ref. impl. does not return relayState
+      if (basicConfig.getBasicConfigurationBoolean(
+          Constants.CONIG_PROPS_EIDAS_NODE_WORKAROUND_USEREQUESTIDASTRANSACTIONIDENTIFIER,
+          false)) {
+        log.trace("Put lightRequestId into transactionstore as session-handling backup");
+        transactionStore.put(lightAuthnReq.getId(), pendingReq.getPendingRequestId(), -1);
+
+      }
+
+      // select forward URL regarding the selected environment
+      String forwardUrl = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL);
+      if (StringUtils.isNotEmpty(environment)) {
+        forwardUrl = selectedForwardUrlForEnvironment(environment);
+      }
+
+      if (StringUtils.isEmpty(forwardUrl)) {
+        log.warn("NO ForwardURL defined in configuration. Can NOT forward to eIDAS node! Process stops");
+        throw new EaafConfigurationException("config.08", new Object[] {
+            environment == null ? Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+                : Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL + "." + environment
+        });
+
+      }
+      log.debug("ForwardURL: " + forwardUrl + " selected to forward eIDAS request");
+
+      if (basicConfig.getBasicConfiguration(
+          Constants.CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD,
+          Constants.FORWARD_METHOD_GET).equals(Constants.FORWARD_METHOD_GET)) {
+
+        log.debug("Use http-redirect for eIDAS node forwarding ...  ");
+        // send redirect
+        final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(forwardUrl);
+        redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64);
+        response.sendRedirect(redirectUrl.build().encode().toString());
+
+      } else {
+        log.debug("Use http-post for eIDAS node forwarding ...  ");
+        final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
+            basicConfig,
+            pendingReq,
+            Constants.TEMPLATE_POST_FORWARD_NAME,
+            null,
+            resourceLoader);
+
+        config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl);
+        config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME,
+            EidasParameterKeys.TOKEN.toString());
+        config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE,
+            tokenBase64);
+
+        guiBuilder.build(request, response, config, "Forward to eIDASNode form");
+
+      }
+
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.EIDAS_NODE_CONNECTED, lightAuthnReq.getId());
+
+    } catch (final EidasSAuthenticationException e) {
+      throw new TaskExecutionException(pendingReq, "eIDAS AuthnRequest generation FAILED.", e);
+
+    } catch (final Exception e) {
+      log.warn("eIDAS AuthnRequest generation FAILED.", e);
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    }
+
+  }
+
+  /**
+   * Select a forward URL from configuration for a specific environment <br>
+   * <br>
+   * <b>Info: </b> This method is needed, because eIDAS Ref. Impl only supports
+   * one countrycode on each instance. In consequence, more than one eIDAS Ref.
+   * Impl nodes are required to support producation, testing, or QS stages for one
+   * country by using one ms-specific eIDAS connector
+   * 
+   * @param environment Environment selector from CountrySlection page
+   * @return
+   */
+  private String selectedForwardUrlForEnvironment(String environment) {
+    log.trace("Starting endpoint selection process for environment: " + environment + " ... ");
+    if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION)) {
+      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL);
+    } else if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS)) {
+      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+          + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS);
+    } else if (environment.equalsIgnoreCase(
+        MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING)) {
+      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+          + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING);
+    } else if (environment.equalsIgnoreCase(
+        MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT)) {
+      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+          + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT);
+    }
+
+    log.info("Environment selector: " + environment + " is not supported");
+    return null;
+
+  }
+
+  private BinaryLightToken putRequestInCommunicationCache(ILightRequest lightRequest)
+      throws ServletException {
+    final BinaryLightToken binaryLightToken;
+    try {
+      final SpecificCommunicationService springManagedSpecificConnectorCommunicationService =
+          (SpecificCommunicationService) context.getBean(
+              SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
+
+      binaryLightToken = springManagedSpecificConnectorCommunicationService.putRequest(lightRequest);
+
+    } catch (final SpecificCommunicationException e) {
+      log.error("Unable to process specific request");
+      throw new ServletException(e);
+
+    }
+
+    return binaryLightToken;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
new file mode 100644
index 00000000..8d5df99f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -0,0 +1,130 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.asitplus.eidas.specific.core.MsConnectorEventCodes;
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import eu.eidas.auth.commons.light.ILightResponse;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+@Component("ReceiveResponseFromeIDASNodeTask")
+public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
+
+  @Autowired
+  private IConfiguration basicConfig;
+  @Autowired
+  private EidasAttributeRegistry attrRegistry;
+
+  @Override
+  public void execute(ExecutionContext executionContext, HttpServletRequest request,
+      HttpServletResponse response) throws TaskExecutionException {
+    try {
+      final ILightResponse eidasResponse = (ILightResponse) request.getAttribute(
+          Constants.DATA_FULL_EIDAS_RESPONSE);
+      if (eidasResponse == null) {
+        log.warn("NO eIDAS response-message found.");
+        throw new EidasSAuthenticationException("eidas.01", null);
+
+      }
+
+      log.debug("Receive eIDAS response with RespId:" + eidasResponse.getId() + " for ReqId:" + eidasResponse
+          .getInResponseToId());
+      log.trace("Full eIDAS-Resp: " + eidasResponse.toString());
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse
+          .getId());
+
+      // check response StatusCode
+      if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+        log.info("Receice eIDAS Response with StatusCode:" + eidasResponse.getStatus().getStatusCode()
+            + " Subcode:" + eidasResponse.getStatus().getSubStatusCode() + " Msg:" + eidasResponse.getStatus()
+                .getStatusMessage());
+        throw new EidasSAuthenticationException("eidas.02", new Object[] { eidasResponse.getStatus()
+            .getStatusCode(), eidasResponse.getStatus().getStatusMessage() });
+
+      }
+
+      // extract all Attributes from response
+
+      // **********************************************************
+      // ******* MS-specificresponse validation **********
+      // **********************************************************
+      final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
+          Constants.DEFAULT_MS_NODE_COUNTRY_CODE);
+      final String citizenCountryCode = (String) executionContext.get(
+          MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode,
+          attrRegistry);
+
+      // **********************************************************
+      // ******* Store resonse infos into session object **********
+      // **********************************************************
+
+      // update MOA-Session data with received information
+      log.debug("Store eIDAS response information into pending-request.");
+      final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
+      authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+      authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+
+      
+      //inject set flag to inject 
+      authProcessData.setTestIdentity(
+          basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false));
+            
+      // store MOA-session to database
+      requestStoreage.storePendingRequest(pendingReq);
+
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
+
+    } catch (final EaafException e) {
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
+      throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e);
+
+    } catch (final Exception e) {
+      log.warn("eIDAS Response processing FAILED.", e);
+      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
+      throw new TaskExecutionException(pendingReq, e.getMessage(),
+          new EidasSAuthenticationException("eidas.05", new Object[] { e.getMessage() }, e));
+
+    }
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
new file mode 100644
index 00000000..c8c5a069
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
@@ -0,0 +1,179 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
+
+import java.util.ArrayList;
+import java.util.List;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.annotation.Nullable;
+
+import org.apache.commons.lang3.StringUtils;
+import org.joda.time.DateTime;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.ImmutableList;
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.attribute.AttributeValueMarshaller;
+import eu.eidas.auth.commons.attribute.AttributeValueMarshallingException;
+import eu.eidas.auth.commons.attribute.AttributeValueTransliterator;
+import eu.eidas.auth.commons.protocol.eidas.impl.PostalAddress;
+
+public class EidasResponseUtils {
+  private static final Logger log = LoggerFactory.getLogger(EidasResponseUtils.class);
+
+  public static final String PERSONALIDENIFIER_VALIDATION_PATTERN = "^[A-Z,a-z]{2}/[A-Z,a-z]{2}/.*";
+
+  /**
+   * Validate a eIDAS PersonalIdentifier attribute value This validation is done
+   * according to eIDAS SAML Attribute Profile - Section 2.2.3 Unique Identifier
+   * 
+   * @param uniqueID eIDAS attribute value of a unique identifier
+   * @return true if the uniqueID matches to eIDAS to Unique Identifier
+   *         specification, otherwise false
+   */
+  public static boolean validateEidasPersonalIdentifier(String uniqueID) {
+    final Pattern pattern = Pattern.compile(PERSONALIDENIFIER_VALIDATION_PATTERN);
+    final Matcher matcher = pattern.matcher(uniqueID);
+    return matcher.matches();
+
+  }
+
+  /**
+   * Parse an eIDAS PersonalIdentifier attribute value into it components. This
+   * processing is done according to eIDAS SAML Attribute Profile - Section 2.2.3
+   * Unique Identifier
+   * 
+   * @param uniqueID eIDAS attribute value of a unique identifier
+   * @return {@link Trible} that contains: <br>
+   *         First : citizen country <br>
+   *         Second: destination country <br>
+   *         Third : unique identifier <br>
+   *         or null if the attribute value has a wrong format
+   */
+  public static Triple<String, String, String> parseEidasPersonalIdentifier(String uniqueID) {
+    if (!validateEidasPersonalIdentifier(uniqueID)) {
+      log.error("eIDAS attribute value for {} looks wrong formated. Value: {}", 
+          Constants.eIDAS_ATTR_PERSONALIDENTIFIER, uniqueID);
+      return null;
+
+    }
+    return Triple.newInstance(uniqueID.substring(0, 2), uniqueID.substring(3, 5), uniqueID.substring(6));
+
+  }
+
+  /**
+   * Get eIDAS attribute-values from eIDAS Node attributes. 
+   * 
+   * @param attributeDefinition eIDAS attribute definition
+   * @param attributeValues Attributes from eIDAS response
+   * @return Set of attribute values. If more then one value than the first value contains the 'Latin' value. 
+   */
+  // TODO: check possible problem with nonLatinCharacters
+  public static List<String> translateStringListAttribute(AttributeDefinition<?> attributeDefinition,
+      ImmutableSet<? extends AttributeValue<?>> attributeValues) {
+    final List<String> stringListAttribute = new ArrayList<>();
+    if (attributeValues != null) {
+      final AttributeValueMarshaller<?> attributeValueMarshaller = attributeDefinition
+          .getAttributeValueMarshaller();
+      for (final AttributeValue<?> attributeValue : attributeValues.asList()) {
+        String valueString = null;
+        try {
+          valueString = attributeValueMarshaller.marshal((AttributeValue) attributeValue);
+
+          log.trace("Find attr: {} with value: {} nonLatinFlag: {} needTransliteration: {}",
+              attributeDefinition.getFriendlyName(), attributeValue.toString(),
+              attributeValue.isNonLatinScriptAlternateVersion(), 
+              AttributeValueTransliterator.needsTransliteration(valueString));
+
+          // if (attributeValue.isNonLatinScriptAlternateVersion()) {
+          if (!AttributeValueTransliterator.needsTransliteration(valueString)) {
+            stringListAttribute.add(0, valueString);
+
+          } else {
+            log.trace("Find 'needsTransliteration' flag. Setting this value at last list element ... ");
+            stringListAttribute.add(valueString);
+
+          }
+
+        } catch (final AttributeValueMarshallingException e) {
+          throw new IllegalStateException(e);
+
+        }
+      }
+
+      log.trace("Extract values: {} for attr: {}", 
+          StringUtils.join(stringListAttribute, ","), attributeDefinition.getFriendlyName());
+      
+    } else {
+      log.info("Can not extract infos from 'null' attribute value");
+      
+    }
+
+    return stringListAttribute;
+
+  }
+
+  /**
+   * Convert eIDAS DateTime attribute to Java Object. 
+   * 
+   * @param attributeDefinition eIDAS attribute definition.
+   * @param attributeValues eIDAS attribute value
+   * @return
+   */
+  @Nullable
+  public static DateTime translateDateAttribute(AttributeDefinition<?> attributeDefinition,
+      ImmutableList<? extends AttributeValue<?>> attributeValues) {
+    if (attributeValues.size() != 0) {
+      final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
+      return (DateTime) firstAttributeValue.getValue();
+
+    }
+
+    return null;
+  }
+
+  /**
+   * Concert eIDAS Address attribute to Java object.
+   * 
+   * @param attributeDefinition eIDAS attribute definition
+   * @param attributeValues eIDAS attribute value
+   * @return
+   */
+  @Nullable
+  public static PostalAddress translateAddressAttribute(AttributeDefinition<?> attributeDefinition,
+      ImmutableList<? extends AttributeValue<?>> attributeValues) {
+    final AttributeValue<?> firstAttributeValue = attributeValues.get(0);
+    return (PostalAddress) firstAttributeValue.getValue();
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java
new file mode 100644
index 00000000..e81c4c92
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/JoseUtils.java
@@ -0,0 +1,305 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
+
+import at.gv.egiz.eaaf.core.exception.EaafKeyUsageException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.utils.X509Utils;
+import lombok.AllArgsConstructor;
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+import org.apache.commons.lang3.StringUtils;
+import org.jose4j.jca.ProviderContext;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.jws.JsonWebSignature;
+import org.jose4j.jwx.Headers;
+import org.jose4j.jwx.JsonWebStructure;
+import org.jose4j.keys.resolvers.X509VerificationKeyResolver;
+import org.jose4j.lang.JoseException;
+import org.springframework.util.Base64Utils;
+
+import javax.annotation.Nonnull;
+import java.io.IOException;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.Provider;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+
+/**
+ * {@link JoseUtils} provides static methods JWS and JWE processing.
+ *
+ * @author tlenz
+ *
+ */
+@Slf4j
+public class JoseUtils {
+
+  /**
+   * Create a JWS signature.
+   *
+   * <p>
+   * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case
+   * of a RSA based key and
+   * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256}
+   * in case of an ECC based key.
+   * </p>
+   *
+   * @param keyStore               KeyStore that should be used
+   * @param keyAlias               Alias of the private key
+   * @param keyPassword            Password to access the key
+   * @param payLoad                PayLoad to sign
+   * @param addFullCertChain       If true the full certificate chain will be
+   *                               added, otherwise only the
+   *                               X509CertSha256Fingerprint is added into JOSE
+   *                               header
+   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
+   *                               purposes only
+   * @return Signed PayLoad in serialized form
+   * @throws EaafException In case of a key-access or key-usage error
+   * @throws JoseException In case of a JOSE error
+   */
+  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
+      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
+      @Nonnull final String payLoad, boolean addFullCertChain,
+      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
+    return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, Collections.emptyMap(),
+        AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+        friendlyNameForLogging);
+
+  }
+
+  /**
+   * Create a JWS signature.
+   *
+   * <p>
+   * Use {@link AlgorithmIdentifiers.RSA_PSS_USING_SHA256} in case
+   * of a RSA based key and
+   * {@link AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256}
+   * in case of an ECC based key.
+   * </p>
+   *
+   * @param keyStore               KeyStore that should be used
+   * @param keyAlias               Alias of the private key
+   * @param keyPassword            Password to access the key
+   * @param payLoad                PayLoad to sign
+   * @param addFullCertChain       If true the full certificate chain will be
+   *                               added, otherwise only the
+   *                               X509CertSha256Fingerprint is added into JOSE
+   *                               header
+   * @param joseHeaders            HeaderName and HeaderValue that should be set
+   *                               into JOSE header
+   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
+   *                               purposes only
+   * @return Signed PayLoad in serialized form
+   * @throws EaafException In case of a key-access or key-usage error
+   * @throws JoseException In case of a JOSE error
+   */
+  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
+      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
+      @Nonnull final String payLoad, boolean addFullCertChain,
+      @Nonnull final Map<String, String> joseHeaders,
+      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
+    return createSignature(keyStore, keyAlias, keyPassword, payLoad, addFullCertChain, joseHeaders,
+        AlgorithmIdentifiers.RSA_PSS_USING_SHA256, AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+        friendlyNameForLogging);
+
+  }
+
+  /**
+   * Create a JWS signature.
+   *
+   * @param keyStore               KeyStore that should be used
+   * @param keyAlias               Alias of the private key
+   * @param keyPassword            Password to access the key
+   * @param payLoad                PayLoad to sign
+   * @param addFullCertChain       If true the full certificate chain will be
+   *                               added, otherwise only the
+   *                               X509CertSha256Fingerprint is added into JOSE
+   *                               header
+   * @param joseHeaders            HeaderName and HeaderValue that should be set
+   *                               into JOSE header
+   * @param rsaAlgToUse            Signing algorithm that should be used in case
+   *                               of a signing key based on RSA
+   * @param eccAlgToUse            Signing algorithm that should be used in case
+   *                               of a signing key based on ECC
+   * @param friendlyNameForLogging FriendlyName for the used KeyStore for logging
+   *                               purposes only
+   * @return Signed PayLoad in serialized form
+   * @throws EaafException In case of a key-access or key-usage error
+   * @throws JoseException In case of a JOSE error
+   */
+  public static String createSignature(@Nonnull Pair<KeyStore, Provider> keyStore,
+      @Nonnull final String keyAlias, @Nonnull final char[] keyPassword,
+      @Nonnull final String payLoad, boolean addFullCertChain,
+      @Nonnull final Map<String, String> joseHeaders,
+      @Nonnull final String rsaAlgToUse, @Nonnull final String eccAlgToUse,
+      @Nonnull String friendlyNameForLogging) throws EaafException, JoseException {
+
+    final JsonWebSignature jws = new JsonWebSignature();
+
+    // set payload
+    jws.setPayload(payLoad);
+
+    // set JOSE headers
+    for (final Entry<String, String> el : joseHeaders.entrySet()) {
+      log.trace("Set JOSE header: {} with value: {} into JWS", el.getKey(), el.getValue());
+      jws.setHeader(el.getKey(), el.getValue());
+
+    }
+
+    // set signing information
+    final Pair<Key, X509Certificate[]> signingCred = EaafKeyStoreUtils.getPrivateKeyAndCertificates(
+        keyStore.getFirst(), keyAlias, keyPassword, true, friendlyNameForLogging);
+    jws.setKey(signingCred.getFirst());
+    jws.setAlgorithmHeaderValue(getKeyOperationAlgorithmFromCredential(
+        jws.getKey(), rsaAlgToUse, eccAlgToUse, friendlyNameForLogging));
+
+    // set special provider if required
+    if (keyStore.getSecond() != null) {
+      log.trace("Injecting special Java Security Provider: {}", keyStore.getSecond().getName());
+      final ProviderContext providerCtx = new ProviderContext();
+      providerCtx.getSuppliedKeyProviderContext().setSignatureProvider(
+          keyStore.getSecond().getName());
+      jws.setProviderContext(providerCtx);
+
+    }
+
+    if (addFullCertChain) {
+      jws.setCertificateChainHeaderValue(signingCred.getSecond());
+
+    }
+
+    jws.setX509CertSha256ThumbprintHeaderValue(signingCred.getSecond()[0]);
+
+    return jws.getCompactSerialization();
+
+  }
+
+  /**
+   * Verify a JOSE signature.
+   *
+   * @param serializedContent Serialized content that should be verified
+   * @param trustedCerts      Trusted certificates that should be used for
+   *                          verification
+   * @param constraints       {@link AlgorithmConstraints} for verification
+   * @return {@link JwsResult} object
+   * @throws JoseException In case of a signature verification error
+   * @throws IOException   In case of a general error
+   */
+  public static JwsResult validateSignature(@Nonnull final String serializedContent,
+      @Nonnull final List<X509Certificate> trustedCerts, @Nonnull final AlgorithmConstraints constraints)
+      throws JoseException, IOException {
+    final JsonWebSignature jws = new JsonWebSignature();
+    // set payload
+    jws.setCompactSerialization(serializedContent);
+
+    // set security constrains
+    jws.setAlgorithmConstraints(constraints);
+
+    // load signinc certs
+    Key selectedKey = null;
+    final List<X509Certificate> x5cCerts = jws.getCertificateChainHeaderValue();
+    final String x5t256 = jws.getX509CertSha256ThumbprintHeaderValue();
+    if (x5cCerts != null) {
+      log.debug("Found x509 certificate in JOSE header ... ");
+      log.trace("Sorting received X509 certificates ... ");
+      final List<X509Certificate> sortedX5cCerts = X509Utils.sortCertificates(x5cCerts);
+
+      if (trustedCerts.contains(sortedX5cCerts.get(0))) {
+        selectedKey = sortedX5cCerts.get(0).getPublicKey();
+
+      } else {
+        log.info("Can NOT find JOSE certificate in truststore.");
+        if (log.isDebugEnabled()) {
+          try {
+            log.debug("Cert: {}", Base64Utils.encodeToString(sortedX5cCerts.get(0).getEncoded()));
+
+          } catch (final CertificateEncodingException e) {
+            log.warn("Can not create DEBUG output", e);
+
+          }
+        }
+      }
+
+    } else if (StringUtils.isNotEmpty(x5t256)) {
+      log.debug("Found x5t256 fingerprint in JOSE header .... ");
+      final X509VerificationKeyResolver x509VerificationKeyResolver = new X509VerificationKeyResolver(
+          trustedCerts);
+      selectedKey = x509VerificationKeyResolver.resolveKey(jws, Collections.<JsonWebStructure>emptyList());
+
+    } else {
+      throw new JoseException("JWS contains NO signature certificate or NO certificate fingerprint");
+
+    }
+
+    if (selectedKey == null) {
+      throw new JoseException("Can NOT select verification key for JWS. Signature verification FAILED");
+
+    }
+
+    // set verification key
+    jws.setKey(selectedKey);
+
+    // load payLoad
+    return new JwsResult(
+        jws.verifySignature(),
+        jws.getUnverifiedPayload(),
+        jws.getHeaders(),
+        x5cCerts);
+
+  }
+
+  /**
+   * Select signature algorithm for a given credential.
+   *
+   * @param key                    {@link X509Credential} that will be used for
+   *                               key operations
+   * @param rsaSigAlgorithm        RSA based algorithm that should be used in case
+   *                               of RSA credential
+   * @param ecSigAlgorithm         EC based algorithm that should be used in case
+   *                               of RSA credential
+   * @param friendlyNameForLogging KeyStore friendlyName for logging purposes
+   * @return either the RSA based algorithm or the EC based algorithm
+   * @throws EaafKeyUsageException In case of an unsupported private-key type
+   */
+  private static String getKeyOperationAlgorithmFromCredential(Key key,
+      String rsaSigAlgorithm, String ecSigAlgorithm, String friendlyNameForLogging)
+      throws EaafKeyUsageException {
+    if (key instanceof RSAPrivateKey) {
+      return rsaSigAlgorithm;
+
+    } else if (key instanceof ECPrivateKey) {
+      return ecSigAlgorithm;
+
+    } else {
+      log.warn("Could NOT select the cryptographic algorithm from Private-Key type");
+      throw new EaafKeyUsageException(EaafKeyUsageException.ERROR_CODE_01,
+          friendlyNameForLogging,
+          "Can not select cryptographic algorithm");
+
+    }
+
+  }
+
+  private JoseUtils() {
+
+  }
+
+  @Getter
+  @AllArgsConstructor
+  public static class JwsResult {
+    final boolean valid;
+    final String payLoad;
+    final Headers fullJoseHeader;
+    final List<X509Certificate> x5cCerts;
+
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java
new file mode 100644
index 00000000..70290cd3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/LoggingHandler.java
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.utils;
+
+import java.io.ByteArrayOutputStream;
+import java.util.Set;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.SOAPMessage;
+import javax.xml.ws.handler.MessageContext;
+import javax.xml.ws.handler.soap.SOAPHandler;
+import javax.xml.ws.handler.soap.SOAPMessageContext;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+public class LoggingHandler implements SOAPHandler<SOAPMessageContext> {
+
+  Logger log = LoggerFactory.getLogger(LoggingHandler.class);
+
+  @Override
+  public boolean handleMessage(SOAPMessageContext context) {
+    final SOAPMessage msg = context.getMessage();
+    final ByteArrayOutputStream bos = new ByteArrayOutputStream();
+
+    try {
+      msg.writeTo(bos);
+      log.trace(bos.toString("UTF-8"));
+      log.trace(new String(bos.toByteArray(), "UTF-8"));
+
+    } catch (final Exception e) {
+      log.trace(e.getMessage(), e);
+    }
+    return true;
+  }
+
+  @Override
+  public boolean handleFault(SOAPMessageContext context) {
+    return handleMessage(context);
+  }
+
+  @Override
+  public void close(MessageContext context) {
+  }
+
+  @Override
+  public Set<QName> getHeaders() {
+    return null;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
new file mode 100644
index 00000000..9d9a0647
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
@@ -0,0 +1,175 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.validator;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.AttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.eidas.LevelOfAssurance;
+
+/**
+ * eIDAS Response validator implementation.
+ * 
+ * @author tlenz
+ *
+ */
+public class EidasResponseValidator {
+  private static final Logger log = LoggerFactory.getLogger(EidasResponseValidator.class);
+
+  /**
+   * Validate an eIDAS Response according to internal state.
+   * 
+   * @param pendingReq Current pending request
+   * @param eidasResponse eIDAS response object
+   * @param spCountry Country-Code of the Service Provider
+   * @param citizenCountryCode Country-Code of the Citizen
+   * @param attrRegistry eIDAS Attribute registry implementation
+   * @throws EidasValidationException In case of an validation error
+   */
+  public static void validateResponse(IRequest pendingReq, ILightResponse eidasResponse, String spCountry,
+      String citizenCountryCode, EidasAttributeRegistry attrRegistry) throws EidasValidationException {
+
+    /*-----------------------------------------------------|
+     * validate received LoA against minimum required LoA  |
+     *_____________________________________________________|
+     */
+    final LevelOfAssurance respLoA = LevelOfAssurance.fromString(eidasResponse.getLevelOfAssurance());
+    final List<String> allowedLoAs = pendingReq.getServiceProviderConfiguration().getRequiredLoA();
+    boolean loaValid = false;
+    for (final String allowedLoaString : allowedLoAs) {
+      final LevelOfAssurance allowedLoa = LevelOfAssurance.fromString(allowedLoaString);
+      if (respLoA.numericValue() >= allowedLoa.numericValue()) {
+        log.debug("Response contains valid LoA. Resume process ... ");
+        loaValid = true;
+        break;
+
+      } else {
+        log.trace("Allowed LoA: " + allowedLoaString + " DOES NOT match response LoA: " + eidasResponse
+            .getLevelOfAssurance());
+      }
+
+    }
+
+    if (!loaValid) {
+      log.error("eIDAS Response LevelOfAssurance is lower than the required! "
+          + "(Resp-LoA:{} Req-LoA:{} )", respLoA.getValue(), allowedLoAs.toArray());
+      throw new EidasValidationException("eidas.06", new Object[] { respLoA.getValue() });
+
+    }
+
+    /*-----------------------------------------------------|
+     *     validate 'PersonalIdentifier' attribute         |
+     *_____________________________________________________|
+     */
+    final AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final ImmutableSet<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes()
+        .getAttributeMap().get(attrDefinition);
+    final List<String> personalIdObj = EidasResponseUtils.translateStringListAttribute(attrDefinition,
+        attributeValues);
+
+    // check if attribute exists
+    if (personalIdObj == null || personalIdObj.isEmpty()) {
+      log.warn("eIDAS Response include NO 'PersonalIdentifier' attriubte "
+          + ".... That can be a BIG problem in further processing steps");
+      throw new EidasValidationException("eidas.05", new Object[] { "NO 'PersonalIdentifier' attriubte" });
+
+    } else if (personalIdObj.size() > 1) {
+      log.warn("eIDAS Response include MORE THAN ONE 'PersonalIdentifier' attriubtes "
+          + ".... That can be a BIG problem in further processing steps");
+      throw new EidasValidationException("eidas.05", new Object[] {
+          "MORE THAN ONE 'PersonalIdentifier' attriubtes" });
+
+    } else {
+      final String natPersId = personalIdObj.get(0);
+      // validate attribute value format
+      final Triple<String, String, String> split =
+          EidasResponseUtils.parseEidasPersonalIdentifier(natPersId);
+      if (split == null) {
+        throw new EidasValidationException("eidas.07",
+            new Object[] {
+                Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                "Wrong identifier format" });
+
+      } else {
+        // validation according to eIDAS SAML Attribute Profile, Section 2.2.3
+        if (StringUtils.isEmpty(split.getSecond())) {
+          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+              + " includes NO destination country. Value:" + natPersId);
+          throw new EidasValidationException("eidas.07",
+              new Object[] {
+                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  "No or empty destination country" });
+
+        }
+        if (!split.getSecond().equalsIgnoreCase(spCountry)) {
+          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+              + " includes wrong destination country. Value:" + natPersId
+              + " SP-Country:" + spCountry);
+          throw new EidasValidationException("eidas.07",
+              new Object[] {
+                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  "Destination country does not match to SP country" });
+
+        }
+
+        if (StringUtils.isEmpty(split.getFirst())) {
+          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+              + " includes NO citizen country. Value:" + natPersId);
+          throw new EidasValidationException("eidas.07",
+              new Object[] {
+                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  "No or empty citizen country" });
+
+        }
+        if (!split.getFirst().equalsIgnoreCase(citizenCountryCode)) {
+          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+              + " includes a citizen country that does not match to service-provider country. "
+              + " Value:" + natPersId
+              + " citiczen Country:" + spCountry);
+          throw new EidasValidationException("eidas.07",
+              new Object[] {
+                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  "Citizen country does not match to eIDAS-node country that generates the response" });
+
+        }
+      }
+    }
+
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 00000000..a8d2991d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
new file mode 100644
index 00000000..55bb1ace
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS.Authentication.process.xml
@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="eIDASAuthentication_v2"
+  xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+
+  <pd:Task id="createAuthnRequest" class="ConnecteIDASNodeTask" />
+  <pd:Task id="receiveAuthnResponse"
+    class="ReceiveResponseFromeIDASNodeTask" async="true" />
+  <pd:Task id="finalizeAuthentication"
+    class="FinalizeAuthenticationTask" />
+  <pd:Task id="generateIdentityLink"
+    class="CreateIdentityLinkTask" />
+
+  <pd:StartEvent id="start" />
+  
+  <pd:Transition  from="start" 
+                  to="createAuthnRequest" />
+  <pd:Transition  from="createAuthnRequest"
+                  to="receiveAuthnResponse" />
+  <pd:Transition  from="receiveAuthnResponse"
+                  to="generateIdentityLink" />
+  <pd:Transition  from="generateIdentityLink"
+                  to="finalizeAuthentication" />
+  <pd:Transition  from="finalizeAuthentication" 
+                  to="end" />
+  
+  <pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml
new file mode 100644
index 00000000..a72ac1e8
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/additional-attributes.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2017 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence.
+  -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>Dynamic attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry>
+    <entry key="1.FriendlyName">AdditionalAttribute</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">false</entry>
+    <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="1.XmlType.LocalPart">string</entry>
+    <entry key="1.XmlType.NamespacePrefix">xs</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry>
+    <entry key="2.FriendlyName">LegalAdditionalAttribute</entry>
+    <entry key="2.PersonType">LegalPerson</entry>
+    <entry key="2.Required">false</entry>
+    <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="2.XmlType.LocalPart">string</entry>
+    <entry key="2.XmlType.NamespacePrefix">xs</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+</properties>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml
new file mode 100644
index 00000000..c9288d59
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eIDAS/eidas-attributes.xml
@@ -0,0 +1,379 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!--
+  ~ Copyright (c) 2017 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence.
+  -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>eIDAS attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry>
+    <entry key="1.FriendlyName">PersonIdentifier</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">true</entry>
+    <entry key="1.UniqueIdentifier">true</entry>
+    <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry>
+    <entry key="2.FriendlyName">FamilyName</entry>
+    <entry key="2.PersonType">NaturalPerson</entry>
+    <entry key="2.Required">true</entry>
+    <entry key="2.TransliterationMandatory">true</entry>
+    <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry>
+    <entry key="3.FriendlyName">FirstName</entry>
+    <entry key="3.PersonType">NaturalPerson</entry>
+    <entry key="3.Required">true</entry>
+    <entry key="3.TransliterationMandatory">true</entry>
+    <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry>
+    <entry key="4.FriendlyName">DateOfBirth</entry>
+    <entry key="4.PersonType">NaturalPerson</entry>
+    <entry key="4.Required">true</entry>
+    <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="4.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry>
+    <entry key="5.FriendlyName">BirthName</entry>
+    <entry key="5.PersonType">NaturalPerson</entry>
+    <entry key="5.Required">false</entry>
+    <entry key="5.TransliterationMandatory">true</entry>
+    <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="5.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry>
+    <entry key="6.FriendlyName">PlaceOfBirth</entry>
+    <entry key="6.PersonType">NaturalPerson</entry>
+    <entry key="6.Required">false</entry>
+    <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry>
+    <entry key="7.FriendlyName">CurrentAddress</entry>
+    <entry key="7.PersonType">NaturalPerson</entry>
+    <entry key="7.Required">false</entry>
+    <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="7.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry>
+    <entry key="8.FriendlyName">Gender</entry>
+    <entry key="8.PersonType">NaturalPerson</entry>
+    <entry key="8.Required">false</entry>
+    <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="8.XmlType.LocalPart">GenderType</entry>
+    <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry>
+    <entry key="9.FriendlyName">LegalPersonIdentifier</entry>
+    <entry key="9.PersonType">LegalPerson</entry>
+    <entry key="9.Required">true</entry>
+    <entry key="9.UniqueIdentifier">true</entry>
+    <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry>
+    <entry key="10.FriendlyName">LegalName</entry>
+    <entry key="10.PersonType">LegalPerson</entry>
+    <entry key="10.Required">true</entry>
+    <entry key="10.TransliterationMandatory">true</entry>
+    <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="10.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry>
+    <entry key="11.FriendlyName">LegalAddress</entry>
+    <entry key="11.PersonType">LegalPerson</entry>
+    <entry key="11.Required">false</entry>
+    <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry>
+    <entry key="12.FriendlyName">VATRegistration</entry>
+    <entry key="12.PersonType">LegalPerson</entry>
+    <entry key="12.Required">false</entry>
+    <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry>
+    <entry key="13.FriendlyName">TaxReference</entry>
+    <entry key="13.PersonType">LegalPerson</entry>
+    <entry key="13.Required">false</entry>
+    <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="13.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry>
+    <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry>
+    <entry key="14.PersonType">LegalPerson</entry>
+    <entry key="14.Required">false</entry>
+    <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry>
+    <entry key="15.FriendlyName">LEI</entry>
+    <entry key="15.PersonType">LegalPerson</entry>
+    <entry key="15.Required">false</entry>
+    <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="15.XmlType.LocalPart">LEIType</entry>
+    <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry>
+    <entry key="16.FriendlyName">EORI</entry>
+    <entry key="16.PersonType">LegalPerson</entry>
+    <entry key="16.Required">false</entry>
+    <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="16.XmlType.LocalPart">EORIType</entry>
+    <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry>
+    <entry key="17.FriendlyName">SEED</entry>
+    <entry key="17.PersonType">LegalPerson</entry>
+    <entry key="17.Required">false</entry>
+    <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="17.XmlType.LocalPart">SEEDType</entry>
+    <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry>
+    <entry key="18.FriendlyName">SIC</entry>
+    <entry key="18.PersonType">LegalPerson</entry>
+    <entry key="18.Required">false</entry>
+    <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="18.XmlType.LocalPart">SICType</entry>
+    <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry>
+    <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry>
+    <entry key="19.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="19.Required">false</entry>
+    <entry key="19.UniqueIdentifier">true</entry>
+    <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry>
+    <entry key="20.FriendlyName">RepresentativeFamilyName</entry>
+    <entry key="20.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="20.Required">false</entry>
+    <entry key="20.TransliterationMandatory">true</entry>
+    <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry>
+    <entry key="21.FriendlyName">RepresentativeFirstName</entry>
+    <entry key="21.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="21.Required">false</entry>
+    <entry key="21.TransliterationMandatory">true</entry>
+    <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry>
+    <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry>
+    <entry key="22.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="22.Required">false</entry>
+    <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="22.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry>
+    <entry key="23.FriendlyName">RepresentativeBirthName</entry>
+    <entry key="23.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="23.Required">false</entry>
+    <entry key="23.TransliterationMandatory">true</entry>
+    <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="23.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry>
+    <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry>
+    <entry key="24.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="24.Required">false</entry>
+    <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry>
+    <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry>
+    <entry key="25.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="25.Required">false</entry>
+    <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="25.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry>
+    <entry key="26.FriendlyName">RepresentativeGender</entry>
+    <entry key="26.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="26.Required">false</entry>
+    <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="26.XmlType.LocalPart">GenderType</entry>
+    <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry>
+    <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry>
+    <entry key="27.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="27.Required">false</entry>
+    <entry key="27.UniqueIdentifier">true</entry>
+    <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry>
+    <entry key="28.FriendlyName">RepresentativeLegalName</entry>
+    <entry key="28.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="28.Required">false</entry>
+    <entry key="28.TransliterationMandatory">true</entry>
+    <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="28.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="29.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="29.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="29.Required">false</entry>
+    <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="30.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="30.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="30.Required">false</entry>
+    <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry>
+    <entry key="31.FriendlyName">RepresentativeTaxReference</entry>
+    <entry key="31.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="31.Required">false</entry>
+    <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="31.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry>
+    <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry>
+    <entry key="32.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="32.Required">false</entry>
+    <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry>
+    <entry key="33.FriendlyName">RepresentativeLEI</entry>
+    <entry key="33.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="33.Required">false</entry>
+    <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="33.XmlType.LocalPart">LEIType</entry>
+    <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry>
+    <entry key="34.FriendlyName">RepresentativeEORI</entry>
+    <entry key="34.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="34.Required">false</entry>
+    <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="34.XmlType.LocalPart">EORIType</entry>
+    <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry>
+    <entry key="35.FriendlyName">RepresentativeSEED</entry>
+    <entry key="35.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="35.Required">false</entry>
+    <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="35.XmlType.LocalPart">SEEDType</entry>
+    <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry>
+    <entry key="36.FriendlyName">RepresentativeSIC</entry>
+    <entry key="36.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="36.Required">false</entry>
+    <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="36.XmlType.LocalPart">SICType</entry>
+    <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="39.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="39.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="39.Required">false</entry>
+    <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="40.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="40.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="40.Required">false</entry>
+    <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+
+</properties>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
new file mode 100644
index 00000000..f37516f8
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+  <import
+    resource="classpath:specificCommunicationDefinitionApplicationContext.xml" />
+
+  <bean id="SZRClientForeIDAS"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
+
+  <bean id="specificConnectorAttributesFile"
+    class="java.lang.String">
+    <constructor-arg value="eidas-attributes.xml" />
+  </bean>
+
+  <bean id="specificAdditionalAttributesFile"
+    class="java.lang.String">
+    <constructor-arg value="additional-attributes.xml" />
+  </bean>
+
+  <bean id="specificConnectorAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="#{specificConnectorConfigRepository}#{specificConnectorAttributesFile}" />
+  </bean>
+
+  <bean id="specificConnectorAdditionalAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="#{specificConnectorConfigRepository}#{specificAdditionalAttributesFile}" />
+  </bean>
+
+  <bean id="eIDASAuthModule"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl">
+    <property name="priority" value="2" />
+  </bean>
+
+  <bean id="eIDASSignalServlet"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+
+  <bean id="attributeRegistry"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+    <property name="eidasAttributesFile"
+      ref="specificConnectorAttributesFileWithPath" />
+    <property name="additionalAttributesFile"
+      ref="specificConnectorAdditionalAttributesFileWithPath" />
+  </bean>
+
+  <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore" 
+    /> -->
+
+  <bean id="authBlockSigningService"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" />
+
+  <bean id="EIDPostProcessingService"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" />
+
+  <bean id="DE-Processor"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+  <bean id="LU-Processor"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+  <bean id="NL-Processor"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.NlEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+  <bean id="Default-Processor"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
+    <property name="priority" value="0" />
+  </bean>
+
+  <!-- Authentication Process Tasks -->
+  <bean id="ConnecteIDASNodeTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask"
+    scope="prototype" />
+
+  <bean id="ReceiveResponseFromeIDASNodeTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask"
+    scope="prototype" />
+
+  <bean id="CreateIdentityLinkTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask"
+    scope="prototype" />
+
+</beans>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml b/modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
new file mode 100644
index 00000000..91b8e5e4
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/resources/xmldata/fakeIdL_IdL_template.xml
@@ -0,0 +1,122 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml:Assertion
+  xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
+  xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#"
+  xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#"
+  xmlns:si="http://www.w3.org/2001/XMLSchema-instance"
+  AssertionID="szr.bmi.gv.at-AssertionID13456264458587874"
+  IssueInstant="2012-08-22T11:07:25+01:00"
+  Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1"
+  MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+  <saml:AttributeStatement>
+    <saml:Subject>
+      <saml:SubjectConfirmation>
+        <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches
+        </saml:ConfirmationMethod>
+        <saml:SubjectConfirmationData>
+          <pr:Person si:type="pr:PhysicalPersonType">
+            <pr:Identification>
+              <pr:Value>wJO/bvDJjUysG0yARn7I6w==</pr:Value>
+              <pr:Type>urn:publicid:gv.at:baseid</pr:Type>
+            </pr:Identification>
+            <pr:Name>
+              <pr:GivenName>XXXRúùd</pr:GivenName>
+              <pr:FamilyName primary="undefined">XXXVàn Nisteĺrooy
+              </pr:FamilyName>
+            </pr:Name>
+            <pr:DateOfBirth>1969-02-13</pr:DateOfBirth>
+          </pr:Person>
+        </saml:SubjectConfirmationData>
+      </saml:SubjectConfirmation>
+    </saml:Subject>
+    <saml:Attribute AttributeName="CitizenPublicKey"
+      AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+      <saml:AttributeValue>
+        <ecdsa:ECDSAKeyValue>
+          <ecdsa:DomainParameters>
+            <ecdsa:NamedCurve
+              URN="urn:oid:1.2.840.10045.3.1.7" />
+          </ecdsa:DomainParameters>
+          <ecdsa:PublicKey>
+            <ecdsa:X
+              Value="22280299907126338788314199678167217078072953115254374209747379168424021905237"
+              si:type="ecdsa:PrimeFieldElemType" />
+            <ecdsa:Y
+              Value="40387096985250872237992703378062984723606079359080588656963239072881568409170"
+              si:type="ecdsa:PrimeFieldElemType" />
+          </ecdsa:PublicKey>
+        </ecdsa:ECDSAKeyValue>
+      </saml:AttributeValue>
+    </saml:Attribute>
+    <saml:Attribute AttributeName="CitizenPublicKey"
+      AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+      <saml:AttributeValue>
+        <dsig:RSAKeyValue>
+          <dsig:Modulus>4Y4FL09VhczsfYQgFPuycP8quJNZBAAu1R1rFXNodI2711B6BTMjAGQn6xuFWfd3/nyFav/MLTr/
+            t2VazvANS4TRFxJAcWyIx7xbxCdzZr6gJ+FCmq4g5JPrQvt50v3JX+wKSYft1gHBOWlDn90Ia4Gm
+            P8MVuze21T+VVKM6ZklmS6d5PT1er/uYQFydGErmJ17xlSQG6Fi5xuftopBDyJxG1tL1KIebpLFg
+            gaM2EyuB1HxH8/+Mfqa4UgeqIH65
+          </dsig:Modulus>
+          <dsig:Exponent>AQAB</dsig:Exponent>
+        </dsig:RSAKeyValue>
+      </saml:AttributeValue>
+    </saml:Attribute>
+  </saml:AttributeStatement>
+  <dsig:Signature>
+    <dsig:SignedInfo>
+      <dsig:CanonicalizationMethod
+        Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
+      <dsig:SignatureMethod
+        Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
+      <dsig:Reference URI="">
+        <dsig:Transforms>
+          <dsig:Transform
+            Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+            <dsig:XPath>not(ancestor-or-self::pr:Identification)
+            </dsig:XPath>
+          </dsig:Transform>
+          <dsig:Transform
+            Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature" />
+        </dsig:Transforms>
+        <dsig:DigestMethod
+          Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+        <dsig:DigestValue>KEQEPY2O3Z3IRaISSSoRZVPzsHE=
+        </dsig:DigestValue>
+      </dsig:Reference>
+      <dsig:Reference
+        Type="http://www.w3.org/2000/09/xmldsig#Manifest"
+        URI="#manifest">
+        <dsig:DigestMethod
+          Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+        <dsig:DigestValue>gzGhjH1kdmPcPbgen0xojNIoJLk=
+        </dsig:DigestValue>
+      </dsig:Reference>
+    </dsig:SignedInfo>
+    <dsig:SignatureValue>
+      06wqWHgplwpu3N5HMhzb6QC5NkXMO1z4N4oc1L6eDqwZlvFJ9X1XGW//QqviKO9oog3il7IzdfJwnjygR4trgGCIqx+JYCDHJCrG9l8zlxlSW0ZqfsygGXthutcQ1aeUpfO6jYuhnWOUywa8BgzukRtWT+AOJBQZPRYTb8IBmey+uAwlhFLni94eMOd81l+efCvkWi3jRajwsG8ZOaNxSZT3aEV5vj+32Aqtx2MPEVzQWtIA7GqZi+EzcdSdHQvHhg7UB+8kqbU70ENAJbEMTANFZYvLOJ0Om9KfDtPf/+R2TvTc360fNo9RnPl04pHPhCIjcGZhFZorBpUhXFwd2Q==
+    </dsig:SignatureValue>
+    <dsig:KeyInfo>
+      <dsig:X509Data>
+        <dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=
+        </dsig:X509Certificate>
+      </dsig:X509Data>
+    </dsig:KeyInfo>
+    <dsig:Object>
+      <dsig:Manifest Id="manifest">
+        <dsig:Reference URI="">
+          <dsig:Transforms>
+            <dsig:Transform
+              Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+              <dsig:XPath>not(ancestor-or-self::dsig:Signature)
+              </dsig:XPath>
+            </dsig:Transform>
+          </dsig:Transforms>
+          <dsig:DigestMethod
+            Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
+          <dsig:DigestValue>8e7RjLnA4Mgltq5ruIJzheKGxu0=
+          </dsig:DigestValue>
+        </dsig:Reference>
+      </dsig:Manifest>
+    </dsig:Object>
+  </dsig:Signature>
+</saml:Assertion>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL
new file mode 100644
index 00000000..3c34458d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.1.WSDL
@@ -0,0 +1,939 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+	<types>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+			<xs:complexType name="PhysicalPersonType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" />
+					<xs:element minOccurs="1" name="Name" type="pd:PersonNameType" />
+					<xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" />
+					<xs:element minOccurs="0" name="Sex" type="xs:string" />
+					<xs:element minOccurs="0" name="DateOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="Nationality" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="IdentificationType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Value" type="xs:string" />
+					<xs:element minOccurs="0" name="Type" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PersonNameType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" />
+					<xs:element name="GivenName" type="xs:string" nillable="true" />
+					<xs:element name="FamilyName" type="xs:string" nillable="true" />
+					<xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="AlternativeNameType">
+				<xs:sequence>
+					<xs:element name="FamilyName" type="xs:string" nillable="true" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PostalAddressType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="PostalCode" type="xs:string" />
+					<xs:element minOccurs="0" name="Municipality" type="xs:string" />
+					<xs:element minOccurs="0" name="Locality" type="xs:string" />
+					<xs:element minOccurs="0" name="StateCode3" type="xs:string" />
+					<xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" />
+					<xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DeliveryAddressType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="AddressLine" type="xs:string" />
+					<xs:element minOccurs="0" name="StreetName" type="xs:string" />
+					<xs:element minOccurs="0" name="BuildingNumber" type="xs:string" />
+					<xs:element minOccurs="0" name="Unit" type="xs:string" />
+					<xs:element minOccurs="0" name="DoorNumber" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2001/04/xmldsig-more#">
+			<xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" nillable="true" />
+			<xs:complexType name="ECDSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DomainParameters" type="ecdsa:DomainParamsType" />
+					<xs:element name="PublicKey" type="ecdsa:ECPointType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DomainParamsType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="NamedCurve" type="ecdsa:NamedCurveType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="NamedCurveType">
+				<xs:attribute name="URN" type="xs:string" use="required" />
+			</xs:complexType>
+			<xs:complexType name="ECPointType">
+				<xs:sequence minOccurs="0">
+					<xs:element name="X" type="ecdsa:PrimeFieldElemType" />
+					<xs:element name="Y" type="ecdsa:PrimeFieldElemType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PrimeFieldElemType">
+				<xs:attribute name="Value" type="xs:string" use="required" />
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema">
+			<xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" />
+			<xs:complexType name="KeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DSAKeyValue" type="dsig:DSAKeyValueType" />
+					<xs:element minOccurs="0" name="RSAKeyValue" type="dsig:RSAKeyValueType" />
+					<xs:element minOccurs="0" ref="ecdsa:ECDSAKeyValue" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="P" type="xs:string" />
+					<xs:element minOccurs="0" name="Q" type="xs:string" />
+					<xs:element minOccurs="0" name="J" type="xs:string" />
+					<xs:element minOccurs="0" name="G" type="xs:string" />
+					<xs:element minOccurs="0" name="Y" type="xs:string" />
+					<!-- https://www.w3.org/TR/xmldsig-core/ defines PgenCounter THEN Seed, SZR.wsdl used Seed BEFORE PgenCounter. To keep it backwards compatible but allow the usual order, both ways are allowed. -->
+					<xs:choice maxOccurs="unbounded">
+						<xs:element minOccurs="0" name="PgenCounter" type="xs:string" />
+						<xs:element minOccurs="0" name="Seed" type="xs:string" />
+					</xs:choice>
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="RSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Modulus" type="xs:string" />
+					<xs:element minOccurs="0" name="Exponent" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices">
+			<xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" />
+			<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" />
+			<xs:element name="SZRException" type="szr:SZRException" />
+			<xs:complexType name="SZRException" />
+			<xs:complexType name="PersonInfoType">
+				<xs:sequence>
+					<xs:element name="Person" type="pd:PhysicalPersonType" />
+					<xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" />
+					<xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" />
+					<xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" />
+					<xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" />
+					<xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="TravelDocumentType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DocumentNumber" type="xs:string" />
+					<xs:element minOccurs="0" name="DocumentType" type="xs:string" />
+					<xs:element minOccurs="0" name="IssueDate" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingCountry" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="AddressCodesType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="GKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="OKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="SKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="ADRCD" type="xs:string" />
+					<xs:element minOccurs="0" name="SUBCD" type="xs:string" />
+					<xs:element minOccurs="0" name="OBJNR" type="xs:string" />
+					<xs:element minOccurs="0" name="NTZLNR" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="TransformBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element name="InputBPK" type="xs:string" />
+						<xs:element name="InputBereichsKennung" type="xs:string" />
+						<xs:element name="Begruendung" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="TransformBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermission">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="ParticipantId" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermissionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="IdentityLinkType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Assertion" type="xs:anyType" />
+					<xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="ResultRecord">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Register" type="xs:string" />
+					<xs:element name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP">
+						<xs:simpleType>
+							<xs:restriction base="xs:string">
+								<xs:enumeration value="NoInsert" />
+								<xs:enumeration value="InsertOnNoMatch" />
+								<xs:enumeration value="ForceInsert" />
+							</xs:restriction>
+						</xs:simpleType>
+					</xs:element>
+					<xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" />
+					<xs:element name="VKZ" type="xs:string" nillable="true" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					<xs:element minOccurs="0" name="Sessionid" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiResponseType">
+				<xs:complexContent>
+					<xs:extension base="szr:GetBPKZPVResponseType">
+						<xs:sequence>
+							<xs:element name="FoundWithSuchwizard" type="xs:boolean" />
+							<xs:element name="Sessionid" type="xs:string" />
+						</xs:sequence>
+					</xs:extension>
+				</xs:complexContent>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVResponseType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" />
+					<xs:element name="InsertERnPResult" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedRequestType">
+				<xs:sequence>
+					<xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" />
+					<xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetIdentityLinkEidas">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetIdentityLinkEidasResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+						<xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+						<xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKs">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKsResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="GetBPKsResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+					<xs:element minOccurs="0" name="Fault">
+						<xs:complexType>
+							<xs:attribute name="Code" type="xs:string" />
+							<xs:attribute name="String" type="xs:string" />
+						</xs:complexType>
+					</xs:element>
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetBPKKombi">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKKombiResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPV">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPVResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="IdentityLink" type="szr:IdentityLinkType" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="ValidateIdentityLinkReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element name="BPK" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="BPKzuBasiszahlReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="FremdBPKRequestType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="VKZ" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="FremdBPKType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="FremdBPK" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetVKZPermissionResponseType">
+				<xs:sequence>
+					<xs:element name="isAllowed" type="xs:boolean" />
+					<xs:element minOccurs="0" name="behSchluessel" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="BasiszahlZuBPKReturnType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ZMRAnwendungsIntegration">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+						<xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="ZMRAnwendungsIntegrationReturnType">
+				<xs:sequence>
+					<xs:element name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="ZMRAnwendungsIntegrationResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVersion" nillable="true" />
+			<xs:element name="GetVersionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Version" type="xs:string" />
+						<xs:element name="Revision" type="xs:string" />
+						<xs:element name="Time" type="xs:string" />
+						<xs:element name="IdentityLinkNotAfter" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:schema>
+		<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd">
+			<xs:include schemaLocation="pvp1.xsd" />
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext">
+			<xs:element name="Security">
+				<xs:complexType>
+					<xs:sequence>
+						<!-- add the pvpToken here. You can also uncomment the following line if you support XSD 1.1 -->
+						<!-- <xs:element ref="pvp:pvpToken" /> -->
+						<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+					<xs:anyAttribute processContents="lax" />
+				</xs:complexType>
+			</xs:element>
+		</xs:schema>
+	</types>
+	<message name="Header">
+		<part name="SecurityHeader" element="wsse:Security" />
+	</message>
+	<message name="GetIdentityLinkRequest">
+		<part element="szr:GetIdentityLink" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkResponse">
+		<part element="szr:GetIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkEidasRequest">
+		<part element="szr:GetIdentityLinkEidas" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkEidasResponse">
+		<part element="szr:GetIdentityLinkEidasResponse" name="parameters" />
+	</message>
+	<message name="GetBPKRequest">
+		<part element="szr:GetBPK" name="parameters" />
+	</message>
+	<message name="GetBPKResponse">
+		<part element="szr:GetBPKResponse" name="parameters" />
+	</message>
+	<message name="GetBPKsRequest">
+		<part element="szr:GetBPKs" name="parameters" />
+	</message>
+	<message name="GetBPKsResponse">
+		<part element="szr:GetBPKsResponse" name="parameters" />
+	</message>
+	<message name="GetBPKKombiRequest">
+		<part element="szr:GetBPKKombi" name="parameters" />
+	</message>
+	<message name="GetBPKKombiResponse">
+		<part element="szr:GetBPKKombiResponse" name="parameters" />
+	</message>
+	<message name="GetBPKZPVRequest">
+		<part element="szr:GetBPKZPV" name="parameters" />
+	</message>
+	<message name="GetBPKZPVResponse">
+		<part element="szr:GetBPKZPVResponse" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedRequest">
+		<part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedResponse">
+		<part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlRequest">
+		<part element="szr:BPKzuBasiszahl" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlResponse">
+		<part element="szr:BPKzuBasiszahlResponse" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKRequest">
+		<part element="szr:BasiszahlZuBPK" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKResponse">
+		<part element="szr:BasiszahlZuBPKResponse" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkRequest">
+		<part element="szr:ValidateIdentityLink" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkResponse">
+		<part element="szr:ValidateIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="TransformBPKRequest">
+		<part element="szr:TransformBPK" name="parameters" />
+	</message>
+	<message name="TransformBPKResponse">
+		<part element="szr:TransformBPKResponse" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionRequest">
+		<part element="szr:GetVKZPermission" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionResponse">
+		<part element="szr:GetVKZPermissionResponse" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationRequest">
+		<part element="szr:ZMRAnwendungsIntegration" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationResponse">
+		<part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlRequest">
+		<part element="szr:GetStammzahl" name="parameters" />
+	</message>
+	<message name="GetStammzahlResponse">
+		<part element="szr:GetStammzahlResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedRequest">
+		<part element="szr:GetStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedResponse">
+		<part element="szr:GetStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="GetVersionRequest">
+		<part element="szr:GetVersion" name="parameters" />
+	</message>
+	<message name="GetVersionResponse">
+		<part element="szr:GetVersionResponse" name="parameters" />
+	</message>
+	<message name="SZRException">
+		<part element="szr:SZRException" name="fault" />
+	</message>
+	<portType name="SZR">
+		<operation name="GetIdentityLink">
+			<input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" />
+			<output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetIdentityLinkEidas">
+			<input message="szr:GetIdentityLinkEidasRequest" name="GetIdentityLinkEidasRequest" />
+			<output message="szr:GetIdentityLinkEidasResponse" name="GetIdentityLinkEidasResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPK">
+			<jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws">
+				<jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle>
+			</jaxws:bindings>
+			<input message="szr:GetBPKRequest" name="GetBPKRequest" />
+			<output message="szr:GetBPKResponse" name="GetBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKs">
+			<input message="szr:GetBPKsRequest" name="GetBPKsRequest" />
+			<output message="szr:GetBPKsResponse" name="GetBPKsResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKKombi">
+			<input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" />
+			<output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKZPV">
+			<input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" />
+			<output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" />
+			<output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" />
+			<output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="TransformBPK">
+			<input message="szr:TransformBPKRequest" name="TransformBPKRequest" />
+			<output message="szr:TransformBPKResponse" name="TransformBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVKZPermission">
+			<input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" />
+			<output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" />
+			<output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" />
+			<output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" />
+			<output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahl">
+			<input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" />
+			<output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" />
+			<output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVersion">
+			<input message="szr:GetVersionRequest" name="GetVersionRequest" />
+			<output message="szr:GetVersionResponse" name="GetVersionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+	</portType>
+	<binding name="SZRSoapBinding" type="szr:SZR">
+		<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
+		<operation name="GetIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetIdentityLinkEidas">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetIdentityLinkEidasRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetIdentityLinkEidasResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKs">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKsRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKsResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKKombi">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKKombiRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKKombiResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKZPV">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKZPVRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKZPVResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKFromStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKFromStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVKZPermission">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVKZPermissionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVKZPermissionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ValidateIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ValidateIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="TransformBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="TransformBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="TransformBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BPKzuBasiszahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BPKzuBasiszahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BasiszahlZuBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BasiszahlZuBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ZMRAnwendungsIntegrationRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ZMRAnwendungsIntegrationResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVersion">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVersionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVersionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+	</binding>
+	<service name="SZRService">
+		<port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" />
+		</port>
+	</service>
+</definitions>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL
new file mode 100644
index 00000000..4ad2645a
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR-1.WSDL
@@ -0,0 +1,901 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+	<types>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+			<xs:complexType name="PhysicalPersonType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" />
+					<xs:element minOccurs="1" name="Name" type="pd:PersonNameType" />
+					<xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" />
+					<xs:element minOccurs="0" name="Sex" type="xs:string" />
+					<xs:element minOccurs="0" name="DateOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" />
+					<xs:element minOccurs="0" name="Nationality" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="IdentificationType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Value" type="xs:string" />
+					<xs:element minOccurs="0" name="Type" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PersonNameType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" />
+					<xs:element name="GivenName" type="xs:string" nillable="true" />
+					<xs:element name="FamilyName" type="xs:string" nillable="true" />
+					<xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="AlternativeNameType">
+				<xs:sequence>
+					<xs:element name="FamilyName" type="xs:string" nillable="true" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PostalAddressType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="PostalCode" type="xs:string" />
+					<xs:element minOccurs="0" name="Municipality" type="xs:string" />
+					<xs:element minOccurs="0" name="Locality" type="xs:string" />
+					<xs:element minOccurs="0" name="StateCode3" type="xs:string" />
+					<xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" />
+					<xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DeliveryAddressType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="AddressLine" type="xs:string" />
+					<xs:element minOccurs="0" name="StreetName" type="xs:string" />
+					<xs:element minOccurs="0" name="BuildingNumber" type="xs:string" />
+					<xs:element minOccurs="0" name="Unit" type="xs:string" />
+					<xs:element minOccurs="0" name="DoorNumber" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2001/04/xmldsig-more#">
+			<xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" nillable="true" />
+			<xs:complexType name="ECDSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DomainParameters" type="ecdsa:DomainParamsType" />
+					<xs:element name="PublicKey" type="ecdsa:ECPointType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DomainParamsType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="NamedCurve" type="ecdsa:NamedCurveType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="NamedCurveType">
+				<xs:attribute name="URN" type="xs:string" use="required" />
+			</xs:complexType>
+			<xs:complexType name="ECPointType">
+				<xs:sequence minOccurs="0">
+					<xs:element name="X" type="ecdsa:PrimeFieldElemType" />
+					<xs:element name="Y" type="ecdsa:PrimeFieldElemType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="PrimeFieldElemType">
+				<xs:attribute name="Value" type="xs:string" use="required" />
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema">
+			<xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" />
+			<xs:complexType name="KeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DSAKeyValue" type="dsig:DSAKeyValueType" />
+					<xs:element minOccurs="0" name="RSAKeyValue" type="dsig:RSAKeyValueType" />
+					<xs:element minOccurs="0" ref="ecdsa:ECDSAKeyValue" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="DSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="P" type="xs:string" />
+					<xs:element minOccurs="0" name="Q" type="xs:string" />
+					<xs:element minOccurs="0" name="J" type="xs:string" />
+					<xs:element minOccurs="0" name="G" type="xs:string" />
+					<xs:element minOccurs="0" name="Y" type="xs:string" />
+					<!-- https://www.w3.org/TR/xmldsig-core/ defines PgenCounter THEN Seed, SZR.wsdl used Seed BEFORE PgenCounter. To keep it backwards compatible but allow the usual order, both ways are allowed. -->
+					<xs:choice maxOccurs="unbounded">
+						<xs:element minOccurs="0" name="PgenCounter" type="xs:string" />
+						<xs:element minOccurs="0" name="Seed" type="xs:string" />
+					</xs:choice>
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="RSAKeyValueType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="Modulus" type="xs:string" />
+					<xs:element minOccurs="0" name="Exponent" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices">
+			<xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" />
+			<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" />
+			<xs:element name="SZRException" type="szr:SZRException" />
+			<xs:complexType name="SZRException" />
+			<xs:complexType name="PersonInfoType">
+				<xs:sequence>
+					<xs:element name="Person" type="pd:PhysicalPersonType" />
+					<xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" />
+					<xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" />
+					<xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" />
+					<xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" />
+					<xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="TravelDocumentType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DocumentNumber" type="xs:string" />
+					<xs:element minOccurs="0" name="DocumentType" type="xs:string" />
+					<xs:element minOccurs="0" name="IssueDate" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingCountry" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="AddressCodesType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="GKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="OKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="SKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="ADRCD" type="xs:string" />
+					<xs:element minOccurs="0" name="SUBCD" type="xs:string" />
+					<xs:element minOccurs="0" name="OBJNR" type="xs:string" />
+					<xs:element minOccurs="0" name="NTZLNR" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="TransformBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element name="InputBPK" type="xs:string" />
+						<xs:element name="InputBereichsKennung" type="xs:string" />
+						<xs:element name="Begruendung" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="TransformBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermission">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="ParticipantId" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermissionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="IdentityLinkType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Assertion" type="xs:anyType" />
+					<xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="ResultRecord">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Register" type="xs:string" />
+					<xs:element name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP">
+						<xs:simpleType>
+							<xs:restriction base="xs:string">
+								<xs:enumeration value="NoInsert" />
+								<xs:enumeration value="InsertOnNoMatch" />
+								<xs:enumeration value="ForceInsert" />
+							</xs:restriction>
+						</xs:simpleType>
+					</xs:element>
+					<xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" />
+					<xs:element name="VKZ" type="xs:string" nillable="true" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					<xs:element minOccurs="0" name="Sessionid" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiResponseType">
+				<xs:complexContent>
+					<xs:extension base="szr:GetBPKZPVResponseType">
+						<xs:sequence>
+							<xs:element name="FoundWithSuchwizard" type="xs:boolean" />
+							<xs:element name="Sessionid" type="xs:string" />
+						</xs:sequence>
+					</xs:extension>
+				</xs:complexContent>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVResponseType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" />
+					<xs:element name="InsertERnPResult" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedRequestType">
+				<xs:sequence>
+					<xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" />
+					<xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+						<xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+						<xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKs">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKsResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="GetBPKsResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+					<xs:element minOccurs="0" name="Fault">
+						<xs:complexType>
+							<xs:attribute name="Code" type="xs:string" />
+							<xs:attribute name="String" type="xs:string" />
+						</xs:complexType>
+					</xs:element>
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetBPKKombi">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKKombiResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPV">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPVResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="IdentityLink" type="szr:IdentityLinkType" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="ValidateIdentityLinkReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element name="BPK" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="BPKzuBasiszahlReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="FremdBPKRequestType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="VKZ" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="FremdBPKType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="FremdBPK" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetVKZPermissionResponseType">
+				<xs:sequence>
+					<xs:element name="isAllowed" type="xs:boolean" />
+					<xs:element minOccurs="0" name="behSchluessel" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="BasiszahlZuBPKReturnType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ZMRAnwendungsIntegration">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+						<xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="ZMRAnwendungsIntegrationReturnType">
+				<xs:sequence>
+					<xs:element name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="ZMRAnwendungsIntegrationResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVersion" />
+			<xs:element name="GetVersionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Version" type="xs:string" />
+						<xs:element name="Revision" type="xs:string" />
+						<xs:element name="Time" type="xs:string" />
+						<xs:element name="IdentityLinkNotAfter" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:schema>
+		<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd">
+			<xs:include schemaLocation="pvp1.xsd" />
+		</xs:schema>
+		<xs:schema elementFormDefault="qualified" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext">
+			<xs:element name="Security">
+				<xs:complexType>
+					<xs:sequence>
+						<!-- add the pvpToken here. You can also uncomment the following line if you support XSD 1.1 -->
+						<!-- <xs:element ref="pvp:pvpToken" /> -->
+						<xs:any processContents="lax" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+					<xs:anyAttribute processContents="lax" />
+				</xs:complexType>
+			</xs:element>
+		</xs:schema>
+	</types>
+	<message name="Header">
+		<part name="SecurityHeader" element="wsse:Security" />
+	</message>
+	<message name="GetIdentityLinkRequest">
+		<part element="szr:GetIdentityLink" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkResponse">
+		<part element="szr:GetIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="GetBPKRequest">
+		<part element="szr:GetBPK" name="parameters" />
+	</message>
+	<message name="GetBPKResponse">
+		<part element="szr:GetBPKResponse" name="parameters" />
+	</message>
+	<message name="GetBPKsRequest">
+		<part element="szr:GetBPKs" name="parameters" />
+	</message>
+	<message name="GetBPKsResponse">
+		<part element="szr:GetBPKsResponse" name="parameters" />
+	</message>
+	<message name="GetBPKKombiRequest">
+		<part element="szr:GetBPKKombi" name="parameters" />
+	</message>
+	<message name="GetBPKKombiResponse">
+		<part element="szr:GetBPKKombiResponse" name="parameters" />
+	</message>
+	<message name="GetBPKZPVRequest">
+		<part element="szr:GetBPKZPV" name="parameters" />
+	</message>
+	<message name="GetBPKZPVResponse">
+		<part element="szr:GetBPKZPVResponse" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedRequest">
+		<part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedResponse">
+		<part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlRequest">
+		<part element="szr:BPKzuBasiszahl" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlResponse">
+		<part element="szr:BPKzuBasiszahlResponse" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKRequest">
+		<part element="szr:BasiszahlZuBPK" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKResponse">
+		<part element="szr:BasiszahlZuBPKResponse" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkRequest">
+		<part element="szr:ValidateIdentityLink" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkResponse">
+		<part element="szr:ValidateIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="TransformBPKRequest">
+		<part element="szr:TransformBPK" name="parameters" />
+	</message>
+	<message name="TransformBPKResponse">
+		<part element="szr:TransformBPKResponse" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionRequest">
+		<part element="szr:GetVKZPermission" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionResponse">
+		<part element="szr:GetVKZPermissionResponse" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationRequest">
+		<part element="szr:ZMRAnwendungsIntegration" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationResponse">
+		<part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlRequest">
+		<part element="szr:GetStammzahl" name="parameters" />
+	</message>
+	<message name="GetStammzahlResponse">
+		<part element="szr:GetStammzahlResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedRequest">
+		<part element="szr:GetStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedResponse">
+		<part element="szr:GetStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="GetVersionRequest">
+		<part element="szr:GetVersion" name="parameters" />
+	</message>
+	<message name="GetVersionResponse">
+		<part element="szr:GetVersionResponse" name="parameters" />
+	</message>
+	<message name="SZRException">
+		<part element="szr:SZRException" name="fault" />
+	</message>
+	<portType name="SZR">
+		<operation name="GetIdentityLink">
+			<input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" />
+			<output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPK">
+			<jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws">
+				<jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle>
+			</jaxws:bindings>
+			<input message="szr:GetBPKRequest" name="GetBPKRequest" />
+			<output message="szr:GetBPKResponse" name="GetBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKs">
+			<input message="szr:GetBPKsRequest" name="GetBPKsRequest" />
+			<output message="szr:GetBPKsResponse" name="GetBPKsResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKKombi">
+			<input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" />
+			<output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKZPV">
+			<input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" />
+			<output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" />
+			<output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" />
+			<output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="TransformBPK">
+			<input message="szr:TransformBPKRequest" name="TransformBPKRequest" />
+			<output message="szr:TransformBPKResponse" name="TransformBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVKZPermission">
+			<input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" />
+			<output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" />
+			<output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" />
+			<output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" />
+			<output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahl">
+			<input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" />
+			<output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" />
+			<output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVersion">
+			<input message="szr:GetVersionRequest" name="GetVersionRequest" />
+			<output message="szr:GetVersionResponse" name="GetVersionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+	</portType>
+	<binding name="SZRSoapBinding" type="szr:SZR">
+		<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
+		<operation name="GetIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKs">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKsRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKsResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKKombi">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKKombiRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKKombiResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKZPV">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKZPVRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKZPVResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKFromStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKFromStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVKZPermission">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVKZPermissionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVKZPermissionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ValidateIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ValidateIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="TransformBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="TransformBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="TransformBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BPKzuBasiszahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BPKzuBasiszahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BasiszahlZuBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BasiszahlZuBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ZMRAnwendungsIntegrationRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ZMRAnwendungsIntegrationResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVersion">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVersionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVersionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+	</binding>
+	<service name="SZRService">
+		<port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" />
+		</port>
+	</service>
+</definitions>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl
new file mode 100644
index 00000000..e7f296bd
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/SZR_v4.0.wsdl
@@ -0,0 +1,441 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<definitions targetNamespace="urn:SZRServices" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:szr="urn:SZRServices" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+    <types>
+			<xs:schema>
+				<xs:import namespace="urn:SZRServices" schemaLocation="szr_v4.0.xsd"/>
+			</xs:schema>
+		</types>
+	<message name="Header">
+		<part name="SecurityHeader" element="wsse:Security" />
+	</message>
+	<message name="GetIdentityLinkRequest">
+		<part element="szr:GetIdentityLink" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkResponse">
+		<part element="szr:GetIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkEidasRequest">
+		<part element="szr:GetIdentityLinkEidas" name="parameters" />
+	</message>
+	<message name="GetIdentityLinkEidasResponse">
+		<part element="szr:GetIdentityLinkEidasResponse" name="parameters" />
+	</message>
+	<message name="GetBPKRequest">
+		<part element="szr:GetBPK" name="parameters" />
+	</message>
+	<message name="GetBPKResponse">
+		<part element="szr:GetBPKResponse" name="parameters" />
+	</message>
+	<message name="GetBPKsRequest">
+		<part element="szr:GetBPKs" name="parameters" />
+	</message>
+	<message name="GetBPKsResponse">
+		<part element="szr:GetBPKsResponse" name="parameters" />
+	</message>
+	<message name="GetBPKKombiRequest">
+		<part element="szr:GetBPKKombi" name="parameters" />
+	</message>
+	<message name="GetBPKKombiResponse">
+		<part element="szr:GetBPKKombiResponse" name="parameters" />
+	</message>
+	<message name="GetBPKZPVRequest">
+		<part element="szr:GetBPKZPV" name="parameters" />
+	</message>
+	<message name="GetBPKZPVResponse">
+		<part element="szr:GetBPKZPVResponse" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedRequest">
+		<part element="szr:GetBPKFromStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetBPKFromStammzahlEncryptedResponse">
+		<part element="szr:GetBPKFromStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="SignContentRequest">
+		<part element="szr:SignContent" name="parameters" />
+	</message>
+	<message name="SignContentResponse">
+		<part element="szr:SignContentResponse" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlRequest">
+		<part element="szr:BPKzuBasiszahl" name="parameters" />
+	</message>
+	<message name="BPKzuBasiszahlResponse">
+		<part element="szr:BPKzuBasiszahlResponse" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKRequest">
+		<part element="szr:BasiszahlZuBPK" name="parameters" />
+	</message>
+	<message name="BasiszahlZuBPKResponse">
+		<part element="szr:BasiszahlZuBPKResponse" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkRequest">
+		<part element="szr:ValidateIdentityLink" name="parameters" />
+	</message>
+	<message name="ValidateIdentityLinkResponse">
+		<part element="szr:ValidateIdentityLinkResponse" name="parameters" />
+	</message>
+	<message name="TransformBPKRequest">
+		<part element="szr:TransformBPK" name="parameters" />
+	</message>
+	<message name="TransformBPKResponse">
+		<part element="szr:TransformBPKResponse" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionRequest">
+		<part element="szr:GetVKZPermission" name="parameters" />
+	</message>
+	<message name="GetVKZPermissionResponse">
+		<part element="szr:GetVKZPermissionResponse" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationRequest">
+		<part element="szr:ZMRAnwendungsIntegration" name="parameters" />
+	</message>
+	<message name="ZMRAnwendungsIntegrationResponse">
+		<part element="szr:ZMRAnwendungsIntegrationResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlRequest">
+		<part element="szr:GetStammzahl" name="parameters" />
+	</message>
+	<message name="GetStammzahlResponse">
+		<part element="szr:GetStammzahlResponse" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedRequest">
+		<part element="szr:GetStammzahlEncrypted" name="parameters" />
+	</message>
+	<message name="GetStammzahlEncryptedResponse">
+		<part element="szr:GetStammzahlEncryptedResponse" name="parameters" />
+	</message>
+	<message name="GetVersionRequest">
+		<part element="szr:GetVersion" name="parameters" />
+	</message>
+	<message name="GetVersionResponse">
+		<part element="szr:GetVersionResponse" name="parameters" />
+	</message>
+	<message name="SZRException">
+		<part element="szr:SZRException" name="fault" />
+	</message>
+	<portType name="SZR">
+		<operation name="GetIdentityLink">
+			<input message="szr:GetIdentityLinkRequest" name="GetIdentityLinkRequest" />
+			<output message="szr:GetIdentityLinkResponse" name="GetIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetIdentityLinkEidas">
+			<input message="szr:GetIdentityLinkEidasRequest" name="GetIdentityLinkEidasRequest" />
+			<output message="szr:GetIdentityLinkEidasResponse" name="GetIdentityLinkEidasResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPK">
+			<jaxws:bindings xmlns:jaxws="http://java.sun.com/xml/ns/jaxws">
+				<jaxws:enableWrapperStyle>false</jaxws:enableWrapperStyle>
+			</jaxws:bindings>
+			<input message="szr:GetBPKRequest" name="GetBPKRequest" />
+			<output message="szr:GetBPKResponse" name="GetBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKs">
+			<input message="szr:GetBPKsRequest" name="GetBPKsRequest" />
+			<output message="szr:GetBPKsResponse" name="GetBPKsResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKKombi">
+			<input message="szr:GetBPKKombiRequest" name="GetBPKKombiRequest" />
+			<output message="szr:GetBPKKombiResponse" name="GetBPKKombiResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKZPV">
+			<input message="szr:GetBPKZPVRequest" name="GetBPKZPVRequest" />
+			<output message="szr:GetBPKZPVResponse" name="GetBPKZPVResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<input message="szr:GetBPKFromStammzahlEncryptedRequest" name="GetBPKFromStammzahlEncryptedRequest" />
+			<output message="szr:GetBPKFromStammzahlEncryptedResponse" name="GetBPKFromStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="SignContent">
+			<input message="szr:SignContentRequest" name="SignContentRequest" />
+			<output message="szr:SignContentResponse" name="SignContentResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<input message="szr:ValidateIdentityLinkRequest" name="ValidateIdentityLinkRequest" />
+			<output message="szr:ValidateIdentityLinkResponse" name="ValidateIdentityLinkResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="TransformBPK">
+			<input message="szr:TransformBPKRequest" name="TransformBPKRequest" />
+			<output message="szr:TransformBPKResponse" name="TransformBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVKZPermission">
+			<input message="szr:GetVKZPermissionRequest" name="GetVKZPermissionRequest" />
+			<output message="szr:GetVKZPermissionResponse" name="GetVKZPermissionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<input message="szr:BPKzuBasiszahlRequest" name="BPKzuBasiszahlRequest" />
+			<output message="szr:BPKzuBasiszahlResponse" name="BPKzuBasiszahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<input message="szr:BasiszahlZuBPKRequest" name="BasiszahlZuBPKRequest" />
+			<output message="szr:BasiszahlZuBPKResponse" name="BasiszahlZuBPKResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<input message="szr:ZMRAnwendungsIntegrationRequest" name="ZMRAnwendungsIntegrationRequest" />
+			<output message="szr:ZMRAnwendungsIntegrationResponse" name="ZMRAnwendungsIntegrationResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahl">
+			<input message="szr:GetStammzahlRequest" name="GetStammzahlRequest" />
+			<output message="szr:GetStammzahlResponse" name="GetStammzahlResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<input message="szr:GetStammzahlEncryptedRequest" name="GetStammzahlEncryptedRequest" />
+			<output message="szr:GetStammzahlEncryptedResponse" name="GetStammzahlEncryptedResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+		<operation name="GetVersion">
+			<input message="szr:GetVersionRequest" name="GetVersionRequest" />
+			<output message="szr:GetVersionResponse" name="GetVersionResponse" />
+			<fault message="szr:SZRException" name="SZRException" />
+		</operation>
+	</portType>
+	<binding name="SZRSoapBinding" type="szr:SZR">
+		<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
+		<operation name="GetIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetIdentityLinkEidas">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetIdentityLinkEidasRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetIdentityLinkEidasResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKs">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKsRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKsResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKKombi">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKKombiRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKKombiResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKZPV">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKZPVRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKZPVResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetBPKFromStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetBPKFromStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetBPKFromStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="SignContent">
+			<wsdlsoap:operation soapAction="" />
+			<input name="SignContentRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="SignContentResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVKZPermission">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVKZPermissionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVKZPermissionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ValidateIdentityLink">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ValidateIdentityLinkRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ValidateIdentityLinkResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="TransformBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="TransformBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="TransformBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BPKzuBasiszahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BPKzuBasiszahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BPKzuBasiszahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="BasiszahlZuBPK">
+			<wsdlsoap:operation soapAction="" />
+			<input name="BasiszahlZuBPKRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="BasiszahlZuBPKResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="ZMRAnwendungsIntegration">
+			<wsdlsoap:operation soapAction="" />
+			<input name="ZMRAnwendungsIntegrationRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="ZMRAnwendungsIntegrationResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahl">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetStammzahlEncrypted">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetStammzahlEncryptedRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetStammzahlEncryptedResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+		<operation name="GetVersion">
+			<wsdlsoap:operation soapAction="" />
+			<input name="GetVersionRequest">
+				<wsdlsoap:header message="szr:Header" part="SecurityHeader" use="literal" />
+				<wsdlsoap:body use="literal" />
+			</input>
+			<output name="GetVersionResponse">
+				<wsdlsoap:body use="literal" />
+			</output>
+			<fault name="SZRException">
+				<wsdlsoap:fault name="SZRException" use="literal" />
+			</fault>
+		</operation>
+	</binding>
+	<service name="SZRService">
+		<port binding="szr:SZRSoapBinding" name="SZRBusinesspartnerTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/at.gv.bmi.szrsrv-b/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRTestumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services-T/services/SZR" />
+		</port>
+		<port binding="szr:SZRSoapBinding" name="SZRProduktionsumgebung">
+			<wsdlsoap:address location="https://pvawp.bmi.gv.at/bmi.gv.at/soap/SZ2Services/services/SZR" />
+		</port>
+	</service>
+</definitions>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd
new file mode 100644
index 00000000..09c0b1e3
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp1.xsd
@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v2004 rel. 2 U (http://www.xmlspy.com) by BM (Bundeskanzleramt) -->
+<!-- PVP Schema 1.8.10 -->
+<!-- pvpToken wird über das Element <Security> aus der Spezifikation WS-Security in den SOAP-Header eingebunden -->
+<!--erstellt: rainer.hoerbe@bmi.gv.at 2004-04-30 -->
+<!--geändert: rainer.hoerbe@beko.at 2007-04-04: Extensions Points definiert -->
+<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd" xmlns="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
+	<xs:element name="pvpToken">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="pvpTokenType" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="pvpTokenType">
+		<xs:sequence>
+			<xs:element name="authenticate">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="participantId" type="xs:string" />
+						<xs:element name="gvOuDomain" type="xs:string" minOccurs="0" maxOccurs="1" />
+						<xs:choice>
+							<xs:element name="userPrincipal">
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="pvpPrincipalType">
+											<xs:sequence>
+												<xs:element name="gvGid" type="xs:string" />
+												<xs:element name="mail" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="tel" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="bpk" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="gvFunction" type="xs:string" minOccurs="0" maxOccurs="1" />
+											</xs:sequence>
+										</xs:extension>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="systemPrincipal" type="pvpPrincipalType" />
+						</xs:choice>
+						<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>additional authentication properties</xs:documentation>
+							</xs:annotation>
+						</xs:any>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="authorize" minOccurs="0" maxOccurs="1">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:sequence minOccurs="0">
+							<xs:element name="gvOuId" type="xs:string" />
+							<xs:element name="ou" type="xs:string" />
+						</xs:sequence>
+						<xs:element name="role" maxOccurs="unbounded">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+								</xs:sequence>
+								<xs:attribute name="value" type="xs:string" use="required" />
+							</xs:complexType>
+						</xs:element>
+						<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>additional authorization properties</xs:documentation>
+							</xs:annotation>
+						</xs:any>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="accounting" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:any processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="pvpChainedToken" type="pvpTokenType" minOccurs="0" />
+			<xs:element name="pvpExtension" block="extension" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="version" type="gvVersionType" use="required" />
+		<xs:anyAttribute namespace="##any" processContents="lax" />
+	</xs:complexType>
+	<xs:complexType name="pvpPrincipalType">
+		<xs:sequence>
+			<xs:element name="userId" type="xs:string" />
+			<xs:element name="cn" type="xs:string" />
+			<xs:element name="gvOuId" type="xs:string" />
+			<xs:element name="ou" type="xs:string" />
+			<xs:element name="gvOuOKZ" type="xs:string" minOccurs="0" /> <!-- steht auch in der pvp doku, fehlt aber im normalen pvp1.xsd -->
+			<xs:element name="gvSecClass" type="gvSecClassType" minOccurs="0" />
+			<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>additional principal attributes</xs:documentation>
+				</xs:annotation>
+			</xs:any>
+		</xs:sequence>
+		<xs:anyAttribute namespace="##any" processContents="lax" />
+	</xs:complexType>
+	<xs:simpleType name="gvSecClassType">
+		<xs:restriction base="xs:integer">
+			<xs:enumeration value="0" />
+			<xs:enumeration value="1" />
+			<xs:enumeration value="2" />
+			<xs:enumeration value="3" />
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="gvVersionType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0" />
+			<xs:enumeration value="1.1" />
+			<xs:enumeration value="1.2" />
+			<xs:enumeration value="1.8" />
+			<xs:enumeration value="1.9" />
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="logLevelType">
+		<xs:restriction base="xs:integer">
+			<xs:enumeration value="0" />
+			<xs:enumeration value="1" />
+			<xs:enumeration value="2" />
+			<xs:enumeration value="3" />
+			<xs:enumeration value="4" />
+			<xs:enumeration value="5" />
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd
new file mode 100644
index 00000000..596a2b99
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/pvp19.xsd
@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v2004 rel. 2 U (http://www.xmlspy.com) by BM (Bundeskanzleramt) -->
+<!-- PVP Schema 1.8.10 -->
+<!-- pvpToken wird über das Element <Security> aus der Spezifikation WS-Security in den SOAP-Header eingebunden -->
+<!--erstellt: rainer.hoerbe@bmi.gv.at 2004-04-30 -->
+<!--geändert: rainer.hoerbe@beko.at 2007-04-04: Extensions Points definiert -->
+<xs:schema targetNamespace="http://egov.gv.at/pvp1.xsd" xmlns="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified">
+	<xs:element name="pvpToken">
+		<xs:complexType>
+			<xs:complexContent>
+				<xs:extension base="pvpTokenType" />
+			</xs:complexContent>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="pvpTokenType">
+		<xs:sequence>
+			<xs:element name="authenticate">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="participantId" type="xs:string" />
+						<xs:element name="gvOuDomain" type="xs:string" minOccurs="0" maxOccurs="1" />
+						<xs:choice>
+							<xs:element name="userPrincipal">
+								<xs:complexType>
+									<xs:complexContent>
+										<xs:extension base="pvpPrincipalType">
+											<xs:sequence>
+												<xs:element name="gvGid" type="xs:string" />
+												<xs:element name="mail" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="tel" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="bpk" type="xs:string" minOccurs="0" maxOccurs="1" />
+												<xs:element name="gvFunction" type="xs:string" minOccurs="0" maxOccurs="1" />
+											</xs:sequence>
+										</xs:extension>
+									</xs:complexContent>
+								</xs:complexType>
+							</xs:element>
+							<xs:element name="systemPrincipal" type="pvpPrincipalType" />
+						</xs:choice>
+						<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>additional authentication properties</xs:documentation>
+							</xs:annotation>
+						</xs:any>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="authorize" minOccurs="0" maxOccurs="1">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:sequence minOccurs="0">
+							<xs:element name="gvOuId" type="xs:string" />
+							<xs:element name="ou" type="xs:string" />
+						</xs:sequence>
+						<xs:element name="role" maxOccurs="unbounded">
+							<xs:complexType>
+								<xs:sequence>
+									<xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+								</xs:sequence>
+								<xs:attribute name="value" type="xs:string" use="required" />
+							</xs:complexType>
+						</xs:element>
+						<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+							<xs:annotation>
+								<xs:documentation>additional authorization properties</xs:documentation>
+							</xs:annotation>
+						</xs:any>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="accounting" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:any processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="pvpChainedToken" type="pvpTokenType" minOccurs="0" />
+			<xs:element name="pvpExtension" block="extension" minOccurs="0">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:any namespace="##any" processContents="skip" minOccurs="0" maxOccurs="unbounded" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+		<xs:attribute name="version" type="gvVersionType" use="required" />
+		<xs:anyAttribute namespace="##any" processContents="lax" />
+	</xs:complexType>
+	<xs:complexType name="pvpPrincipalType">
+		<xs:sequence>
+			<xs:element name="userId" type="xs:string" />
+			<xs:element name="cn" type="xs:string" />
+			<xs:element name="gvOuId" type="xs:string" />
+			<xs:element name="ou" type="xs:string" />
+			<xs:element name="gvOuOKZ" type="xs:string" minOccurs="0" />
+			<xs:element name="gvSecClass" type="gvSecClassType" minOccurs="0" />
+			<xs:any namespace="##other" processContents="lax" minOccurs="0" maxOccurs="unbounded">
+				<xs:annotation>
+					<xs:documentation>additional principal attributes</xs:documentation>
+				</xs:annotation>
+			</xs:any>
+		</xs:sequence>
+		<xs:anyAttribute namespace="##any" processContents="lax" />
+	</xs:complexType>
+	<xs:simpleType name="gvSecClassType">
+		<xs:restriction base="xs:integer">
+			<xs:enumeration value="0" />
+			<xs:enumeration value="1" />
+			<xs:enumeration value="2" />
+			<xs:enumeration value="3" />
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="gvVersionType">
+		<xs:restriction base="xs:string">
+			<xs:enumeration value="1.0" />
+			<xs:enumeration value="1.1" />
+			<xs:enumeration value="1.2" />
+			<xs:enumeration value="1.8" />
+			<xs:enumeration value="1.9" />
+		</xs:restriction>
+	</xs:simpleType>
+	<xs:simpleType name="logLevelType">
+		<xs:restriction base="xs:integer">
+			<xs:enumeration value="0" />
+			<xs:enumeration value="1" />
+			<xs:enumeration value="2" />
+			<xs:enumeration value="3" />
+			<xs:enumeration value="4" />
+			<xs:enumeration value="5" />
+		</xs:restriction>
+	</xs:simpleType>
+</xs:schema>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd
new file mode 100644
index 00000000..85acfb65
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr.xsd
@@ -0,0 +1,388 @@
+<xs:schema elementFormDefault="qualified" targetNamespace="urn:SZRServices" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:szr="urn:SZRServices" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+			<xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" />
+			<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" />
+			<xs:element name="SZRException" type="szr:SZRException" />
+			<xs:complexType name="SZRException" />
+			<xs:complexType name="PersonInfoType">
+				<xs:sequence>
+					<xs:element name="Person" type="pd:PhysicalPersonType" />
+					<xs:element minOccurs="0" name="RegularDomicile" type="pd:PostalAddressType" />
+					<xs:element minOccurs="0" name="AddressCodes" type="szr:AddressCodesType" />
+					<xs:element minOccurs="0" name="TravelDocument" type="szr:TravelDocumentType" />
+					<xs:element minOccurs="0" name="DateOfBirthWildcard" type="xs:boolean" />
+					<xs:element minOccurs="0" name="AuskunftssperreGesetzt" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="TravelDocumentType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="DocumentNumber" type="xs:string" />
+					<xs:element minOccurs="0" name="DocumentType" type="xs:string" />
+					<xs:element minOccurs="0" name="IssueDate" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingAuthority" type="xs:string" />
+					<xs:element minOccurs="0" name="IssuingCountry" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="AddressCodesType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="GKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="OKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="SKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="ADRCD" type="xs:string" />
+					<xs:element minOccurs="0" name="SUBCD" type="xs:string" />
+					<xs:element minOccurs="0" name="OBJNR" type="xs:string" />
+					<xs:element minOccurs="0" name="NTZLNR" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="TransformBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element name="InputBPK" type="xs:string" />
+						<xs:element name="InputBereichsKennung" type="xs:string" />
+						<xs:element name="Begruendung" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="TransformBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="TransformBPKReturn" type="szr:FremdBPKType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermission">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="ParticipantId" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVKZPermissionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="IdentityLinkType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Assertion" type="xs:anyType" />
+					<xs:element minOccurs="0" name="AdditionalInfo" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="ResultRecord">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element name="Register" type="xs:string" />
+					<xs:element name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP">
+						<xs:simpleType>
+							<xs:restriction base="xs:string">
+								<xs:enumeration value="NoInsert" />
+								<xs:enumeration value="InsertOnNoMatch" />
+								<xs:enumeration value="ForceInsert" />
+							</xs:restriction>
+						</xs:simpleType>
+					</xs:element>
+					<xs:element minOccurs="0" name="Suchwizard" type="xs:boolean" />
+					<xs:element name="VKZ" type="xs:string" nillable="true" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					<xs:element minOccurs="0" name="Sessionid" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKKombiResponseType">
+				<xs:complexContent>
+					<xs:extension base="szr:GetBPKZPVResponseType">
+						<xs:sequence>
+							<xs:element name="FoundWithSuchwizard" type="xs:boolean" />
+							<xs:element name="Sessionid" type="xs:string" />
+						</xs:sequence>
+					</xs:extension>
+				</xs:complexContent>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVRequestType">
+				<xs:sequence>
+					<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" default="false" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BehoerdenKennzeichen" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKZPVResponseType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:ResultRecord" />
+					<xs:element name="InsertERnPResult" type="xs:boolean" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedRequestType">
+				<xs:sequence>
+					<xs:element minOccurs="1" name="StammzahlEncrypted" type="xs:string" />
+					<xs:element minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					<xs:element minOccurs="1" name="VKZ" type="xs:string" />
+					<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetBPKFromStammzahlEncryptedResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="bPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element maxOccurs="unbounded" name="KeyValue" type="dsig:KeyValueType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+						<xs:element minOccurs="0" name="ListMultiplePersons" type="xs:boolean" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="GetBPKReturn" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+						<xs:element maxOccurs="5" minOccurs="0" name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKs">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="BereichsKennung" type="xs:string" />
+						<xs:element name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Target" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKsResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ResultRecord" type="szr:GetBPKsResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="GetBPKsResponseType">
+				<xs:sequence>
+					<xs:element minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPK" type="szr:FremdBPKType" />
+					<xs:element minOccurs="0" name="Fault">
+						<xs:complexType>
+							<xs:attribute name="Code" type="xs:string" />
+							<xs:attribute name="String" type="xs:string" />
+						</xs:complexType>
+					</xs:element>
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="GetBPKKombi">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKKombiResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPV">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKZPVResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedRequest" type="szr:GetBPKFromStammzahlEncryptedRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetBPKFromStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="GetBPKFromStammzahlEncryptedResponse" type="szr:GetBPKFromStammzahlEncryptedResponseType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLink">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="IdentityLink" type="szr:IdentityLinkType" />
+						<xs:element name="BereichsKennung" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ValidateIdentityLinkResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="ValidateIdentityLinkReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element name="BPK" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="BPKzuBasiszahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="BPKzuBasiszahlReturn" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="FremdBPKRequestType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="VKZ" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="FremdBPKType">
+				<xs:sequence>
+					<xs:element name="BereichsKennung" type="xs:string" />
+					<xs:element name="FremdBPK" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:complexType name="GetVKZPermissionResponseType">
+				<xs:sequence>
+					<xs:element name="isAllowed" type="xs:boolean" />
+					<xs:element minOccurs="0" name="behSchluessel" type="xs:string" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPK">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element minOccurs="0" name="VKZ" type="xs:string" />
+						<xs:element maxOccurs="unbounded" name="BasisZahl" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="BasiszahlZuBPKReturnType">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="BasiszahlZuBPKResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="ZMRAnwendungsIntegration">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Bereich" type="xs:string" />
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKTargets" type="szr:FremdBPKRequestType" />
+						<xs:element maxOccurs="unbounded" name="ZMRfremdbPK" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:complexType name="ZMRAnwendungsIntegrationReturnType">
+				<xs:sequence>
+					<xs:element name="BPK" type="xs:string" />
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="FremdBPKs" type="szr:FremdBPKType" />
+				</xs:sequence>
+			</xs:complexType>
+			<xs:element name="ZMRAnwendungsIntegrationResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahl">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncrypted">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="PersonInfo" type="szr:PersonInfoType" />
+						<xs:element minOccurs="0" name="InsertERnP" type="xs:boolean" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetStammzahlEncryptedResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Stammzahl" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+			<xs:element name="GetVersion" />
+			<xs:element name="GetVersionResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element name="Version" type="xs:string" />
+						<xs:element name="Revision" type="xs:string" />
+						<xs:element name="Time" type="xs:string" />
+						<xs:element name="IdentityLinkNotAfter" type="xs:string" />
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+</xs:schema>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd
new file mode 100644
index 00000000..87ee80be
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_ecdsa.xsd
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema"
+           targetNamespace="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#">
+    <xs:element name="ECDSAKeyValue" type="ecdsa:ECDSAKeyValueType" />
+    <xs:complexType name="ECDSAKeyValueType">
+        <xs:sequence>
+            <xs:element name="DomainParameters" type="ecdsa:DomainParamsType"
+                        minOccurs="0" />
+            <xs:element name="PublicKey" type="ecdsa:ECPointType" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="DomainParamsType">
+        <xs:sequence>
+            <xs:element name="NamedCurve" minOccurs="0"
+                        type="ecdsa:NamedCurveType" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="NamedCurveType">
+        <xs:attribute name="URN" type="xs:string" use="required" />
+    </xs:complexType>
+    <xs:complexType name="ECPointType">
+        <xs:sequence minOccurs="0">
+            <xs:element name="X" type="ecdsa:PrimeFieldElemType" />
+            <xs:element name="Y" type="ecdsa:PrimeFieldElemType" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="PrimeFieldElemType">
+        <xs:attribute name="Value" type="xs:string" use="required" />
+    </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd
new file mode 100644
index 00000000..3c9ac932
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_persondata.xsd
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema elementFormDefault="qualified" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#"
+	targetNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <xs:complexType name="PhysicalPersonType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="Identification" type="pd:IdentificationType" />
+      <xs:element minOccurs="1" name="Name" type="pd:PersonNameType" />
+      <xs:element minOccurs="0" name="AlternativeName" type="pd:AlternativeNameType" />
+      <xs:element minOccurs="0" name="Sex" type="xs:string" />
+      <xs:element minOccurs="0" name="DateOfBirth" type="xs:string" />
+      <xs:element minOccurs="0" name="PlaceOfBirth" type="xs:string" />
+      <xs:element minOccurs="0" name="CountryOfBirth" type="xs:string" />
+      <xs:element minOccurs="0" name="Nationality" type="xs:string" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="IdentificationType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="Value" type="xs:string" />
+      <xs:element minOccurs="0" name="Type" type="xs:string" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="PersonNameType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="PrefixedDegree" type="xs:string" />
+      <xs:element name="GivenName" type="xs:string" nillable="true" />
+      <xs:element name="FamilyName" type="xs:string" nillable="true" />
+      <xs:element minOccurs="0" name="SuffixedDegree" type="xs:string" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="AlternativeNameType">
+    <xs:sequence>
+      <xs:element name="FamilyName" type="xs:string" nillable="true" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="PostalAddressType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="PostalCode" type="xs:string" />
+      <xs:element minOccurs="0" name="Municipality" type="xs:string" />
+      <xs:element minOccurs="0" name="Locality" type="xs:string" />
+      <xs:element minOccurs="0" name="StateCode3" type="xs:string" />
+      <xs:element minOccurs="0" name="DeliveryAddress" type="pd:DeliveryAddressType" />
+      <xs:element minOccurs="0" name="HistoricRecord" type="xs:boolean" />
+    </xs:sequence>
+  </xs:complexType>
+  <xs:complexType name="DeliveryAddressType">
+    <xs:sequence>
+      <xs:element minOccurs="0" name="AddressLine" type="xs:string" />
+      <xs:element minOccurs="0" name="StreetName" type="xs:string" />
+      <xs:element minOccurs="0" name="BuildingNumber" type="xs:string" />
+      <xs:element minOccurs="0" name="Unit" type="xs:string" />
+      <xs:element minOccurs="0" name="DoorNumber" type="xs:string" />
+    </xs:sequence>
+  </xs:complexType>
+</xs:schema>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd
new file mode 100644
index 00000000..5001c1b8
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_pvp_sec.xsd
@@ -0,0 +1,10 @@
+<xs:schema xmlns:pvp="http://egov.gv.at/pvp1.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema" targetNamespace="http://schemas.xmlsoap.org/ws/2002/04/secext" elementFormDefault="qualified">
+	<xs:import namespace="http://egov.gv.at/pvp1.xsd" schemaLocation="pvp19.xsd"/>
+	<xs:element name="Security">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element ref="pvp:pvpToken"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element> 
+</xs:schema>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml
new file mode 100644
index 00000000..d40efa45
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-schemas.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<bindings version="2.0" xmlns="http://java.sun.com/xml/ns/jaxb"
+	xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
+	xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc">
+
+  <bindings schemaLocation="../szr_v4/szr_v4.0.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr_v4" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+  
+	<bindings schemaLocation="../szr/szr_ecdsa.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr.ecdsa" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+
+	<bindings schemaLocation="../szr_v4/szr_persondata.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr.persondata" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+
+	<bindings schemaLocation="../szr_v4/szr_pvp_sec.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr.pvp19.sec" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+
+	<bindings schemaLocation="../szr_v4/pvp19.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr.pvp19" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+
+  <bindings schemaLocation="../szr/szr_xmldsig.xsd">
+		<bindings node="/xsd:schema">
+			<schemaBindings>
+				<package name="at.gv.util.xsd.szr.xmldsig" />
+			</schemaBindings>
+		</bindings>
+	</bindings>
+
+</bindings>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml
new file mode 100644
index 00000000..f95c35f0
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0-wsdl.xml
@@ -0,0 +1,10 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<bindings xmlns="http://java.sun.com/xml/ns/jaxws"
+               xmlns:jaxb="http://java.sun.com/xml/ns/jaxb"
+               xmlns:xsd="http://www.w3.org/2001/XMLSchema"
+               xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
+
+  <enableWrapperStyle>false</enableWrapperStyle>
+  <package name="at.gv.util.wsdl.szr_v4"/> 
+     
+</bindings>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd
new file mode 100644
index 00000000..2d25f2dc
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_v4.0.xsd
@@ -0,0 +1,443 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:szr="urn:SZRServices" xmlns:pd="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" targetNamespace="urn:SZRServices" elementFormDefault="qualified">
+	<xs:import namespace="http://reference.e-government.gv.at/namespace/persondata/20020228#" schemaLocation="szr_persondata.xsd"/>
+	<xs:import namespace="http://www.w3.org/2000/09/xmldsig#" schemaLocation="szr_xmldsig.xsd"/>
+	<xs:element name="SZRException" type="szr:SZRException"/>
+	<xs:complexType name="SZRException"/>
+	<xs:complexType name="PersonInfoType">
+		<xs:sequence>
+			<xs:element name="Person" type="pd:PhysicalPersonType"/>
+			<xs:element name="RegularDomicile" type="pd:PostalAddressType" minOccurs="0"/>
+			<xs:element name="AddressCodes" type="szr:AddressCodesType" minOccurs="0"/>
+			<xs:element name="TravelDocument" type="szr:TravelDocumentType" minOccurs="0"/>
+			<xs:element name="DateOfBirthWildcard" type="xs:boolean" minOccurs="0"/>
+			<xs:element name="AuskunftssperreGesetzt" type="xs:boolean" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="TravelDocumentType">
+		<xs:sequence>
+			<xs:element name="DocumentNumber" type="xs:string" minOccurs="0"/>
+			<xs:element name="DocumentType" type="xs:string" minOccurs="0"/>
+			<xs:element name="IssueDate" type="xs:string" minOccurs="0"/>
+			<xs:element name="IssuingAuthority" type="xs:string" minOccurs="0"/>
+			<xs:element name="IssuingCountry" type="xs:string" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="AddressCodesType">
+		<xs:sequence>
+			<xs:element name="GKZ" type="xs:string" minOccurs="0"/>
+			<xs:element name="OKZ" type="xs:string" minOccurs="0"/>
+			<xs:element name="SKZ" type="xs:string" minOccurs="0"/>
+			<xs:element name="ADRCD" type="xs:string" minOccurs="0"/>
+			<xs:element name="SUBCD" type="xs:string" minOccurs="0"/>
+			<xs:element name="OBJNR" type="xs:string" minOccurs="0"/>
+			<xs:element name="NTZLNR" type="xs:string" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="TransformBPK">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+				<xs:element name="InputBPK" type="xs:string"/>
+				<xs:element name="InputBereichsKennung" type="xs:string"/>
+				<xs:element name="Begruendung" type="xs:string"/>
+				<xs:element name="Target" type="szr:FremdBPKRequestType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="TransformBPKResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="TransformBPKReturn" type="szr:FremdBPKType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetVKZPermission">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="VKZ" type="xs:string"/>
+				<xs:element name="BereichsKennung" type="xs:string"/>
+				<xs:element name="ParticipantId" type="xs:string" minOccurs="0"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetVKZPermissionResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetVKZPermissionReturn" type="szr:GetVKZPermissionResponseType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="IdentityLinkType">
+		<xs:sequence>
+			<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			<xs:element name="Assertion" type="xs:anyType"/>
+			<xs:element name="AdditionalInfo" type="xs:string" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="ResultRecord">
+		<xs:sequence>
+			<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			<xs:element name="Register" type="xs:string"/>
+			<xs:element name="bPK" type="xs:string"/>
+			<xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GetBPKKombiRequestType">
+		<xs:sequence>
+			<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			<xs:element name="InsertERnP" minOccurs="0">
+				<xs:simpleType>
+					<xs:restriction base="xs:string">
+						<xs:enumeration value="NoInsert"/>
+						<xs:enumeration value="InsertOnNoMatch"/>
+						<xs:enumeration value="ForceInsert"/>
+					</xs:restriction>
+				</xs:simpleType>
+			</xs:element>
+			<xs:element name="Suchwizard" type="xs:boolean" minOccurs="0"/>
+			<xs:element name="VKZ" type="xs:string" nillable="true"/>
+			<xs:element name="BehoerdenKennzeichen" type="xs:string" minOccurs="0"/>
+			<xs:element name="BereichsKennung" type="xs:string" minOccurs="0"/>
+			<xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="Sessionid" type="xs:string" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GetBPKKombiResponseType">
+		<xs:complexContent>
+			<xs:extension base="szr:GetBPKZPVResponseType">
+				<xs:sequence>
+					<xs:element name="FoundWithSuchwizard" type="xs:boolean"/>
+					<xs:element name="Sessionid" type="xs:string"/>
+				</xs:sequence>
+			</xs:extension>
+		</xs:complexContent>
+	</xs:complexType>
+	<xs:complexType name="GetBPKZPVRequestType">
+		<xs:sequence>
+			<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			<xs:element name="InsertERnP" type="xs:boolean" default="false" minOccurs="0"/>
+			<xs:element name="VKZ" type="xs:string" minOccurs="1"/>
+			<xs:element name="BehoerdenKennzeichen" type="xs:string" minOccurs="0"/>
+			<xs:element name="BereichsKennung" type="xs:string" minOccurs="0"/>
+			<xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GetBPKZPVResponseType">
+		<xs:sequence>
+			<xs:element name="ResultRecord" type="szr:ResultRecord" maxOccurs="unbounded"/>
+			<xs:element name="InsertERnPResult" type="xs:boolean"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GetBPKFromStammzahlEncryptedRequestType">
+		<xs:sequence>
+			<xs:element name="StammzahlEncrypted" type="xs:string" minOccurs="1"/>
+			<xs:element name="PersonInfo" type="szr:PersonInfoType" minOccurs="0"/>
+			<xs:element name="VKZ" type="xs:string" minOccurs="1"/>
+			<xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+		<xs:attribute name="key"/>
+	</xs:complexType>
+	<xs:complexType name="GetBPKFromStammzahlEncryptedResponseType">
+		<xs:sequence>
+			<xs:element name="bPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="Fault" type="szr:Fault" minOccurs="0"/>
+		</xs:sequence>
+		<xs:attribute name="key"/>
+	</xs:complexType>
+	<xs:complexType name="Fault">
+		<xs:attribute name="Code" type="xs:string"/>
+		<xs:attribute name="String" type="xs:string"/>
+	</xs:complexType>
+	<xs:complexType name="SignContentResponseType">
+		<xs:sequence>
+			<xs:element name="JwsAlg" type="xs:string" minOccurs="0"/>
+			<xs:element name="Out" type="szr:SignContentEntry" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="SignContentEntry">
+		<xs:simpleContent>
+			<xs:extension base="xs:string">
+				<xs:attribute name="key"/>
+			</xs:extension>
+		</xs:simpleContent>
+	</xs:complexType>
+	<xs:element name="GetIdentityLink">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+				<xs:element name="KeyValue" type="dsig:KeyValueType" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetIdentityLinkResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetIdentityLinkEidas">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetIdentityLinkEidasResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetIdentityLinkReturn" type="szr:IdentityLinkType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPK">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+				<xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="VKZ" type="xs:string" minOccurs="0"/>
+				<xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="ListMultiplePersons" type="xs:boolean" minOccurs="0"/>
+				<xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetBPKReturn" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType" minOccurs="0" maxOccurs="5"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKs">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType" maxOccurs="unbounded"/>
+				<xs:element name="BereichsKennung" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="VKZ" type="xs:string"/>
+				<xs:element name="Target" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKsResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ResultRecord" type="szr:GetBPKsResponseType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="GetBPKsResponseType">
+		<xs:sequence>
+			<xs:element name="BPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="FremdBPK" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="Fault" minOccurs="0">
+				<xs:complexType>
+					<xs:attribute name="Code" type="xs:string"/>
+					<xs:attribute name="String" type="xs:string"/>
+				</xs:complexType>
+			</xs:element>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="GetBPKKombi">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetBPKKombiRequest" type="szr:GetBPKKombiRequestType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKKombiResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetBPKKombiResponse" type="szr:GetBPKKombiResponseType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKZPV">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetBPKZPVRequest" type="szr:GetBPKZPVRequestType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKZPVResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="GetBPKZPVResponse" type="szr:GetBPKZPVResponseType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKFromStammzahlEncrypted">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="In" type="szr:GetBPKFromStammzahlEncryptedRequestType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetBPKFromStammzahlEncryptedResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Out" type="szr:GetBPKFromStammzahlEncryptedResponseType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="SignContent">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="AppendCert" type="xs:boolean" default="false" minOccurs="0"/>
+				<xs:element name="JWSHeaderParam" type="szr:JwsHeaderParam" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="In" type="szr:SignContentEntry" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="JwsHeaderParam">
+		<xs:attribute name="key" type="xs:string" use="required"/>
+		<xs:attribute name="value" type="xs:string" use="required"/>
+	</xs:complexType>
+	<xs:element name="SignContentResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="SignContentResponse" type="szr:SignContentResponseType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="ValidateIdentityLink">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="IdentityLink" type="szr:IdentityLinkType"/>
+				<xs:element name="BereichsKennung" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="ValidateIdentityLinkResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ValidateIdentityLinkReturn" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="BPKzuBasiszahl">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Bereich" type="xs:string"/>
+				<xs:element name="BPK" type="xs:string"/>
+				<xs:element name="BasisZahl" type="xs:string" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="BPKzuBasiszahlResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="BPKzuBasiszahlReturn" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="FremdBPKRequestType">
+		<xs:sequence>
+			<xs:element name="BereichsKennung" type="xs:string"/>
+			<xs:element name="VKZ" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="FremdBPKType">
+		<xs:sequence>
+			<xs:element name="BereichsKennung" type="xs:string"/>
+			<xs:element name="FremdBPK" type="xs:string"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:complexType name="GetVKZPermissionResponseType">
+		<xs:sequence>
+			<xs:element name="isAllowed" type="xs:boolean"/>
+			<xs:element name="behSchluessel" type="xs:string" minOccurs="0"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="BasiszahlZuBPK">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="VKZ" type="xs:string" minOccurs="0"/>
+				<xs:element name="BasisZahl" type="xs:string" maxOccurs="unbounded"/>
+				<xs:element name="Bereich" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="FremdBPKTargets" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="BasiszahlZuBPKReturnType">
+		<xs:sequence>
+			<xs:element name="BPK" type="xs:string" minOccurs="0" maxOccurs="unbounded"/>
+			<xs:element name="FremdBPKs" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="BasiszahlZuBPKResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="BasiszahlZuBPKReturn" type="szr:BasiszahlZuBPKReturnType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="ZMRAnwendungsIntegration">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Bereich" type="xs:string"/>
+				<xs:element name="FremdBPKTargets" type="szr:FremdBPKRequestType" minOccurs="0" maxOccurs="unbounded"/>
+				<xs:element name="ZMRfremdbPK" type="xs:string" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:complexType name="ZMRAnwendungsIntegrationReturnType">
+		<xs:sequence>
+			<xs:element name="BPK" type="xs:string"/>
+			<xs:element name="FremdBPKs" type="szr:FremdBPKType" minOccurs="0" maxOccurs="unbounded"/>
+		</xs:sequence>
+	</xs:complexType>
+	<xs:element name="ZMRAnwendungsIntegrationResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="ZMRAnwendungsIntegrationReturn" type="szr:ZMRAnwendungsIntegrationReturnType" maxOccurs="unbounded"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetStammzahl">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetStammzahlResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Stammzahl" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetStammzahlEncrypted">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="PersonInfo" type="szr:PersonInfoType"/>
+				<xs:element name="InsertERnP" type="xs:boolean" minOccurs="0"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetStammzahlEncryptedResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Stammzahl" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+	<xs:element name="GetVersion" nillable="true"/>
+	<xs:element name="GetVersionResponse">
+		<xs:complexType>
+			<xs:sequence>
+				<xs:element name="Version" type="xs:string"/>
+				<xs:element name="Revision" type="xs:string"/>
+				<xs:element name="Time" type="xs:string"/>
+				<xs:element name="IdentityLinkNotAfter" type="xs:string"/>
+			</xs:sequence>
+		</xs:complexType>
+	</xs:element>
+</xs:schema>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd
new file mode 100644
index 00000000..96b50b40
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/szr_client/szr_xmldsig.xsd
@@ -0,0 +1,31 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<xs:schema elementFormDefault="qualified" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#"
+           targetNamespace="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+    <xs:import namespace="http://www.w3.org/2001/04/xmldsig-more#" schemaLocation="szr_ecdsa.xsd"/>
+    <xs:complexType name="KeyValueType">
+        <xs:sequence>
+            <xs:element name="DSAKeyValue" minOccurs="0"
+                        type="dsig:DSAKeyValueType" />
+            <xs:element name="RSAKeyValue" minOccurs="0"
+                        type="dsig:RSAKeyValueType" />
+            <xs:element ref="ecdsa:ECDSAKeyValue" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="DSAKeyValueType">
+        <xs:sequence>
+            <xs:element name="P" minOccurs="0" type="xs:string" />
+            <xs:element name="Q" minOccurs="0" type="xs:string" />
+            <xs:element name="J" minOccurs="0" type="xs:string" />
+            <xs:element name="G" minOccurs="0" type="xs:string" />
+            <xs:element name="Y" minOccurs="0" type="xs:string" />
+            <xs:element name="PgenCounter" minOccurs="0" type="xs:string" />
+            <xs:element name="Seed" minOccurs="0" type="xs:string" />
+        </xs:sequence>
+    </xs:complexType>
+    <xs:complexType name="RSAKeyValueType">
+        <xs:sequence>
+            <xs:element name="Modulus" minOccurs="0" type="xs:string" />
+            <xs:element name="Exponent" minOccurs="0" type="xs:string" />
+        </xs:sequence>
+    </xs:complexType>
+</xs:schema>
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html b/modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html
new file mode 100644
index 00000000..186937d7
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/templates/eidas_node_forward.html
@@ -0,0 +1,36 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org"
+      xmlns:layout="http://www.ultraq.net.nz/thymeleaf/layout"
+      layout:decorator="fragments/base"
+      th:with="lang=${#locale.language}" th:lang="${lang}">
+<head>
+  <script src="$contextPath/autocommit.js"
+          th:attr="src=@{/autocommit.js}"></script>
+</head>
+<body>
+	<noscript>
+		<p>
+			<strong>Note:</strong> Since your browser does not support
+			JavaScript, you must press the Continue button once to proceed.
+		</p>
+	</noscript>
+
+	<div id="alert">Your login is being processed. Thank you for
+		waiting.</div>
+
+	<form 	action="${endPoint}" method="post" target="_parent"
+			th:attr="action=@{${endPoint}}">
+		<div>
+			<input type="hidden" name="${tokenName}" value="${tokenValue}"
+			 	   th:attr="value=${tokenValue},name=${tokenName}" />
+		</div>
+		<noscript>
+			<div>
+				<p>Your browser does not support JavaScript. Click the button to continuing the process .</p>
+				<input type="submit" value="Continue" />
+			</div>
+		</noscript>
+	</form>
+
+</body>
+</html>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
new file mode 100644
index 00000000..aef290f5
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationSpringResourceProvider;
+import at.gv.egiz.eaaf.core.test.TestConstants;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EidasAuthSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final EidasAuthenticationSpringResourceProvider test =
+        new EidasAuthenticationSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+ 
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(TestConstants.TEST_SPI_LOADER_PATH);
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          EidasAuthenticationSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: " + TestConstants.TEST_SPI_LOADER_PATH + " not found");
+
+    }
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
new file mode 100644
index 00000000..86af87ad
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasAuthenticationModulImplTest.java
@@ -0,0 +1,121 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.core.io.ResourceLoader;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.ModuleRegistration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class EidasAuthenticationModulImplTest {
+
+  @Autowired ModuleRegistration moduleReg; 
+  @Autowired ResourceLoader loader;
+  
+  private final ExecutionContext executionContext = new ExecutionContextImpl();
+  private DummySpConfiguration oaParam;
+  private TestRequestImpl pendingReq;
+  private EidasAuthenticationModulImpl authProcess = new EidasAuthenticationModulImpl();
+
+  /**
+   * jUnit class initializer.
+   * 
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+    final String current = new java.io.File(".").toURI().toString();
+    System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+  }
+  
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void initialize() {
+    Map<String, String> configMap = new HashMap<String, String>();
+    configMap.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "http://test.com/test");    
+    IConfiguration basicConfig = new DummyConfiguration();
+    oaParam = new DummySpConfiguration(configMap, basicConfig);
+    pendingReq = new TestRequestImpl();    
+    pendingReq.setSpConfig(oaParam);
+  }
+
+  @Test
+  public void checkProcessDefinition() {
+    Assert.assertNotNull("AuthModule is null", authProcess);
+    Assert.assertNotNull("AuthModule process is null", authProcess.getProcessDefinitions());
+    
+    for (String el : authProcess.getProcessDefinitions()) {
+      Resource res = loader.getResource(el);
+      Assert.assertTrue("AuthProcess description not extist", res.exists());
+      
+    }    
+  }
+  
+  @Test
+  public void countrySelected() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, RandomStringUtils.randomAlphanumeric(2));    
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNotNull("Process is null", result);
+    Assert.assertEquals("Process Id not match", "eIDASAuthentication_v2", result);
+
+  }
+  
+  @Test
+  public void noCountryValid() throws Exception {
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);
+    
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+  @Test
+  public void selectCountryWrongType() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, 1);
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+  @Test
+  public void selectCountryEmpty() throws Exception {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "");
+    final String result =
+        moduleReg.selectProcess(executionContext, pendingReq);   
+    Assert.assertNull("Select wrong process", result);
+
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
new file mode 100644
index 00000000..1051bd9f
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasDataStoreTest.java
@@ -0,0 +1,118 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH AT-specific eIDAS Connector has been developed
+ * in a cooperation between EGIZ, A-SIT Plus GmbH, A-SIT, and Graz University of
+ * Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License. You may
+ * obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis, WITHOUT
+ * WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
+ * License for the specific language governing permissions and limitations under
+ * the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses. The "NOTICE" text file
+ * is part of the distribution. Any derivative works that you distribute must
+ * include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+//import java.security.MessageDigest;
+//
+//import org.apache.commons.lang3.StringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.beans.factory.annotation.Autowired;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//import org.springframework.util.Base64Utils;
+//
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SQLiteServiceException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.eIDASAuthenticationException;
+//import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.eIDASResponseUtils;
+//import at.gv.egiz.eaaf.core.impl.data.Trible;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration("/SpringTest-context_basic_test.xml")
+//public class EidasDataStoreTest {
+//
+//  @Autowired
+//  private EidasDataStore dataStore;
+//
+//  private static final String P1_TRANSID = "123456789";
+//  private static final String P1_eIDASID =
+//      "DE/AT/121asdf1as5f1as6f1asd2f1asdf1asdf1asd23f1asdf1asdf4sd7fsdf1asdf1asd2f1asd56f7asdf4asdfasdf1";
+//
+//  private static final String P2_TRANSID = "987654321";
+//  private static final String P2_eIDASID =
+//      "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+//
+//  @Test
+//  public void dummyTest() {
+//
+//  }
+//
+//  @Test
+//  public void insertTestOne() throws SQLiteServiceException, eIDASAuthenticationException {
+//    Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P1_eIDASID);
+//    String ernbId = createHashFromUniqueId(eidasId.getThird());
+//    dataStore.storeNationalId(
+//        P1_TRANSID,
+//        eidasId,
+//        ernbId);
+//
+//    if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+//        && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+//      throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//    
+//    }
+//
+//    if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+//        && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+//      throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+//    }
+//
+//  }
+//
+//  @Test
+//  public void insertTestTwo() throws SQLiteServiceException, eIDASAuthenticationException {
+//    Trible<String, String, String> eidasId = eIDASResponseUtils.parseEidasPersonalIdentifier(P2_eIDASID);
+//    String ernbId = createHashFromUniqueId(eidasId.getThird());
+//    dataStore.storeNationalId(
+//        P2_TRANSID,
+//        eidasId,
+//        ernbId);
+//
+//    if (StringUtils.isEmpty(dataStore.getEidasRawNationalId(ernbId)) {
+//        && dataStore.getEidasRawNationalId(ernbId).equals(eidasId.getThird()))
+//      throw new SQLiteServiceException("No eIDAS RAW Id in SQLite DB", null);
+//    
+//    }
+//
+//    if (StringUtils.isEmpty(dataStore.getErnbNationalId(eidasId)) {
+//        && dataStore.getErnbNationalId(eidasId).equals(ernbId))
+//      throw new SQLiteServiceException("No ERnB Id in SQLite DB", null);
+//    
+//    }
+//
+//  }
+//
+//  private String createHashFromUniqueId(String uniqueId) throws eIDASAuthenticationException {
+//    try {
+//      MessageDigest md = MessageDigest.getInstance("SHA-256");
+//      byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+//      String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+//      return hashBase64;
+//
+//    } catch (Exception ex) {
+//      throw new eIDASAuthenticationException("internal.03", new Object[] {}, ex);
+//
+//    }
+//  }
+//}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
new file mode 100644
index 00000000..0d9d4fb8
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -0,0 +1,244 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.io.IOException;
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.Base64;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummyProtocolAuthService;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.EidasParameterKeys;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse.Builder;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@EnableWebMvc
+public class EidasSignalServletTest {
+
+  @Autowired private MsConnectorDummyConfigMap basicConfig;
+  @Autowired private EidasSignalServlet controller;
+  @Autowired private IRequestStorage storage;
+  @Autowired private ITransactionStorage transStore;
+  @Autowired private DummyProtocolAuthService protAuthService;
+  @Autowired private DummySpecificCommunicationService connector;
+  
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+   
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+   
+    connector.setiLightResponse(null);
+    
+    
+  }
+  
+  @Test
+  public void noResponsToken() throws IOException, EaafException {
+    //set-up
+         
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void unknownResponseToken() throws IOException, EaafException {
+    //set-up
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        RandomStringUtils.randomAlphanumeric(10));
+         
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withRelayState() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String relayState = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(relayState);
+    storage.storePendingRequest(pendingReq);
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .relayState(relayState);
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("wrong eIDAS response", eidasResp, 
+        httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    
+    Assert.assertNotNull("missing error", protAuthService.getException());    
+    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withOutRelayStateMissingPendingReq() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(pendingReqId);
+    storage.storePendingRequest(pendingReq);
+    
+    String inResponseTo = "_".concat(Random.nextHexRandom16());
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo(inResponseTo)
+        .subjectNameIdFormat("afaf");
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertNotNull("missing error", protAuthService.getException());
+    Assert.assertEquals("Wrong errorId", "auth.26", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+  @Test
+  public void withInResponseToElement() throws IOException, EaafException, SpecificCommunicationException {
+    //set-up                 
+    String pendingReqId = RandomStringUtils.randomAlphanumeric(10);    
+    pendingReq.setPendingReqId(pendingReqId);
+    storage.storePendingRequest(pendingReq);
+            
+    String inResponseTo = "_".concat(Random.nextHexRandom16());
+    transStore.put(inResponseTo, pendingReqId, -1);
+    
+    Builder iLightResponse = new AuthenticationResponse.Builder();
+    iLightResponse.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo(inResponseTo)
+        .subjectNameIdFormat("afaf");
+     
+    AuthenticationResponse eidasResp = iLightResponse.build();
+    BinaryLightToken token = connector.putResponse(eidasResp);    
+    httpReq.setParameter(EidasParameterKeys.TOKEN.toString(), 
+        Base64.getEncoder().encodeToString(token.getTokenBytes()));
+
+    
+    //execute test
+    controller.restoreEidasAuthProcess(httpReq, httpResp);
+       
+    
+    //validate state
+    Assert.assertNotNull("eIDAS response", httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("wrong eIDAS response", eidasResp, 
+        httpReq.getAttribute(Constants.DATA_FULL_EIDAS_RESPONSE));
+    
+    Assert.assertNotNull("missing error", protAuthService.getException());    
+    Assert.assertEquals("Wrong errorId", "PendingRequest object is not of type 'RequestImpl.class'", 
+        ((EaafException) protAuthService.getException()).getErrorId());
+    
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
new file mode 100644
index 00000000..4d9ae035
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTest.java
@@ -0,0 +1,439 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.ArgumentMatchers.anyList;
+import static org.mockito.Mockito.when;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+import java.util.List;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.binding.soap.SoapFault;
+import org.joda.time.DateTime;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.JsonMappingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.utils.DomUtils;
+import szrservices.GetBPKFromStammzahlEncryptedResponse;
+import szrservices.GetBPKFromStammzahlEncryptedResponseType;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+import szrservices.SignContentEntry;
+import szrservices.SignContentResponse;
+import szrservices.SignContentResponseType;
+import szrservices.TravelDocumentType;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class SzrClientTest {
+  private static final Logger log = LoggerFactory.getLogger(SzrClientTest.class);
+
+  @Autowired SzrClient szrClient;
+  @Autowired MsConnectorDummyConfigMap basicConfig;
+
+  private static ObjectMapper mapper = new ObjectMapper();
+  
+  private static final String givenName = "Franz";
+  private static final String familyName = "Mustermann";
+  private static final String dateOfBirth = "1989-05-05";
+  private static final String eIDASeID = "IS/AT/1234sdgsdfg56789ABCDEF";
+  private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+  private SZR szrMock = null;
+  ErnbEidData eidData = null;
+
+  @Rule
+  public SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * Initialize jUnit test.
+   */
+  @Before
+  public void initializer() {
+    if (szrMock == null) {
+      szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+
+    }
+    
+    eidData = new ErnbEidData();
+    eidData.setFamilyName(familyName);
+    eidData.setGivenName(givenName);
+    eidData.setDateOfBirth(new DateTime());
+    eidData.setCitizenCountryCode("IS");
+    eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "false");
+      
+  }
+
+  
+  
+
+  @Test
+  public void getStammzahlenEcryptedTest() throws JAXBException, SZRException_Exception, SzrCommunicationException {
+    final GetBPKFromStammzahlEncryptedResponse szrResponse = new GetBPKFromStammzahlEncryptedResponse();
+    final GetBPKFromStammzahlEncryptedResponseType result1 = new GetBPKFromStammzahlEncryptedResponseType();
+    szrResponse.getOut().add(result1);
+
+    result1.setKey(RandomStringUtils.randomAlphanumeric(20));
+
+    //    when(szrMock.getBPKFromStammzahlEncrypted(anyList()))
+    //        .thenReturn(Arrays.asList(result1));
+    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(result1.getKey());
+
+    String stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
+
+    Assert.assertEquals("bcBind not match", result1.getKey(), stammzahlEncrypted);
+
+    when(szrMock.getStammzahlEncrypted(any(), any())).thenReturn(null);
+    try {
+      stammzahlEncrypted = szrClient.getEncryptedStammzahl(new PersonInfoType());
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+    }
+  }
+
+  @Test
+  public void getEidasBindRealSzrResponse() throws SZRException_Exception, SzrCommunicationException, IOException {
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(IOUtils.toString(SzrClient.class.getResourceAsStream("/data/szr/signed_eidasBind.jws")));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+    
+  }
+
+  @Test
+  public void eidasBindNull() throws SZRException_Exception {
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(null);
+    
+    try {      
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }    
+  }
+  
+  @Test
+  public void eidasBindInvalidResponse() throws SZRException_Exception {
+    final SignContentEntry result2 = new SignContentEntry();
+    final SignContentResponseType content1 = new SignContentResponseType();
+    content1.getOut().add(result2);
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+    
+    try {
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }
+  }
+  
+  public void eidasBindEmptyResponse() throws SZRException_Exception {
+    final SignContentEntry result2 = new SignContentEntry();
+    final SignContentResponseType content1 = new SignContentResponseType();
+    content1.getOut().add(result2);
+    result2.setKey("bcBindReq");
+    result2.setValue("");
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content1);
+    
+    try {
+      szrClient
+          .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                     RandomStringUtils.randomAlphabetic(10), eidData);
+    } catch (SzrCommunicationException e) {
+      Assert.assertTrue("Not correct error", e.getMessage().contains("ernb.01"));
+      
+    }    
+  }
+  
+  @Test
+  public void eidasBindValid() throws SZRException_Exception, SzrCommunicationException, JsonMappingException, 
+      JsonProcessingException, JoseException {
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+       
+  }
+
+  @Test
+  public void eidasBindValidWithMds() throws SZRException_Exception, SzrCommunicationException, JoseException, 
+      JsonMappingException, JsonProcessingException {
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.eidasbind.mds.inject", "true");
+    
+    final SignContentResponse szrResponse = new SignContentResponse();
+    final SignContentEntry result1 = new SignContentEntry();
+    final SignContentResponseType content = new SignContentResponseType();
+    content.getOut().add(result1);
+    szrResponse.setSignContentResponse(content);
+
+    result1.setKey("bcBindReq");
+    result1.setValue(RandomStringUtils.randomAlphanumeric(100));
+
+    when(szrMock.signContent(any(), anyList(), anyList())).thenReturn(content);
+
+    final String bcBind = szrClient
+        .getEidsaBind(RandomStringUtils.randomAlphabetic(10), RandomStringUtils.randomAlphabetic(10),
+                   RandomStringUtils.randomAlphabetic(10), eidData);
+
+    Assert.assertNotNull("bcBind is null", bcBind);
+    Assert.assertEquals("bcBind not match", result1.getValue(), bcBind);
+
+  }
+  
+  @Test
+  public void getIdentityLinkRawModeValidResponse()
+      throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
+      EidasSAuthenticationException, JAXBException {
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+
+    try {
+      log.debug("Starting connecting SZR Gateway");
+      final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(getPersonInfo());
+
+      Assert.assertNotNull(result);
+      Assert.assertNotNull(result.getAssertion());
+
+      final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser((Element) result.getAssertion())
+          .parseIdentityLink();
+      Assert.assertNotNull(identityLink);
+
+      System.out.println(identityLink.getSerializedSamlAssertion());
+
+      checkElement("Mustermann", identityLink.getFamilyName());
+      checkElement("Hans", identityLink.getGivenName());
+      checkElement("1989-05-05", identityLink.getDateOfBirth());
+      checkElement("urn:publicid:gv.at:baseid", identityLink.getIdentificationType());
+      checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", identityLink.getIdentificationValue());
+      Assert.assertNotNull(identityLink.getSerializedSamlAssertion());
+      Assert.assertNotNull(identityLink.getSamlAssertion());
+
+    } catch (final SzrCommunicationException e) {
+      Assert.fail();
+
+    }
+
+  }
+
+  @Test
+  public void getIdentityLinkRawModeErrorTravelerDocExists()
+      throws SZRException_Exception, EaafParserException, NoSuchProviderException, IOException, InvalidKeyException,
+      EidasSAuthenticationException, JAXBException, ParserConfigurationException, SAXException {
+    setSzrExceptionIdentityLink("/data/szr/szr_resp_error_travelerdocexists.xml");
+
+    try {
+      log.debug("Starting connecting SZR Gateway");
+      szrClient.getIdentityLinkInRawMode(getPersonInfo());
+      Assert.fail();
+
+    } catch (final SzrCommunicationException e) {
+      checkElement("ernb.02", e.getErrorId());
+      Assert.assertNotNull(e.getCause());
+      org.springframework.util.Assert.isInstanceOf(SOAPFaultException.class, e.getCause());
+      Assert.assertNotNull(((SOAPFaultException) e.getCause()).getFault());
+      checkElement("p344:F455", ((SOAPFaultException) e.getCause()).getFault().getFaultCode());
+      checkElement(
+          "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
+          ((SOAPFaultException) e.getCause()).getFault().getFaultString());
+
+    }
+
+  }
+
+  @Ignore
+  @Test
+  public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+    final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET, basicConfig
+        .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ, "no VKZ defined"));
+
+    if (bPK.isEmpty()) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
+    }
+    for (final String b : bPK) {
+      if (StringUtils.isEmpty(b)) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
+      }
+    }
+
+  }
+
+  private void checkElement(String expected, String value) {
+    Assert.assertNotNull(value);
+    Assert.assertEquals(expected, value);
+
+  }
+
+  private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+    final JAXBContext jaxbContext = JAXBContext
+        .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+                     org.w3._2000._09.xmldsig.ObjectFactory.class,
+                     at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+    final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+    final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+        .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+    when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+  }
+
+  private void setSzrExceptionIdentityLink(String responseXmlPath)
+      throws JAXBException, ParserConfigurationException, SAXException, IOException, SZRException_Exception {
+    final Element detailerror = DomUtils.parseXmlNonValidating(this.getClass().getResourceAsStream(responseXmlPath));
+    final javax.xml.namespace.QName qName = new javax.xml.namespace.QName("urn:SZRServices", "F455", "p344");
+    final SoapFault fault = new SoapFault(
+        "The travel document you sent to insert a person already exists for another person. " + "Either check the document or have the person altered accordingly",
+        qName);
+    fault.setRole("urn:SZRServices");
+    fault.setDetail(detailerror);
+    when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenThrow(fault);
+
+  }
+
+  private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+    try {
+      final MessageDigest md = MessageDigest.getInstance("SHA-256");
+      final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+      final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+      return hashBase64;
+
+    } catch (final Exception ex) {
+      throw new EidasSAuthenticationException("internal.03", new Object[]{}, ex);
+
+    }
+  }
+
+  private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    final TravelDocumentType eDocument = new TravelDocumentType();
+
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    personInfo.setTravelDocument(eDocument);
+
+    // parse some eID attributes
+    final Triple<String, String, String> eIdentifier = EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+    final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+    final String citizenCountry = eIdentifier.getFirst();
+
+    // person information
+    personName.setFamilyName(familyName);
+    personName.setGivenName(givenName);
+    naturalPerson.setDateOfBirth(dateOfBirth);
+    eDocument.setIssuingCountry(citizenCountry);
+    eDocument.setDocumentNumber(uniqueId);
+
+    // eID document information
+    eDocument.setDocumentType(basicConfig
+                                  .getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+                                                         Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+    return personInfo;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
new file mode 100644
index 00000000..1e7ff369
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/SzrClientTestProduction.java
@@ -0,0 +1,236 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.MessageDigest;
+import java.security.NoSuchProviderException;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.bouncycastle.util.encoders.Base64;
+import org.joda.time.DateTime;
+import org.junit.Assert;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Base64Utils;
+import org.w3c.dom.Element;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.gv.e_government.reference.namespace.persondata._20020228.PersonNameType;
+import at.gv.e_government.reference.namespace.persondata._20020228.PhysicalPersonType;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EaafParserException;
+import at.gv.egiz.eaaf.core.impl.data.Triple;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import szrservices.IdentityLinkType;
+import szrservices.PersonInfoType;
+import szrservices.SZRException_Exception;
+import szrservices.TravelDocumentType;
+
+
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {
+    //"classpath:/application.properties",
+    "file:/home/tlenz/Projekte/config/ms_connector/default_config.properties",
+    })
+public class SzrClientTestProduction {
+  private static final Logger log = LoggerFactory.getLogger(SzrClientTestProduction.class);
+
+  @Autowired
+  SzrClient szrClient;
+  @Autowired
+  IConfiguration basicConfig;
+
+  private static final String givenName = "Franz";
+  private static final String familyName = "Mustermann";
+  // private static final String dateOfBirth = "1989-05-05";
+  private static final String dateOfBirth = "1989-05-04";
+  private static final String eIDASeID = "IS/AT/1234ffgsdfg56789ABCDEF";
+
+  private static final String DUMMY_TARGET = EaafConstants.URN_PREFIX_CDID + "ZP";
+
+  @Test
+  public void dummyTest() {
+
+  }
+
+  @Test
+  public void getVsz() throws SzrCommunicationException, EidasSAuthenticationException {    
+    String vsz = szrClient.getEncryptedStammzahl(getPersonInfo());   
+    Assert.assertNotNull("vsz", vsz);
+        
+  }
+
+  @Test
+  public void getEidasBind() throws SzrCommunicationException, EidasSAuthenticationException {    
+    String vsz = RandomStringUtils.randomAlphanumeric(10);
+    String bindingPubKey = Base64.toBase64String(RandomStringUtils.random(20).getBytes());
+    String eidStatus = "urn:eidgvat:eid.status.eidas";
+    ErnbEidData eidData = new ErnbEidData();
+    eidData.setFamilyName(familyName);
+    eidData.setGivenName(givenName);
+    eidData.setDateOfBirth(new DateTime());
+    eidData.setCitizenCountryCode("IS");
+    eidData.setPseudonym("1234sdgsdfg56789ABCDEF");
+    
+    
+    String eidasBind = szrClient.getEidsaBind(vsz, bindingPubKey, eidStatus, eidData);   
+    
+    Assert.assertNotNull("eidasBind", eidasBind);
+        
+  }
+  
+  
+  @Test
+  public void getIdentityLinkRawMode() throws SZRException_Exception, EaafParserException,
+      NoSuchProviderException, IOException, InvalidKeyException, EidasSAuthenticationException {
+    log.debug("Starting connecting SZR Gateway");
+    final IdentityLinkType result = szrClient.getIdentityLinkInRawMode(
+        getPersonInfo());
+
+    final Element idlFromSzr = (Element) result.getAssertion();
+    final IIdentityLink identityLink = new SimpleIdentityLinkAssertionParser(idlFromSzr).parseIdentityLink();
+
+    if (identityLink == null) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO IDL object" });
+    }
+
+    System.out.println(identityLink.getSerializedSamlAssertion());
+
+    if (StringUtils.isEmpty(identityLink.getFamilyName())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO FamilyName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getGivenName())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO GivenName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getDateOfBirth())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO DateOfBirthName from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getIdentificationType())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseIdType from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getIdentificationValue())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO baseId from IDL" });
+    }
+
+    if (StringUtils.isEmpty(identityLink.getSerializedSamlAssertion())) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO serialized IDL" });
+    }
+
+    if (identityLink.getSamlAssertion() == null) {
+      throw new SzrCommunicationException("ernb.00", new Object[] { "NO raw IDL" });
+    }
+
+  }
+
+
+  @Ignore
+  @Test
+  public void getBpkTest() throws SZRException_Exception, EidasSAuthenticationException {
+    final List<String> bPK = szrClient.getBpk(getPersonInfo(), DUMMY_TARGET,
+        basicConfig.getBasicConfiguration(
+            Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_VKZ,
+            "no VKZ defined"));
+
+    if (bPK.isEmpty()) {
+      throw new SzrCommunicationException("ernb.01", new Object[]{"bPK list is empty"});
+    }
+    for (String b : bPK) {
+      if (StringUtils.isEmpty(b)) {
+        throw new SzrCommunicationException("ernb.01", new Object[]{"bPK is null or empty"});
+      }
+    }
+
+  }
+
+  private String createHashFromUniqueId(String uniqueId) throws EidasSAuthenticationException {
+    try {
+      final MessageDigest md = MessageDigest.getInstance("SHA-256");
+      final byte[] hash = md.digest(uniqueId.getBytes("UTF-8"));
+      final String hashBase64 = new String(Base64Utils.encode(hash), "UTF-8").replaceAll("\r\n", "");
+      return hashBase64;
+
+    } catch (final Exception ex) {
+      throw new EidasSAuthenticationException("internal.03", new Object[] {}, ex);
+
+    }
+  }
+
+  private PersonInfoType getPersonInfo() throws EidasSAuthenticationException {
+    final PersonInfoType personInfo = new PersonInfoType();
+    final PersonNameType personName = new PersonNameType();
+    final PhysicalPersonType naturalPerson = new PhysicalPersonType();
+    final TravelDocumentType eDocument = new TravelDocumentType();
+
+    naturalPerson.setName(personName);
+    personInfo.setPerson(naturalPerson);
+    personInfo.setTravelDocument(eDocument);
+
+    // parse some eID attributes
+    final Triple<String, String, String> eIdentifier =
+        EidasResponseUtils.parseEidasPersonalIdentifier(eIDASeID);
+    final String uniqueId = createHashFromUniqueId(eIdentifier.getThird());
+    final String citizenCountry = eIdentifier.getFirst();
+
+    // person information
+    personName.setFamilyName(familyName);
+    personName.setGivenName(givenName);
+    naturalPerson.setDateOfBirth(dateOfBirth);
+    eDocument.setIssuingCountry(citizenCountry);
+    eDocument.setDocumentNumber(uniqueId);
+
+    // eID document information
+    eDocument.setDocumentType(basicConfig.getBasicConfiguration(
+        Constants.CONIG_PROPS_EIDAS_SZRCLIENT_PARAMS_EDOCUMENTTYPE,
+        Constants.SZR_CONSTANTS_DEFAULT_DOCUMENT_TYPE));
+
+    return personInfo;
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
new file mode 100644
index 00000000..78294047
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
@@ -0,0 +1,66 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
+
+import java.util.Collection;
+
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
+import lombok.Setter;
+
+public class DummySpecificCommunicationService implements SpecificCommunicationService {
+
+  private ILightRequest lightRequest;
+  private ILightResponse lightResponse;
+
+  @Setter
+  private SpecificCommunicationException error;
+  
+  @Override
+  public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException {
+    this.lightRequest = lightRequest;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    if (error != null) {
+      throw error;
+      
+    }
+    return lightRequest;
+  }
+
+  @Override
+  public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException {
+    this.lightResponse = lightResponse;
+    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
+  }
+
+  @Override
+  public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
+      throws SpecificCommunicationException {
+    return lightResponse;
+  }
+
+  public ILightRequest getiLightRequest() {
+    return lightRequest;
+  }
+
+  public void setiLightRequest(ILightRequest lightReques) {
+    this.lightRequest = lightReques;
+  }
+
+  public ILightResponse getiLightResponse() {
+    return lightResponse;
+  }
+
+  public void setiLightResponse(ILightResponse lightResponse) {
+    this.lightResponse = lightResponse;
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
new file mode 100644
index 00000000..e1a29137
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -0,0 +1,491 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.times;
+import static org.mockito.Mockito.verify;
+import static org.powermock.api.mockito.PowerMockito.when;
+
+import java.net.URISyntaxException;
+import java.security.KeyStore;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.mockito.ArgumentCaptor;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.JwsHeaderParam;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SignContentEntry;
+import szrservices.SignContentResponseType;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskEidNewTest {
+
+  @Autowired(required = true)
+  private CreateIdentityLinkTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+
+  @Autowired
+  EaafKeyStoreFactory keyStoreFactory;
+
+  @Autowired
+  private IRequestStorage requestStorage;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private SZR szrMock;
+
+  private static final String PW = "f/+saJBc3a}*/T^s";
+  private static final String ALIAS = "connectorkeypair";
+
+  private static final List<String> BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(Arrays
+      .asList(AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+          AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512, AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+  private static ObjectMapper mapper = new ObjectMapper();
+  
+  private AuthenticationResponse response;
+  
+  @Rule
+  public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+    pendingReq = new TestRequestImpl();
+
+    response = buildDummyAuthResponse(false);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+
+    
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+    szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+  }
+
+  @Test
+  public void successfulProcessWithDeInfos() throws Exception {
+    //initialize test
+    response = buildDummyAuthResponse(true);
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+    
+    String vsz = RandomStringUtils.randomNumeric(10);
+    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+    val signContentResp = new SignContentResponseType();
+    final SignContentEntry signContentEntry = new SignContentEntry();
+    signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+    signContentResp.getOut().add(signContentEntry);
+    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNotNull("AuthBlock", authBlock);
+    
+    Assert.assertTrue("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    
+    // check authblock signature
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertFalse("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    
+    
+    // check vsz request
+    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);        
+    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+    
+    Boolean param5 = argument5.getValue();
+    Assert.assertTrue("insertERnP flag", param5);    
+    PersonInfoType person = argument4.getValue();
+    Assert.assertEquals("FamilyName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), 
+        person.getPerson().getName().getFamilyName());
+    Assert.assertEquals("GivenName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), 
+        person.getPerson().getName().getGivenName());
+    Assert.assertEquals("DateOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+            .toString().split("T")[0], 
+        person.getPerson().getDateOfBirth());
+    
+    Assert.assertEquals("PlaceOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PlaceOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PlaceOfBirth").iterator().next()), 
+        person.getPerson().getPlaceOfBirth());    
+    Assert.assertEquals("BirthName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("BirthName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("BirthName").iterator().next()), 
+        person.getPerson().getAlternativeName().getFamilyName());
+    
+    Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+    Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+    
+    Assert.assertEquals("Identifier", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+            .toString().split("/")[2], 
+        person.getTravelDocument().getDocumentNumber());
+           
+    // check bcBind singing request
+    ArgumentCaptor<Boolean> argument1 = ArgumentCaptor.forClass(Boolean.class);
+    ArgumentCaptor<List<JwsHeaderParam>> argument2 = ArgumentCaptor.forClass(List.class);
+    ArgumentCaptor<List<SignContentEntry>> argument3 = ArgumentCaptor.forClass(List.class);
+    verify(szrMock, times(1)).signContent(argument1.capture(), argument2.capture(), argument3.capture());
+    Boolean param1 = argument1.getValue();
+    Assert.assertFalse("addCert flag", param1);
+    
+    List<JwsHeaderParam> param2 = argument2.getValue();
+    Assert.assertNotNull("JWS Headers", param2); 
+    Assert.assertFalse("JWS Headers empty", param2.isEmpty());
+    Assert.assertEquals("Wrong JWS header size", 1, param2.size());
+    Assert.assertEquals("Missing JWS header key", "urn:at.gv.eid:bindtype", param2.get(0).getKey());
+    Assert.assertEquals("Missing JWS header value", "urn:at.gv.eid:eidasBind", param2.get(0).getValue());
+    
+    List<SignContentEntry> param3 = argument3.getValue();
+    Assert.assertNotNull("sign Payload", param3);
+    Assert.assertEquals("wrong sign-payload size", 1, param3.size());    
+    Assert.assertNotNull("payload", param3.get(0).getValue().getBytes());    
+    JsonNode bcBind = mapper.readTree(param3.get(0).getValue().getBytes());
+    Assert.assertNotNull("bcbind req", bcBind);
+    
+    Assert.assertEquals("vsz", vsz, bcBind.get("urn:eidgvat:attributes.vsz.value").asText());
+    Assert.assertEquals("eid status", "urn:eidgvat:eid.status.eidas", 
+        bcBind.get("urn:eidgvat:attributes.eid.status").asText());
+    Assert.assertTrue("pubKeys", bcBind.has("urn:eidgvat:attributes.user.pubkeys"));
+    Assert.assertTrue("pubKeys", bcBind.get("urn:eidgvat:attributes.user.pubkeys").isArray());    
+    Iterator<JsonNode> pubKeys = bcBind.get("urn:eidgvat:attributes.user.pubkeys").elements();
+    Assert.assertTrue("No PubKey", pubKeys.hasNext());
+    Assert.assertEquals("Wrong pubKey", 
+        "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmxcB5jnrAwGn7xjgVFv1UBUv1pluwDRFQx7x5O6rSn7pblYfwaWeKa8y"
+        + "jS5BDDaZ00mhhnSlm2XByNrkg5yBGetTgBGtQVAxV5apfuAWN8TS3uSXgdZol7Khd6kraUITtnulvLe8tNaboom5P0zN6UxbJN"
+        + "NVLishVp80HiRXiDbplCTUk8b5cYtmivdb0+5JBTa7L5N/anRVnHHoJCXgNPTouO8daUHZbG1mPk0HgqD8rhZ+OBzE+APKH9No"
+        + "agedSrGRDLdIgZxkrg0mxmfsZQIi2wdJSi3y0PAjEps/s4j0nmw9bPRgCMNLBqqjxtN5JKC8E1yyLm7YefXv/nPaMwIDAQAB", 
+        pubKeys.next().asText());
+    Assert.assertFalse("More than one PubKey", pubKeys.hasNext());
+    
+  }
+
+  @Test
+  public void successfulProcessWithStandardInfos() throws Exception {
+    //initialize test    
+    String vsz = RandomStringUtils.randomNumeric(10);
+    when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(vsz);
+    val signContentResp = new SignContentResponseType();
+    final SignContentEntry signContentEntry = new SignContentEntry();
+    signContentEntry.setValue(RandomStringUtils.randomAlphanumeric(10));
+    signContentResp.getOut().add(signContentEntry);
+    when(szrMock, "signContent", any(), any(), any()).thenReturn(signContentResp);
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    String bindingPubKey = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.EID_BINDING_PUBLIC_KEY_NAME, bindingPubKey);
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNotNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    // check authblock signature
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNotNull("AuthBlock", authBlock);
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.toArray(new String[BINDING_AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    Pair<KeyStore, Provider> keyStore = getKeyStore();
+    X509Certificate[] trustedCerts = EaafKeyStoreUtils
+        .getPrivateKeyAndCertificates(keyStore.getFirst(), ALIAS, PW.toCharArray(), true, "junit").getSecond();
+    JwsResult result = JoseUtils.validateSignature(authBlock, Arrays.asList(trustedCerts), constraints);
+    Assert.assertTrue("AuthBlock not valid", result.isValid());        
+    JsonNode authBlockJson = mapper.readTree(result.getPayLoad());    
+    Assert.assertNotNull("deserialized AuthBlock", authBlockJson);
+    
+    Assert.assertNotNull("no piiTransactionId in pendingRequesdt", 
+        storedPendingReq.getUniquePiiTransactionIdentifier());
+    Assert.assertEquals("piiTransactionId", storedPendingReq.getUniquePiiTransactionIdentifier(), 
+        authBlockJson.get("piiTransactionId").asText());
+    Assert.assertEquals("appId", randomTestSp, authBlockJson.get("appId").asText());    
+    Assert.assertFalse("'challenge' is null", authBlockJson.get("challenge").asText().isEmpty());
+    Assert.assertFalse("'timestamp' is null", authBlockJson.get("timestamp").asText().isEmpty());
+    Assert.assertTrue("binding pubKey", authBlockJson.has("bindingPublicKey"));
+    Assert.assertEquals("binding PubKey", bindingPubKey, authBlockJson.get("bindingPublicKey").asText());
+    
+    Assert.assertTrue("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+      
+    // check vsz request
+    ArgumentCaptor<PersonInfoType> argument4 = ArgumentCaptor.forClass(PersonInfoType.class);
+    ArgumentCaptor<Boolean> argument5 = ArgumentCaptor.forClass(Boolean.class);        
+    verify(szrMock, times(1)).getStammzahlEncrypted(argument4.capture(), argument5.capture());
+    
+    Boolean param5 = argument5.getValue();
+    Assert.assertTrue("insertERnP flag", param5);    
+    PersonInfoType person = argument4.getValue();
+    Assert.assertEquals("FamilyName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FamilyName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FamilyName").iterator().next()), 
+        person.getPerson().getName().getFamilyName());
+    Assert.assertEquals("GivenName", 
+        response.getAttributes().getAttributeValuesByFriendlyName("FirstName").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("FirstName").iterator().next()), 
+        person.getPerson().getName().getGivenName());
+    Assert.assertEquals("DateOfBirth", 
+        response.getAttributes().getAttributeValuesByFriendlyName("DateOfBirth").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("DateOfBirth").iterator().next())
+            .toString().split("T")[0], 
+        person.getPerson().getDateOfBirth());
+    
+    Assert.assertNull("PlaceOfBirth", person.getPerson().getPlaceOfBirth());     
+    Assert.assertNull("BirthName", person.getPerson().getAlternativeName());
+    
+    Assert.assertEquals("CitizenCountry", "LU", person.getTravelDocument().getIssuingCountry());
+    Assert.assertEquals("DocumentType", "ELEKTR_DOKUMENT", person.getTravelDocument().getDocumentType());
+    
+    Assert.assertEquals("Identifier", 
+        response.getAttributes().getAttributeValuesByFriendlyName("PersonIdentifier").getFirstValue(
+            response.getAttributes().getDefinitionsByFriendlyName("PersonIdentifier").iterator().next())
+            .toString().split("/")[2], 
+        person.getTravelDocument().getDocumentNumber());
+           
+   
+  }
+  
+  @Test
+  public void getStammzahlEncryptedExceptionTest() throws Exception {
+    try {
+      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(null);
+      task.execute(pendingReq, executionContext);
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+          "IdentityLink generation for foreign person " + "FAILED.");
+      Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+          "ernb.01");
+      Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("Stammzahl response empty"));
+    }
+  }
+
+  @Test
+  public void signContentExceptionTest() throws Exception {
+    try {
+      when(szrMock, "getStammzahlEncrypted", any(), any()).thenReturn(RandomStringUtils.randomNumeric(10));
+      when(szrMock, "signContent", any(), any(), any()).thenReturn(null);
+      task.execute(pendingReq, executionContext);
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("Incorrect exception thrown", e.getMessage(),
+          "IdentityLink generation for foreign person " + "FAILED.");
+      Assert.assertEquals("Incorrect exception thrown", ((SzrCommunicationException) e.getCause()).getErrorId(),
+          "ernb.01");
+      Assert.assertTrue("Incorrect exception thrown", e.getCause().getMessage().contains("BcBind response empty"));
+    }
+  }
+
+  private Pair<KeyStore, Provider> getKeyStore() throws EaafException {
+    // read Connector wide config data TODO connector wide!
+    String keyStoreName = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_NAME);
+    String keyStorePw = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PASSWORD);
+    String keyStorePath = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_PATH);
+    String keyStoreType = basicConfig.getBasicConfiguration(MsEidasNodeConstants.PROP_CONFIG_AUTHBLOCK_KEYSTORE_TYPE);
+
+
+    //build new KeyStore configuration
+    KeyStoreConfiguration keyStoreConfiguration = new KeyStoreConfiguration();
+    keyStoreConfiguration.setFriendlyName("jUnit test");
+
+    keyStoreConfiguration.setSoftKeyStoreFilePath(keyStorePath);
+    keyStoreConfiguration.setSoftKeyStorePassword(keyStorePw);
+    keyStoreConfiguration.setKeyStoreType(KeyStoreConfiguration.KeyStoreType.fromString(keyStoreType));
+    keyStoreConfiguration.setKeyStoreName(keyStoreName);
+
+    //build new KeyStore based on configuration
+    return keyStoreFactory.buildNewKeyStore(keyStoreConfiguration);
+
+  }
+
+  @NotNull
+  private AuthenticationResponse buildDummyAuthResponse(boolean withAll) throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+    final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
+    final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_BIRTHNAME).first();
+   
+    final Builder attributeMap = ImmutableAttributeMap.builder();
+    attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
+    attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
+    attributeMap.put(attributeDef3, RandomStringUtils.randomAlphabetic(10));
+    attributeMap.put(attributeDef4, "2001-01-01");
+    if (withAll) {
+      attributeMap.put(attributeDef5, RandomStringUtils.randomAlphabetic(10));
+      attributeMap.put(attributeDef6, RandomStringUtils.randomAlphabetic(10));
+      
+    }
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+        .attributes(attributeMap.build())
+        .build();
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
new file mode 100644
index 00000000..d6485158
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -0,0 +1,464 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+import static org.mockito.ArgumentMatchers.any;
+
+import java.net.URISyntaxException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Unmarshaller;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import com.github.skjolber.mockito.soap.SoapServiceRule;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.data.PvpAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+import szrservices.GetBPK;
+import szrservices.GetBPKResponse;
+import szrservices.GetIdentityLinkEidasResponse;
+import szrservices.PersonInfoType;
+import szrservices.SZR;
+import szrservices.SZRException_Exception;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class CreateIdentityLinkTaskTest {
+
+  @Autowired(required = true)
+  private CreateIdentityLinkTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+
+  @Autowired
+  EaafKeyStoreFactory keyStoreFactory;
+
+  @Autowired
+  private IRequestStorage requestStorage;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private SZR szrMock;
+  
+  private AuthenticationResponse response;
+  private Map<String, String> spConfig;
+  
+  @Rule
+  public final SoapServiceRule soap = SoapServiceRule.newInstance();
+
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "false");
+    
+    spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "false");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+    pendingReq = new TestRequestImpl();
+
+    response = buildDummyAuthResponse();
+
+    pendingReq.getSessionData(AuthProcessDataWrapper.class)
+        .setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, response);
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "XX");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+    szrMock = soap.mock(SZR.class, "http://localhost:1234/demoszr");
+  }
+
+    
+  @Test
+  public void buildIdentityLink() throws Exception {
+    //initialize test   
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+     
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+    checkElement("Mustermann", authProcessData.getIdentityLink().getFamilyName());
+    checkElement("Hans", authProcessData.getIdentityLink().getGivenName());
+    checkElement("1989-05-05", authProcessData.getIdentityLink().getDateOfBirth());
+    checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+    checkElement("k+zDM1BVpN1WJO4x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSerializedSamlAssertion());
+    Assert.assertNotNull(authProcessData.getIdentityLink().getSamlAssertion());    
+   
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "XX:FkXtOaSSeR3elyL9KLLvijIYDMU=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithWbpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    spConfig.put("target", EaafConstants.URN_PREFIX_WBPK + "FN+123456i");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+   
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "FN+123456i:D26vJncPS2W790RH/LP04V+vNOQ=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithEidasBpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_2.xml");
+    spConfig.put("target", EaafConstants.URN_PREFIX_EIDAS + "AT+EU");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+   
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+    checkElement("Musterfrau", authProcessData.getIdentityLink().getFamilyName());
+    checkElement("Martina", authProcessData.getIdentityLink().getGivenName());
+    checkElement("1991-04-15", authProcessData.getIdentityLink().getDateOfBirth());
+    checkElement("urn:publicid:gv.at:baseid", authProcessData.getIdentityLink().getIdentificationType());
+    checkElement("k+zDM1BV1312312332x7ZQ3ng==", authProcessData.getIdentityLink().getIdentificationValue());
+    
+    Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    Assert.assertEquals("wrong bPK", "AT+EU:AT/EU/1+wqDl059/02Ptny0g+LyuLDJV0=", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+    
+  }
+  
+  @Test
+  public void buildIdentityLinkWithUnknownBpk() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("unknown bPKType not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "builder.33", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+
+    }      
+  }
+  
+  @Test
+  public void noBpkResult() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    GetBPKResponse getBpkResp = new GetBPKResponse();
+    org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+    
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("unknown bPKType not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "ernb.01", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      
+    }      
+  }
+  
+  @Test
+  public void bPKFromSzr() throws Exception {
+    //initialize test
+    setSzrResponseIdentityLink("/data/szr/szr_resp_valid_1.xml");
+    String bpk = RandomStringUtils.randomAlphanumeric(10);
+    GetBPKResponse getBpkResp = new GetBPKResponse();
+    getBpkResp.getGetBPKReturn().add(bpk);
+    org.mockito.Mockito.when(szrMock.getBPK(any(GetBPK.class))).thenReturn(getBpkResp );
+    
+    spConfig.put("target", "urn:notextis:1234");
+    
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.revisionlog.eidmapping.active", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation", "true");
+    
+    //execute test
+      task.execute(pendingReq, executionContext);
+     
+      
+      //validate state    
+      // check if pendingRequest was stored
+      IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+      Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+      
+      //check data in session
+      final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+      Assert.assertNotNull("AuthProcessData", authProcessData);
+      Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+      String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+      Assert.assertNull("AuthBlock", authBlock);
+      
+      Assert.assertFalse("EID process", authProcessData.isEidProcess());
+      Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+      Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+      Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+      Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+          authProcessData.getQaaLevel());
+      
+      Assert.assertNotNull("no bPK", authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+      Assert.assertEquals("wrong bPK", bpk, 
+          authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.BPK_NAME));
+  }
+  
+  @Test
+  public void buildDummyIdl() throws Exception {
+    //initialize test
+    String randomTestSp = RandomStringUtils.randomAlphabetic(10);
+    pendingReq.setRawDataToTransaction(MsEidasNodeConstants.DATA_REQUESTERID, randomTestSp);
+       
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "true");
+    
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+
+    
+    //validate state    
+    // check if pendingRequest was stored
+    IRequest storedPendingReq = requestStorage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedPendingReq);
+    
+    //check data in session
+    final AuthProcessDataWrapper authProcessData = storedPendingReq.getSessionData(AuthProcessDataWrapper.class);
+    Assert.assertNotNull("AuthProcessData", authProcessData);
+    Assert.assertNull("eidasBind", authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_EIDAS_BIND, String.class));
+
+    String authBlock = authProcessData.getGenericDataFromSession(MsEidasNodeConstants.AUTH_DATA_SZR_AUTHBLOCK, String.class);
+    Assert.assertNull("AuthBlock", authBlock);
+    
+    Assert.assertFalse("EID process", authProcessData.isEidProcess());
+    Assert.assertTrue("foreigner process", authProcessData.isForeigner());
+    Assert.assertEquals("EID-ISSUING_NATION", "LU", 
+        authProcessData.getGenericDataFromSession(PvpAttributeDefinitions.EID_ISSUING_NATION_NAME, String.class));
+    Assert.assertNotNull("LoA is null", authProcessData.getQaaLevel());
+    Assert.assertEquals("LoA", response.getLevelOfAssurance(), 
+        authProcessData.getQaaLevel());
+        
+    Assert.assertNotNull("IDL", authProcessData.getIdentityLink());
+        
+  }
+
+  private void setSzrResponseIdentityLink(String responseXmlPath) throws JAXBException, SZRException_Exception {
+    final JAXBContext jaxbContext = JAXBContext
+        .newInstance(szrservices.ObjectFactory.class, org.w3._2001._04.xmldsig_more.ObjectFactory.class,
+                     org.w3._2000._09.xmldsig.ObjectFactory.class,
+                     at.gv.e_government.reference.namespace.persondata._20020228.ObjectFactory.class);
+    final Unmarshaller jaxbUnmarshaller = jaxbContext.createUnmarshaller();
+    final GetIdentityLinkEidasResponse szrResponse = (GetIdentityLinkEidasResponse) jaxbUnmarshaller
+        .unmarshal(this.getClass().getResourceAsStream(responseXmlPath));
+    org.mockito.Mockito.when(szrMock.getIdentityLinkEidas(any(PersonInfoType.class))).thenReturn(szrResponse.getGetIdentityLinkReturn());
+
+  }
+  private void checkElement(String expected, String value) {
+    Assert.assertNotNull(value);
+    Assert.assertEquals(expected, value);
+
+  }
+  
+  @NotNull
+  private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
+    final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+        .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+        .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+        .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode("200")
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
+        .attributes(attributeMap)
+        .build();
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
new file mode 100644
index 00000000..5ebe8225
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -0,0 +1,637 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static org.junit.Assert.assertNull;
+
+import java.io.UnsupportedEncodingException;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.GuiBuildException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import eu.eidas.auth.commons.light.ILightRequest;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class GenerateAuthnRequestTaskTest {
+
+  @Autowired(required = true)
+  private GenerateAuthnRequestTask task;
+  @Autowired(required = true)
+  private DummySpecificCommunicationService commService;
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Map<String, String> spConfig;
+    
+  
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "true");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId", 
+        RandomStringUtils.randomAlphabetic(10));
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", 
+        "http://test/" + RandomStringUtils.randomAlphabetic(5));  
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat");    
+    
+  }
+  
+  @Test
+  public void missingIssuer() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");   
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.entityId");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Issuer not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.27", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+     
+    }
+  }
+  
+  @Test
+  public void missingForwardUrl() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");   
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.forward.endpoint");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Forward-URL not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }
+  }
+   
+  @Test
+  public void selectUnknownStage() {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String stage = RandomStringUtils.randomAlphabetic(5);
+    executionContext.put("selectedEnvironment", stage);
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing Forward-URL not detected");
+
+    } catch (final TaskExecutionException e) {
+      // forward URL is not set in example config
+      org.springframework.util.Assert.isInstanceOf(EaafConfigurationException.class, e.getOriginalException(),
+          "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "config.08", ((EaafException) e.getOriginalException())
+          .getErrorId());
+      Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL + "." + stage, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }
+  }
+  
+  @Test
+  public void selectQsEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "qs");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.qs", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void selectTestEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "test");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.test", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void selectDevEndpoint() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test    
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "dev");        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint.dev", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+  }
+  
+  @Test
+  public void noCountryCode() {
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No countryCode not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.assertEquals("wrong pendingReqId", pendingReq.getPendingRequestId(), e.getPendingRequestID());
+      org.springframework.util.Assert.isInstanceOf(EidasSAuthenticationException.class, e
+          .getOriginalException(), "Wrong exception");
+      Assert.assertEquals("wrong errorCode", "eidas.03", ((EaafException) e.getOriginalException())
+          .getErrorId());
+
+    }
+  }
+
+  @Test
+  public void withStaticProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException {
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs");
+    
+
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, eidasReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+      
+  @Test
+  public void withCustomStaticProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException {
+    String cc = RandomStringUtils.randomAlphabetic(2);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, cc);
+    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.publicSectorTargets", ".*");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderNames", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+
+    //validate state
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("wrong issuer", 
+        basicConfig.getBasicConfiguration("eidas.ms.auth.eIDAS.node_v2.entityId"), eidasReq.getIssuer());
+    Assert.assertEquals("ProviderName is not Static", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    Assert.assertEquals("wrong CC", cc, eidasReq.getCitizenCountryCode());    
+    assertNull("NameIdPolicy not null", eidasReq.getNameIdFormat());
+    
+  }
+
+  @Test
+  public void withDynamicProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+            
+    String nameIdFormat = RandomStringUtils.randomAlphabetic(10);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requested.nameIdFormat", nameIdFormat);
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertNotNull("ProviderName found", eidasReq.getProviderName());
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    Assert.assertEquals("NameIdFormat", nameIdFormat, eidasReq.getNameIdFormat());
+    
+  }
+  
+  @Test
+  public void publicSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId found", "myNode", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void privateSpWithCountryLu() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put("selectedEnvironment", "prod");
+    
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
+    
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+            
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+            
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+        
+    
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", "myNode", eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "myNode", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, 
+        eidasReq.getLevelOfAssurance());
+    
+    Assert.assertEquals("Wrong req. attr. size", 4, eidasReq.getRequestedAttributes().size());
+    
+  }
+  
+  @Test
+  public void withEidasNodePostReqNotValidTemplate() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException, UnsupportedEncodingException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+        
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+        
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "POST");
+    
+    //execute test
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("Missing template not detected");
+             
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorCode", "Could not resolve view with name 'eidas_node_forward.html' ", 
+          ((GuiBuildException) e.getOriginalException()).getMessage());
+      
+    }    
+  }
+  
+  @Test
+  public void withDynamicProviderNameForPrivateSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, "http://junit.sp");
+
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", "Wr8LrrVf5SYneblOlZdZNaLQQCCgzklfKQvyeZjBx10=", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+  @Test
+  public void privateSPWithoutRequestIdHashing() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    spConfig.put("target", 
+        EaafConstants.URN_PREFIX_WBPK_TARGET_WITH_X + "FN+" + RandomStringUtils.randomNumeric(6));
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    String requesterId = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    pendingReq.setRawDataToTransaction(Constants.DATA_REQUESTERID, requesterId);
+
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "true");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.requesterId.useHashedForm", "false");
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+        
+    
+    //perform test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+    Assert.assertNotNull("No redirect header", httpResp.getHeaderValue("Location"));
+    Assert.assertTrue("Wrong redirect endpoint", 
+        ((String) httpResp.getHeaderValue("Location")).startsWith(dynEndPoint));
+    
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertEquals("PrividerName", providerName, eidasReq.getProviderName());
+    Assert.assertEquals("RequesterId", requesterId, eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "private", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+  @Test
+  public void withoutProviderNameForPublicSPs() throws TaskExecutionException,
+      SpecificCommunicationException, EaafStorageException {
+    //set-up test
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "CC");
+    String providerName = RandomStringUtils.randomAlphanumeric(10);
+    pendingReq.setRawDataToTransaction(Constants.DATA_PROVIDERNAME, providerName);
+    
+    basicConfig.removeConfigValue("eidas.ms.auth.eIDAS.node_v2.publicSectorTargets");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName", "false");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier", "false");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "false");
+    
+    
+    String dynEndPoint = "http://test/" + RandomStringUtils.randomAlphabetic(5);
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.endpoint", dynEndPoint);    
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.forward.method", "GET");
+    
+    
+    //execute test
+    task.execute(pendingReq, executionContext);
+        
+    //validate state
+    Assert.assertEquals("Wrong http statusCode", 302, httpResp.getStatus());
+
+    final ILightRequest eidasReq = commService.getAndRemoveRequest(null, null);
+
+    Assert.assertNull("ProviderName found", eidasReq.getProviderName());
+    Assert.assertNull("RequesterId found", eidasReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", eidasReq.getSpType());
+    Assert.assertEquals("wrong LoA", "http://eidas.europa.eu/LoA/high", eidasReq.getLevelOfAssurance());
+    
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
new file mode 100644
index 00000000..53a49bac
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -0,0 +1,223 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.tasks;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jetbrains.annotations.NotNull;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class ReceiveEidasResponseTaskTest {
+
+  @Autowired(required = true)
+  private ReceiveAuthnResponseTask task;
+
+  @Autowired(required = true)
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  protected EidasAttributeRegistry attrRegistry;
+  
+  @Autowired private IRequestStorage storage;
+  
+  final ExecutionContext executionContext = new ExecutionContextImpl();
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution", "false");
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "false");
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
+    executionContext.put(EaafConstants.PROCESS_ENGINE_REQUIRES_NO_POSTAUTH_REDIRECT, true);
+
+  }
+  
+  @Test
+  public void missingEidasResponse() {    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No eIDAS response not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "eidas.01", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void notSuccessEidasResponse() throws URISyntaxException {    
+    String statusCode = RandomStringUtils.randomAlphabetic(10);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, 
+        buildDummyAuthResponse(statusCode));
+    
+    
+    try {
+      task.execute(pendingReq, executionContext);
+      Assert.fail("No eIDAS response not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.assertEquals("ErrorId", "eidas.02", 
+          ((EaafException) e.getOriginalException()).getErrorId());
+      Assert.assertEquals("wrong parameter size", 2, ((EaafException) e.getOriginalException())
+          .getParams().length);
+      Assert.assertEquals("wrong errorMsg", statusCode, ((EaafException) e
+          .getOriginalException()).getParams()[0]);
+
+    }        
+  }
+    
+  @Test
+  public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    @NotNull
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertFalse("testIdentity flag", authProcessData.isTestIdentity());
+        
+  }
+  
+  @Test
+  public void successWithTestIdentity() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {    
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
+    
+    @NotNull        
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+    executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
+      
+    //execute test
+    task.execute(pendingReq, executionContext);
+    
+    //validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    Assert.assertNotNull("pendingReq not stored", storedReq);
+    
+    final EidAuthProcessDataWrapper authProcessData = storedReq.getSessionData(EidAuthProcessDataWrapper.class);
+    Assert.assertEquals("LoA", eidasResponse.getLevelOfAssurance(), authProcessData.getQaaLevel());
+    Assert.assertNotNull("eIDAS response", 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertEquals("eIDAS response", eidasResponse, 
+        authProcessData.getGenericDataFromSession(Constants.DATA_FULL_EIDAS_RESPONSE));
+    Assert.assertTrue("testIdentity flag", authProcessData.isTestIdentity());
+        
+  }
+  
+  
+  
+  @NotNull
+  private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
+    final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+    final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+    final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+    final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
+    final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
+        .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
+        .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
+        .put(attributeDef3, RandomStringUtils.randomAlphabetic(10)).put(attributeDef4, "2001-01-01").build();
+
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(statusCode)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH)
+        .attributes(attributeMap)
+        .build();
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
new file mode 100644
index 00000000..ad38e371
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/utils/JoseUtilsTest.java
@@ -0,0 +1,139 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.utils;
+
+import java.io.IOException;
+import java.security.KeyStore;
+import java.security.KeyStoreException;
+import java.security.Provider;
+import java.security.cert.X509Certificate;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.jose4j.jwa.AlgorithmConstraints;
+import org.jose4j.jwa.AlgorithmConstraints.ConstraintType;
+import org.jose4j.jws.AlgorithmIdentifiers;
+import org.jose4j.lang.JoseException;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
+import at.gv.egiz.eaaf.core.exceptions.EaafException;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreFactory;
+import at.gv.egiz.eaaf.core.impl.credential.EaafKeyStoreUtils;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration;
+import at.gv.egiz.eaaf.core.impl.credential.KeyStoreConfiguration.KeyStoreType;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class JoseUtilsTest {
+  
+  @Autowired private EaafKeyStoreFactory keyStoreFactory;
+  
+  private static final List<String> AUTH_ALGORITHM_WHITELIST_SIGNING = Collections.unmodifiableList(
+      Arrays.asList(
+          AlgorithmIdentifiers.ECDSA_USING_P256_CURVE_AND_SHA256,
+          AlgorithmIdentifiers.ECDSA_USING_P521_CURVE_AND_SHA512,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA256,
+          AlgorithmIdentifiers.RSA_PSS_USING_SHA512));
+
+  
+  @Test
+  public void missingKey() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    try {
+      JoseUtils.createSignature(keyStore, "notExist", "password".toCharArray(), payLoad , true, "jUnitTest");
+      Assert.fail("missing Key not detected");
+      
+    } catch (EaafException e) {      
+      Assert.assertEquals("ErrorId", "internal.keystore.09", e.getErrorId());
+      
+    }
+  }
+  
+  @Test
+  public void createRsaSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    String result = JoseUtils.createSignature(keyStore, "meta", "password".toCharArray(), payLoad , true, "jUnitTest");
+   
+    Assert.assertNotNull("signed message", result);
+    Assert.assertFalse("signed msg empty", result.isEmpty());
+    
+
+    //validate
+    List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        AUTH_ALGORITHM_WHITELIST_SIGNING
+            .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+    
+    Assert.assertTrue("sig. verify", verify.isValid());
+    Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+        
+  }
+  
+  @Test
+  public void createEccSignature() throws EaafException, JoseException, KeyStoreException, IOException {
+    
+    KeyStoreConfiguration config = new KeyStoreConfiguration();
+    config.setFriendlyName("jUnittest");
+    config.setKeyStoreType(KeyStoreType.JKS);
+    config.setSoftKeyStoreFilePath("../data/junit.jks");
+    config.setSoftKeyStorePassword("password");
+    
+    Pair<KeyStore, Provider> keyStore = keyStoreFactory.buildNewKeyStore(config);
+    String payLoad = RandomStringUtils.randomAlphanumeric(100);
+    
+    //check signing
+    String result = JoseUtils.createSignature(keyStore, "sig", "password".toCharArray(), payLoad , true, "jUnitTest");
+   
+    Assert.assertNotNull("signed message", result);
+    Assert.assertFalse("signed msg empty", result.isEmpty());
+    
+
+    //validate
+    List<X509Certificate> trustedCerts = EaafKeyStoreUtils.readCertsFromKeyStore(keyStore.getFirst());
+    final AlgorithmConstraints constraints = new AlgorithmConstraints(ConstraintType.PERMIT,
+        AUTH_ALGORITHM_WHITELIST_SIGNING
+            .toArray(new String[AUTH_ALGORITHM_WHITELIST_SIGNING.size()]));
+    JwsResult verify = JoseUtils.validateSignature(result, trustedCerts, constraints);
+    
+    Assert.assertTrue("sig. verify", verify.isValid());
+    Assert.assertEquals("payload", payLoad, verify.getPayLoad());
+        
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
new file mode 100644
index 00000000..9bb51cd9
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -0,0 +1,460 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.text.SimpleDateFormat;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.joda.time.DateTime;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.ErnbEidData;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasAttributePostProcessingTest {
+
+  @Autowired
+  private CcSpecificEidProcessingService postProcessor;
+
+  // lower case
+  private static final String P1_eIDASID =
+      "DE/AT/532eaabd9574880dbf76b9b8cc00832c20a6ec113d682299550d7a6e0f345e25";
+  private static final String P1_GIVENNAME = "Max";
+  private static final String P1_FAMILYNAME = "Mustermann";
+  private static final DateTime P1_DATEOFBIRTH = DateTime.now();
+  private static final String P1_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P1_BIRTHNAME = "Musterkind";
+
+  // mixed
+  private static final String P3_eIDASID =
+      "DE/AT/532eaabd9574880dbf76b9b8cc00832c20A6ec113d682299550d7a6e0f345e25";
+  private static final String P3_GIVENNAME = "Max";
+  private static final String P3_FAMILYNAME = "Mustermann";
+  private static final DateTime P3_DATEOFBIRTH = DateTime.now();
+  private static final String P3_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P3_BIRTHNAME = "Musterkind";
+
+  // upper case
+  private static final String P4_eIDASID =
+      "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E25";
+  private static final String P4_GIVENNAME = "Max";
+  private static final String P4_FAMILYNAME = "Mustermann";
+  private static final DateTime P4_DATEOFBIRTH = DateTime.now();
+  private static final String P4_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P4_BIRTHNAME = "Musterkind";
+
+  // To long identifier
+  private static final String P5_eIDASID =
+      "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F345E251";
+  private static final String P5_GIVENNAME = "Max";
+  private static final String P5_FAMILYNAME = "Mustermann";
+  private static final DateTime P5_DATEOFBIRTH = DateTime.now();
+  private static final String P5_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P5_BIRTHNAME = "Musterkind";
+
+  // to short identifier
+  private static final String P6_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+  private static final String P6_GIVENNAME = "Max";
+  private static final String P6_FAMILYNAME = "Mustermann";
+  private static final DateTime P6_DATEOFBIRTH = DateTime.now();
+  private static final String P6_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P6_BIRTHNAME = "Musterkind";
+
+  // no hex encoded identifier
+  private static final String P7_eIDASID = "DE/AT/532EAABD9574880DBF76B9B8CC00832C20A6EC113D682299550D7A6E0F";
+  private static final String P7_GIVENNAME = "Max";
+  private static final String P7_FAMILYNAME = "Mustermann";
+  private static final DateTime P7_DATEOFBIRTH = DateTime.now();
+  private static final String P7_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P7_BIRTHNAME = "Musterkind";
+
+  private static final String P2_eIDASID =
+      "EE/AT/asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd";
+  private static final String P2_GIVENNAME = "Max";
+  private static final String P2_FAMILYNAME = "Mustermann";
+  private static final DateTime P2_DATEOFBIRTH = DateTime.now();
+  private static final String P2_PLACEOFBIRTH = "Nirgendwo";
+  private static final String P2_BIRTHNAME = "Musterkind";
+
+  /**
+   * jUnit class initializer.
+   * 
+   * @throws IOException In case of an error
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+    final String current = new java.io.File(".").toURI().toString();
+    System.setProperty("eidas.ms.configuration", current + "../../basicConfig/default_config.properties");
+
+  }
+
+  @Test
+  public void deWithHexLowerCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P1_eIDASID,
+              P1_FAMILYNAME,
+              P1_GIVENNAME,
+              P1_DATEOFBIRTH,
+              P1_PLACEOFBIRTH,
+              P1_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P1_FAMILYNAME,
+          P1_GIVENNAME,
+          P1_DATEOFBIRTH,
+          P1_PLACEOFBIRTH,
+          P1_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexMixedCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P3_eIDASID,
+              P3_FAMILYNAME,
+              P3_GIVENNAME,
+              P3_DATEOFBIRTH,
+              P3_PLACEOFBIRTH,
+              P3_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P3_FAMILYNAME,
+          P3_GIVENNAME,
+          P3_DATEOFBIRTH,
+          P3_PLACEOFBIRTH,
+          P3_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexUpperCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P4_eIDASID,
+              P4_FAMILYNAME,
+              P4_GIVENNAME,
+              P4_DATEOFBIRTH,
+              P4_PLACEOFBIRTH,
+              P4_BIRTHNAME));
+
+      validate(result,
+          "Uy6qvZV0iA2/drm4zACDLCCm7BE9aCKZVQ16bg80XiU=",
+          P4_FAMILYNAME,
+          P4_GIVENNAME,
+          P4_DATEOFBIRTH,
+          P4_PLACEOFBIRTH,
+          P4_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void deWithHexTooLongCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P5_eIDASID,
+              P5_FAMILYNAME,
+              P5_GIVENNAME,
+              P5_DATEOFBIRTH,
+              P5_PLACEOFBIRTH,
+              P5_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Too long input accepted");
+  }
+
+  @Test
+  public void deWithHexTooShortCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P6_eIDASID,
+              P6_FAMILYNAME,
+              P6_GIVENNAME,
+              P6_DATEOFBIRTH,
+              P6_PLACEOFBIRTH,
+              P6_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Too short input accepted");
+  }
+
+  @Test
+  public void deWithNoHexCase() throws Exception {
+    try {
+      postProcessor.postProcess(
+          generateInputData(
+              P7_eIDASID,
+              P7_FAMILYNAME,
+              P7_GIVENNAME,
+              P7_DATEOFBIRTH,
+              P7_PLACEOFBIRTH,
+              P7_BIRTHNAME));
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("Not hex encoded input accepted");
+  }
+
+  @Test
+  public void eeTestCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      e.printStackTrace();
+      fail(e.getMessage());
+
+    }
+  }
+
+  @Test
+  public void eeTestFamilyNameMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              null,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("FamilyName missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestGivenNameMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              null,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("GivenName missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestDateOfBirthMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              P2_eIDASID,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              null,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("DateOfBirth missing input accepted");
+
+  }
+
+  @Test
+  public void eeTestIdMissingCase() throws Exception {
+    try {
+      final ErnbEidData result = postProcessor.postProcess(
+          generateInputData(
+              null,
+              P2_FAMILYNAME,
+              P2_GIVENNAME,
+              P2_DATEOFBIRTH,
+              P2_PLACEOFBIRTH,
+              P2_BIRTHNAME));
+
+      validate(result,
+          "asfasfasdfasdfasdfasdfasdfasvafasdfasdfasdfasdfasdfasvascasdfasdfasdfasdfasdfasdfasdfasdfasdfasdfasd",
+          P2_FAMILYNAME,
+          P2_GIVENNAME,
+          P2_DATEOFBIRTH,
+          P2_PLACEOFBIRTH,
+          P2_BIRTHNAME);
+
+    } catch (final Exception e) {
+      return;
+
+    }
+
+    fail("eIDAS-Id missing input accepted");
+
+  }
+
+  private Map<String, Object> generateInputData(String id, String familyName, String givenName,
+      DateTime dateOfBirth, String placeOfBirth, String birthName) {
+    final Map<String, Object> result = new HashMap<>();
+    result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
+    result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
+    result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
+    result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
+    result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
+    result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName);
+    return result;
+
+  }
+
+  private void validate(ErnbEidData result, String id, String familyName, String givenName,
+      DateTime dateOfBirth, String placeOfBirth, String birthName) {
+    if (!result.getPseudonym().equals(id)) {
+      fail(result.getPseudonym() + "is not equal to " + id);
+    }
+
+    if (!result.getFamilyName().equals(familyName)) {
+      fail(result.getFamilyName() + "is not equal to " + familyName);
+    }
+
+    if (!result.getGivenName().equals(givenName)) {
+      fail(result.getGivenName() + "is not equal to " + givenName);
+    }
+
+    if (!result.getDateOfBirth().equals(dateOfBirth)) {
+      fail(result.getDateOfBirth() + "is not equal to " + dateOfBirth);
+    }
+
+    if (!result.getFormatedDateOfBirth().equals(new SimpleDateFormat("yyyy-MM-dd").format(dateOfBirth
+        .toDate()))) {
+      fail(result.getDateOfBirth() + "is not equal to " + new SimpleDateFormat("yyyy-MM-dd").format(
+          dateOfBirth.toDate()));
+    }
+
+    if (!result.getPlaceOfBirth().equals(placeOfBirth)) {
+      fail(result.getPlaceOfBirth() + "is not equal to " + placeOfBirth);
+    }
+
+    if (!result.getBirthName().equals(birthName)) {
+      fail(result.getBirthName() + "is not equal to " + birthName);
+    }
+
+  }
+
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
new file mode 100644
index 00000000..610801a6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingFirstTest.java
@@ -0,0 +1,193 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.TestPropertySource;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_realConfig.xml"})
+@TestPropertySource(locations = {"classpath:/config/junit_config_de_attributes.properties"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingFirstTest {
+
+  @Autowired
+  private IConfigurationWithSP basicConfig;
+  @Autowired
+  private CcSpecificEidProcessingService preProcessor;
+
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Builder authnRequestBuilder;  
+  private Map<String, String> spConfig;
+  
+  /**
+   * jUnit class initializer.
+   * 
+   * @throws IOException In case of an error
+   */
+  @BeforeClass
+  public static void classInitializer() throws IOException {
+//    final String current = new java.io.File(".").toURI().toString();
+//    System.setProperty("eidas.ms.configuration", 
+//        current + "src/test/resources/config/junit_config_de_attributes.properties");
+
+  }
+
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");    
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    authnRequestBuilder = LightRequest.builder();
+    authnRequestBuilder.id(UUID.randomUUID().toString());
+    authnRequestBuilder.issuer("Test");
+    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+
+  }
+
+  @Test
+  public void prePreProcessGeneric() throws EidPostProcessingException {
+    final String testCountry = "XX";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+
+  @Test
+  public void prePreProcessGenericNoCountryCode() throws EidPostProcessingException {
+    final String testCountry = "XX";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(null, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+
+  @Test
+  public void prePreProcessDE() throws EidPostProcessingException {
+
+    final String testCountry = "DE";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        Constants.DEFAULT_PROPS_EIDAS_NODE_STATIC_PROVIDERNAME_FOR_PUBLIC_SP, lightReq.getProviderName());
+    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+  }
+  
+  @Test
+  public void prePreProcessNlWithUpgrade() throws EidPostProcessingException {
+
+    final String testCountry = "NL";
+    spConfig.put("loa", EaafConstants.EIDAS_LOA_LOW);
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_LOW);
+    
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_SUBSTANTIAL, lightReq.getLevelOfAssurance());
+    
+  }
+   
+  @Test
+  public void prePreProcessNlWithOutUpgrade() throws EidPostProcessingException {
+
+    final String testCountry = "NL";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertNotSame("RequesterId was set", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+    Assert.assertEquals("wrong LoA", EaafConstants.EIDAS_LOA_HIGH, lightReq.getLevelOfAssurance());
+    
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
new file mode 100644
index 00000000..9ee38296
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasRequestPreProcessingSecondTest.java
@@ -0,0 +1,157 @@
+/*
+ * Copyright 2018 A-SIT Plus GmbH
+ * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
+ * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "License");
+ * You may not use this work except in compliance with the License.
+ * You may obtain a copy of the License at:
+ * https://joinup.ec.europa.eu/news/understanding-eupl-v12
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+*/
+
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.UUID;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySpConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import eu.eidas.auth.commons.light.impl.LightRequest;
+import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+@DirtiesContext(classMode = ClassMode.AFTER_CLASS)
+public class EidasRequestPreProcessingSecondTest {
+
+  @Autowired
+  private MsConnectorDummyConfigMap basicConfig;
+  @Autowired
+  private CcSpecificEidProcessingService preProcessor;
+
+  private TestRequestImpl pendingReq;
+  private DummySpConfiguration oaParam;
+  private Builder authnRequestBuilder;
+
+
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before
+  public void setUp() {
+
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    oaParam = new DummySpConfiguration(spConfig, basicConfig);
+
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+
+    authnRequestBuilder = LightRequest.builder();
+    authnRequestBuilder.id(UUID.randomUUID().toString());
+    authnRequestBuilder.issuer("Test");
+    authnRequestBuilder.levelOfAssurance(EaafConstants.EIDAS_LOA_HIGH);
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "true");
+    
+  }
+
+  @Test
+  public void prePreProcessDeUnknownAttribute() throws EidPostProcessingException {
+    basicConfig.putConfigValue("eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs", "myNode");
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs", "true");
+    
+    final String testCountry = "DE";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 8, lightReq.getRequestedAttributes().size());
+
+  }
+
+
+  /*
+   * Set ProviderName according to general configuration
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithoutRequestId() throws EidPostProcessingException {
+
+    basicConfig.putConfigValue(
+        "eidas.ms.auth.eIDAS.node_v2.requesterId.lu.useStaticRequesterForAll", "false");
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static", "myNode", lightReq.getProviderName());
+    Assert.assertNull("RequesterId", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
+  /* 
+   * Always set requesterId and providername in case of country LU
+   */
+  @Test
+  public void prePreProcessLuPublicSpWithStaticRequesterId() throws EidPostProcessingException {
+
+    
+    final String testCountry = "LU";
+    authnRequestBuilder.citizenCountryCode(testCountry);
+    preProcessor.preProcess(testCountry, pendingReq, authnRequestBuilder);
+
+    final LightRequest lightReq = authnRequestBuilder.build();
+
+    Assert.assertEquals("ProviderName is not Static",
+        "myNode", lightReq.getProviderName());
+    Assert.assertEquals("RequesterId is not Static",
+        "myNode", lightReq.getRequesterId());
+    Assert.assertEquals("no PublicSP", "public", lightReq.getSpType());
+    Assert.assertEquals("Requested attribute size not match", 4, lightReq.getRequestedAttributes().size());
+
+  }
+  
+}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
new file mode 100644
index 00000000..b1f1b164
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -0,0 +1,333 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.validation;
+
+import static at.asitplus.eidas.specific.core.MsEidasNodeConstants.PROP_CONFIG_SP_NEW_EID_MODE;
+
+import java.net.URISyntaxException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.powermock.core.classloader.annotations.PrepareForTest;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import com.google.common.collect.ImmutableSet;
+
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
+import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EaafConstants;
+import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import eu.eidas.auth.commons.attribute.AttributeDefinition;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap;
+import eu.eidas.auth.commons.attribute.ImmutableAttributeMap.Builder;
+import eu.eidas.auth.commons.attribute.impl.StringAttributeValue;
+import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.protocol.impl.AuthenticationResponse;
+import lombok.val;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@PrepareForTest(CreateIdentityLinkTask.class)
+@DirtiesContext(classMode = DirtiesContext.ClassMode.BEFORE_CLASS)
+@ContextConfiguration(locations = {
+    "/SpringTest-context_tasks_test.xml",
+    "/SpringTest-context_basic_mapConfig.xml"})
+public class EidasResponseValidatorTest {
+
+  @Autowired private MsConnectorDummyConfigMap basicConfig;
+  @Autowired protected EidasAttributeRegistry attrRegistry;
+  
+  private TestRequestImpl pendingReq;
+  private MsConnectorDummySpConfiguration oaParam;
+  
+  
+  /**
+   * jUnit test set-up.
+   */
+  @Before
+  public void setUp() throws EaafStorageException, URISyntaxException {
+    
+    final Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EaafConfigConstants.SERVICE_UNIQUEIDENTIFIER, "testSp");
+    spConfig.put("target", "urn:publicid:gv.at:cdid+XX");
+    spConfig.put(PROP_CONFIG_SP_NEW_EID_MODE, "true");
+    oaParam = new MsConnectorDummySpConfiguration(spConfig, basicConfig);
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH));
+    pendingReq = new TestRequestImpl();
+
+    pendingReq.setSpConfig(oaParam);
+    pendingReq.setPendingReqId(at.gv.egiz.eaaf.core.impl.utils.Random.nextProcessReferenceValue());
+    pendingReq.setAuthUrl("http://test.com/");
+    pendingReq.setTransactionId("avaasbav");
+    pendingReq.setPiiTransactionId(RandomStringUtils.randomAlphanumeric(10));
+        
+  }
+  
+  
+  @Test
+  public void loaFromResponseToLow() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_LOW,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "XX";
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.06", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "http://eidas.europa.eu/LoA/low", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void noEidasSpCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = null;
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Destination country does not match to SP country", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void noEidasResponseCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = null;
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Citizen country does not match to eIDAS-node country that generates the response", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void wrongEidasResponseCountry() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "LU/AT/" + RandomStringUtils.randomNumeric(10), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "XX";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Citizen country does not match to eIDAS-node country that generates the response", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void missingPersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        null, 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void moreThanOnePersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        null, 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        true);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.05", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 1, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "NO 'PersonalIdentifier' attriubte", 
+          e.getParams()[0]);
+  
+    }    
+  }
+  
+  @Test
+  public void emptyPersonalIdentifier() throws URISyntaxException {
+    //set-up
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        "", 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    String spCountry = "AT";
+    String citizenCountryCode = "LU";
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+    try {
+      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode, attrRegistry);
+      Assert.fail("Wrong eIDAS response not detected");
+      
+    } catch (EidasValidationException e) {
+      Assert.assertEquals("ErrorId", "eidas.07", e.getErrorId());    
+      Assert.assertEquals("wrong parameter size", 2, e.getParams().length);
+      Assert.assertEquals("wrong errorMsg", "PersonIdentifier", 
+          e.getParams()[0]);
+      Assert.assertEquals("wrong errorMsg", 
+          "Wrong identifier format", 
+          e.getParams()[1]);
+  
+    }    
+  }
+  
+  @Test
+  public void validResponse() throws URISyntaxException, EidasValidationException {
+    //set-up
+    
+    String spCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    String cCountry = RandomStringUtils.randomAlphabetic(2).toUpperCase();
+    
+    ILightResponse eidasResponse = buildDummyAuthResponse( 
+        cCountry + "/" + spCountry + "/" + RandomStringUtils.randomAlphanumeric(20), 
+        EaafConstants.EIDAS_LOA_SUBSTANTIAL,
+        false);
+    
+    oaParam.setLoa(Arrays.asList(EaafConstants.EIDAS_LOA_HIGH, EaafConstants.EIDAS_LOA_SUBSTANTIAL));
+    
+                    
+    //execute test
+
+    EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, cCountry, attrRegistry);
+    
+  }
+  
+  
+  private AuthenticationResponse buildDummyAuthResponse(String personalId, String loa, boolean moreThanOnePersonalId) 
+      throws URISyntaxException {
+    
+        
+    final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
+        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+
+    final Builder attributeMap = ImmutableAttributeMap.builder();
+    if (personalId != null) {
+      if (moreThanOnePersonalId) {
+        ImmutableSet values = ImmutableSet.of(new StringAttributeValue(personalId), 
+            new StringAttributeValue("XX/YY/" + RandomStringUtils.randomAlphanumeric(10)));
+        attributeMap.put(personIdattributeDef, values); 
+        
+      } else {
+        attributeMap.put(personIdattributeDef, personalId);
+        
+      }      
+    }
+    
+    val b = new AuthenticationResponse.Builder();
+    return b.id("_".concat(Random.nextHexRandom16()))
+        .issuer(RandomStringUtils.randomAlphabetic(10))
+        .subject(RandomStringUtils.randomAlphabetic(10))
+        .statusCode(Constants.SUCCESS_URI)
+        .inResponseTo("_".concat(Random.nextHexRandom16()))
+        .subjectNameIdFormat("afaf")
+        .levelOfAssurance(loa)
+        .attributes(attributeMap.build())
+        .build();
+  }
+}
+
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml
new file mode 100644
index 00000000..fe9ff441
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_mapConfig.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+  <bean id="dummyMapBasedConfiguration"
+        class="at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap">
+    <constructor-arg value="/config/junit_config_1.properties" />
+    <property name="configRootDirSufix" value="src/test/resources/config" />
+  </bean>
+
+</beans>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml
new file mode 100644
index 00000000..79695f69
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_realConfig.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+  
+  <!-- 
+  <bean id="BasicMSSpecificNodeConfig"
+    class="at.asitplus.eidas.specific.connector.config.BasicConfigurationProvider">
+    <constructor-arg
+      value="#{systemProperties['eidas.ms.configuration']}" />
+  </bean>
+  -->
+ 
+  <bean id="springBootBasicConfingProvider"
+        class="at.asitplus.eidas.specific.core.config.SpringBootBasicConfigurationProvider" />
+
+</beans>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
new file mode 100644
index 00000000..f31e5063
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -0,0 +1,73 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+
+  
+  <bean id="SZRClientForeIDAS"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
+
+  <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore" 
+    /> -->
+
+  <bean id="springManagedSpecificConnectorCommunicationService"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+
+  <bean id="specificConnectorAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/eidas-attributes.xml" />
+  </bean>
+
+  <bean id="specificConnectorAdditionalAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/additional-attributes.xml" />
+  </bean>
+
+  <bean id="attributeRegistry"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+    <property name="eidasAttributesFile"
+      ref="specificConnectorAttributesFileWithPath" />
+    <property name="additionalAttributesFile"
+      ref="specificConnectorAdditionalAttributesFileWithPath" />
+  </bean>
+
+  <bean id="EIDPostProcessingService"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" />
+
+  <bean id="DE-PostProcessor"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.DeEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+  <bean id="LU-PostProcessor"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.LuEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+  <bean id="NL-Processor"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.NlEidProcessor">
+    <property name="priority" value="1" />
+  </bean>
+
+ <bean id="eIDASAuthModule"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasAuthenticationModulImpl">
+    <property name="priority" value="2" />
+  </bean>
+
+  <bean id="Default-PostProcessor"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.GenericEidProcessor">
+    <property name="priority" value="0" />
+  </bean>
+
+</beans>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
new file mode 100644
index 00000000..6d6bb51e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
@@ -0,0 +1,67 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xmlns:mvc="http://www.springframework.org/schema/mvc"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd 
+    http://www.springframework.org/schema/mvc http://www.springframework.org/schema/mvc/spring-mvc.xsd">
+
+  <context:annotation-config />
+  <mvc:annotation-driven />
+  <mvc:default-servlet-handler />
+
+
+  <import resource="SpringTest-context_authManager.xml" />
+  <import resource="SpringTest-context_basic_test.xml" />  
+
+  <bean id="mvcGUIBuilderImpl"
+    class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" />
+
+  <bean id="springManagedSpecificConnectorCommunicationService"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+
+  <bean id="specificConnectorAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/eidas-attributes.xml" />
+  </bean>
+
+  <bean id="specificConnectorAdditionalAttributesFileWithPath"
+    class="java.lang.String">
+    <constructor-arg
+      value="src/test/resources/config/additional-attributes.xml" />
+  </bean>
+
+  <bean id="attributeRegistry"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+    <property name="eidasAttributesFile"
+      ref="specificConnectorAttributesFileWithPath" />
+    <property name="additionalAttributesFile"
+      ref="specificConnectorAdditionalAttributesFileWithPath" />
+  </bean>
+
+  <bean id="authBlockSigningService"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.AuthBlockSigningService" />
+
+  <bean id="EidasSignalServlet"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
+
+  <!-- Authentication Process Tasks -->
+  <bean id="ConnecteIDASNodeTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask"
+    scope="prototype" />
+
+  <bean id="ReceiveResponseFromeIDASNodeTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask"
+    scope="prototype" />
+
+  <bean id="CreateIdentityLinkTask"
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask"
+    scope="prototype" />
+
+</beans>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml b/modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml
new file mode 100644
index 00000000..6510546e
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/additional-attributes.xml
@@ -0,0 +1,39 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+#   Copyright (c) 2017 European Commission  
+#   Licensed under the EUPL, Version 1.2 or – as soon they will be 
+#   approved by the European Commission - subsequent versions of the 
+#    EUPL (the "Licence"); 
+#    You may not use this work except in compliance with the Licence. 
+#    You may obtain a copy of the Licence at: 
+#    * https://joinup.ec.europa.eu/page/eupl-text-11-12  
+#    *
+#    Unless required by applicable law or agreed to in writing, software 
+#    distributed under the Licence is distributed on an "AS IS" basis, 
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
+#    See the Licence for the specific language governing permissions and limitations under the Licence.
+ -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>Dynamic attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/AdditionalAttribute</entry>
+    <entry key="1.FriendlyName">AdditionalAttribute</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">false</entry>
+    <entry key="1.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="1.XmlType.LocalPart">string</entry>
+    <entry key="1.XmlType.NamespacePrefix">xs</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalAdditionalAttribute</entry>
+    <entry key="2.FriendlyName">LegalAdditionalAttribute</entry>
+    <entry key="2.PersonType">LegalPerson</entry>
+    <entry key="2.Required">false</entry>
+    <entry key="2.XmlType.NamespaceUri">http://www.w3.org/2001/XMLSchema</entry>
+    <entry key="2.XmlType.LocalPart">string</entry>
+    <entry key="2.XmlType.NamespacePrefix">xs</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+</properties>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml b/modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml
new file mode 100644
index 00000000..cbae35db
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/eidas-attributes.xml
@@ -0,0 +1,376 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- 
+#   Copyright (c) 2017 European Commission  
+#   Licensed under the EUPL, Version 1.2 or – as soon they will be 
+#   approved by the European Commission - subsequent versions of the 
+#    EUPL (the "Licence"); 
+#    You may not use this work except in compliance with the Licence. 
+#    You may obtain a copy of the Licence at: 
+#    * https://joinup.ec.europa.eu/page/eupl-text-11-12  
+#    *
+#    Unless required by applicable law or agreed to in writing, software 
+#    distributed under the Licence is distributed on an "AS IS" basis, 
+#    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 
+#    See the Licence for the specific language governing permissions and limitations under the Licence.
+ -->
+
+<!DOCTYPE properties SYSTEM "http://java.sun.com/dtd/properties.dtd">
+<properties>
+    <comment>eIDAS attributes</comment>
+
+    <entry key="1.NameUri">http://eidas.europa.eu/attributes/naturalperson/PersonIdentifier</entry>
+    <entry key="1.FriendlyName">PersonIdentifier</entry>
+    <entry key="1.PersonType">NaturalPerson</entry>
+    <entry key="1.Required">true</entry>
+    <entry key="1.UniqueIdentifier">true</entry>
+    <entry key="1.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="1.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="1.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="1.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="2.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentFamilyName</entry>
+    <entry key="2.FriendlyName">FamilyName</entry>
+    <entry key="2.PersonType">NaturalPerson</entry>
+    <entry key="2.Required">true</entry>
+    <entry key="2.TransliterationMandatory">true</entry>
+    <entry key="2.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="2.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="2.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="2.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="3.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentGivenName</entry>
+    <entry key="3.FriendlyName">FirstName</entry>
+    <entry key="3.PersonType">NaturalPerson</entry>
+    <entry key="3.Required">true</entry>
+    <entry key="3.TransliterationMandatory">true</entry>
+    <entry key="3.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="3.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="3.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="3.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="4.NameUri">http://eidas.europa.eu/attributes/naturalperson/DateOfBirth</entry>
+    <entry key="4.FriendlyName">DateOfBirth</entry>
+    <entry key="4.PersonType">NaturalPerson</entry>
+    <entry key="4.Required">true</entry>
+    <entry key="4.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="4.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="4.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="4.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="5.NameUri">http://eidas.europa.eu/attributes/naturalperson/BirthName</entry>
+    <entry key="5.FriendlyName">BirthName</entry>
+    <entry key="5.PersonType">NaturalPerson</entry>
+    <entry key="5.Required">false</entry>
+    <entry key="5.TransliterationMandatory">true</entry>
+    <entry key="5.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="5.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="5.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="5.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="6.NameUri">http://eidas.europa.eu/attributes/naturalperson/PlaceOfBirth</entry>
+    <entry key="6.FriendlyName">PlaceOfBirth</entry>
+    <entry key="6.PersonType">NaturalPerson</entry>
+    <entry key="6.Required">false</entry>
+    <entry key="6.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="6.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="6.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="6.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="7.NameUri">http://eidas.europa.eu/attributes/naturalperson/CurrentAddress</entry>
+    <entry key="7.FriendlyName">CurrentAddress</entry>
+    <entry key="7.PersonType">NaturalPerson</entry>
+    <entry key="7.Required">false</entry>
+    <entry key="7.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="7.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="7.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="7.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.CurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="8.NameUri">http://eidas.europa.eu/attributes/naturalperson/Gender</entry>
+    <entry key="8.FriendlyName">Gender</entry>
+    <entry key="8.PersonType">NaturalPerson</entry>
+    <entry key="8.Required">false</entry>
+    <entry key="8.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson</entry>
+    <entry key="8.XmlType.LocalPart">GenderType</entry>
+    <entry key="8.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="8.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="9.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonIdentifier</entry>
+    <entry key="9.FriendlyName">LegalPersonIdentifier</entry>
+    <entry key="9.PersonType">LegalPerson</entry>
+    <entry key="9.Required">true</entry>
+    <entry key="9.UniqueIdentifier">true</entry>
+    <entry key="9.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="9.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="9.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="9.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="10.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalName</entry>
+    <entry key="10.FriendlyName">LegalName</entry>
+    <entry key="10.PersonType">LegalPerson</entry>
+    <entry key="10.Required">true</entry>
+    <entry key="10.TransliterationMandatory">true</entry>
+    <entry key="10.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="10.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="10.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="10.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="11.NameUri">http://eidas.europa.eu/attributes/legalperson/LegalPersonAddress</entry>
+    <entry key="11.FriendlyName">LegalAddress</entry>
+    <entry key="11.PersonType">LegalPerson</entry>
+    <entry key="11.Required">false</entry>
+    <entry key="11.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="11.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="11.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="11.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.LegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="12.NameUri">http://eidas.europa.eu/attributes/legalperson/VATRegistrationNumber</entry>
+    <entry key="12.FriendlyName">VATRegistration</entry>
+    <entry key="12.PersonType">LegalPerson</entry>
+    <entry key="12.Required">false</entry>
+    <entry key="12.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="12.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="12.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="12.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="13.NameUri">http://eidas.europa.eu/attributes/legalperson/TaxReference</entry>
+    <entry key="13.FriendlyName">TaxReference</entry>
+    <entry key="13.PersonType">LegalPerson</entry>
+    <entry key="13.Required">false</entry>
+    <entry key="13.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="13.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="13.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="13.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="14.NameUri">http://eidas.europa.eu/attributes/legalperson/D-2012-17-EUIdentifier</entry>
+    <entry key="14.FriendlyName">D-2012-17-EUIdentifier</entry>
+    <entry key="14.PersonType">LegalPerson</entry>
+    <entry key="14.Required">false</entry>
+    <entry key="14.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="14.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="14.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="14.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="15.NameUri">http://eidas.europa.eu/attributes/legalperson/LEI</entry>
+    <entry key="15.FriendlyName">LEI</entry>
+    <entry key="15.PersonType">LegalPerson</entry>
+    <entry key="15.Required">false</entry>
+    <entry key="15.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="15.XmlType.LocalPart">LEIType</entry>
+    <entry key="15.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="15.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="16.NameUri">http://eidas.europa.eu/attributes/legalperson/EORI</entry>
+    <entry key="16.FriendlyName">EORI</entry>
+    <entry key="16.PersonType">LegalPerson</entry>
+    <entry key="16.Required">false</entry>
+    <entry key="16.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="16.XmlType.LocalPart">EORIType</entry>
+    <entry key="16.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="16.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="17.NameUri">http://eidas.europa.eu/attributes/legalperson/SEED</entry>
+    <entry key="17.FriendlyName">SEED</entry>
+    <entry key="17.PersonType">LegalPerson</entry>
+    <entry key="17.Required">false</entry>
+    <entry key="17.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="17.XmlType.LocalPart">SEEDType</entry>
+    <entry key="17.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="17.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="18.NameUri">http://eidas.europa.eu/attributes/legalperson/SIC</entry>
+    <entry key="18.FriendlyName">SIC</entry>
+    <entry key="18.PersonType">LegalPerson</entry>
+    <entry key="18.Required">false</entry>
+    <entry key="18.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson</entry>
+    <entry key="18.XmlType.LocalPart">SICType</entry>
+    <entry key="18.XmlType.NamespacePrefix">eidas-legal</entry>
+    <entry key="18.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="19.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PersonIdentifier</entry>
+    <entry key="19.FriendlyName">RepresentativePersonIdentifier</entry>
+    <entry key="19.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="19.Required">false</entry>
+    <entry key="19.UniqueIdentifier">true</entry>
+    <entry key="19.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="19.XmlType.LocalPart">PersonIdentifierType</entry>
+    <entry key="19.XmlType.NamespacePrefix">eidas-natural</entry>
+    <entry key="19.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="20.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentFamilyName</entry>
+    <entry key="20.FriendlyName">RepresentativeFamilyName</entry>
+    <entry key="20.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="20.Required">false</entry>
+    <entry key="20.TransliterationMandatory">true</entry>
+    <entry key="20.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="20.XmlType.LocalPart">CurrentFamilyNameType</entry>
+    <entry key="20.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="20.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="21.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentGivenName</entry>
+    <entry key="21.FriendlyName">RepresentativeFirstName</entry>
+    <entry key="21.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="21.Required">false</entry>
+    <entry key="21.TransliterationMandatory">true</entry>
+    <entry key="21.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="21.XmlType.LocalPart">CurrentGivenNameType</entry>
+    <entry key="21.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="21.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="22.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/DateOfBirth</entry>
+    <entry key="22.FriendlyName">RepresentativeDateOfBirth</entry>
+    <entry key="22.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="22.Required">false</entry>
+    <entry key="22.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="22.XmlType.LocalPart">DateOfBirthType</entry>
+    <entry key="22.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="22.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.DateTimeAttributeValueMarshaller</entry>
+
+    <entry key="23.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/BirthName</entry>
+    <entry key="23.FriendlyName">RepresentativeBirthName</entry>
+    <entry key="23.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="23.Required">false</entry>
+    <entry key="23.TransliterationMandatory">true</entry>
+    <entry key="23.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="23.XmlType.LocalPart">BirthNameType</entry>
+    <entry key="23.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="23.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="24.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/PlaceOfBirth</entry>
+    <entry key="24.FriendlyName">RepresentativePlaceOfBirth</entry>
+    <entry key="24.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="24.Required">false</entry>
+    <entry key="24.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="24.XmlType.LocalPart">PlaceOfBirthType</entry>
+    <entry key="24.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="24.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="25.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/CurrentAddress</entry>
+    <entry key="25.FriendlyName">RepresentativeCurrentAddress</entry>
+    <entry key="25.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="25.Required">false</entry>
+    <entry key="25.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="25.XmlType.LocalPart">CurrentAddressType</entry>
+    <entry key="25.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="25.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvCurrentAddressAttributeValueMarshaller</entry>
+
+    <entry key="26.NameUri">http://eidas.europa.eu/attributes/naturalperson/representative/Gender</entry>
+    <entry key="26.FriendlyName">RepresentativeGender</entry>
+    <entry key="26.PersonType">RepresentativeNaturalPerson</entry>
+    <entry key="26.Required">false</entry>
+    <entry key="26.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/naturalperson/representative</entry>
+    <entry key="26.XmlType.LocalPart">GenderType</entry>
+    <entry key="26.XmlType.NamespacePrefix">eidas-reprentative-natural</entry>
+    <entry key="26.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.GenderAttributeValueMarshaller</entry>
+
+    <entry key="27.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonIdentifier</entry>
+    <entry key="27.FriendlyName">RepresentativeLegalPersonIdentifier</entry>
+    <entry key="27.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="27.Required">false</entry>
+    <entry key="27.UniqueIdentifier">true</entry>
+    <entry key="27.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="27.XmlType.LocalPart">LegalPersonIdentifierType</entry>
+    <entry key="27.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="27.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="28.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalName</entry>
+    <entry key="28.FriendlyName">RepresentativeLegalName</entry>
+    <entry key="28.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="28.Required">false</entry>
+    <entry key="28.TransliterationMandatory">true</entry>
+    <entry key="28.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="28.XmlType.LocalPart">LegalNameType</entry>
+    <entry key="28.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="28.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="29.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="29.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="29.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="29.Required">false</entry>
+    <entry key="29.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="29.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="29.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="29.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="30.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="30.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="30.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="30.Required">false</entry>
+    <entry key="30.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="30.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="30.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="30.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="31.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/TaxReference</entry>
+    <entry key="31.FriendlyName">RepresentativeTaxReference</entry>
+    <entry key="31.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="31.Required">false</entry>
+    <entry key="31.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="31.XmlType.LocalPart">TaxReferenceType</entry>
+    <entry key="31.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="31.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="32.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/D-2012-17-EUIdentifier</entry>
+    <entry key="32.FriendlyName">RepresentativeD-2012-17-EUIdentifier</entry>
+    <entry key="32.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="32.Required">false</entry>
+    <entry key="32.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="32.XmlType.LocalPart">D-2012-17-EUIdentifierType</entry>
+    <entry key="32.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="32.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="33.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LEI</entry>
+    <entry key="33.FriendlyName">RepresentativeLEI</entry>
+    <entry key="33.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="33.Required">false</entry>
+    <entry key="33.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="33.XmlType.LocalPart">LEIType</entry>
+    <entry key="33.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="33.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="34.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/EORI</entry>
+    <entry key="34.FriendlyName">RepresentativeEORI</entry>
+    <entry key="34.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="34.Required">false</entry>
+    <entry key="34.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="34.XmlType.LocalPart">EORIType</entry>
+    <entry key="34.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="34.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="35.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SEED</entry>
+    <entry key="35.FriendlyName">RepresentativeSEED</entry>
+    <entry key="35.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="35.Required">false</entry>
+    <entry key="35.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="35.XmlType.LocalPart">SEEDType</entry>
+    <entry key="35.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="35.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="36.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/SIC</entry>
+    <entry key="36.FriendlyName">RepresentativeSIC</entry>
+    <entry key="36.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="36.Required">false</entry>
+    <entry key="36.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="36.XmlType.LocalPart">SICType</entry>
+    <entry key="36.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="36.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+    <entry key="39.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/LegalPersonAddress</entry>
+    <entry key="39.FriendlyName">RepresentativeLegalAddress</entry>
+    <entry key="39.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="39.Required">false</entry>
+    <entry key="39.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="39.XmlType.LocalPart">LegalPersonAddressType</entry>
+    <entry key="39.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="39.AttributeValueMarshaller">eu.eidas.auth.commons.protocol.eidas.impl.RepvLegalAddressAttributeValueMarshaller</entry>
+
+    <entry key="40.NameUri">http://eidas.europa.eu/attributes/legalperson/representative/VATRegistrationNumber</entry>
+    <entry key="40.FriendlyName">RepresentativeVATRegistration</entry>
+    <entry key="40.PersonType">RepresentativeLegalPerson</entry>
+    <entry key="40.Required">false</entry>
+    <entry key="40.XmlType.NamespaceUri">http://eidas.europa.eu/attributes/legalperson/representative</entry>
+    <entry key="40.XmlType.LocalPart">VATRegistrationNumberType</entry>
+    <entry key="40.XmlType.NamespacePrefix">eidas-reprentative-legal</entry>
+    <entry key="40.AttributeValueMarshaller">eu.eidas.auth.commons.attribute.impl.LiteralStringAttributeValueMarshaller</entry>
+
+
+</properties>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
new file mode 100644
index 00000000..a662379c
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -0,0 +1,117 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=
+eidas.ms.auth.eIDAS.node_v2.forward.method=POST
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=myNode
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/.....
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/.....
+eidas.ms.pvp2.keystore.password=
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=
+eidas.ms.sp.0.pvp2.metadata.truststore.password=
+eidas.ms.sp.0.newEidMode=true
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
new file mode 100644
index 00000000..7c5e5a40
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_2.properties
@@ -0,0 +1,114 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test
+eidas.ms.auth.eIDAS.node_v2.forward.method=GET
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/.....
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/.....
+eidas.ms.pvp2.keystore.password=
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=
+eidas.ms.sp.0.pvp2.metadata.truststore.password=
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
new file mode 100644
index 00000000..c830d447
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_3.properties
@@ -0,0 +1,118 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test.com/
+eidas.ms.auth.eIDAS.node_v2.forward.method=POST
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+eidas.ms.auth.eIDAS.node_v2.staticProviderNameForPublicSPs=myNode
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/.....
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=false
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.8=testtest,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/.....
+eidas.ms.pvp2.keystore.password=
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=
+eidas.ms.sp.0.pvp2.metadata.truststore.password=
+eidas.ms.sp.0.newEidMode=true
+
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
new file mode 100644
index 00000000..01e72069
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_4.properties
@@ -0,0 +1,114 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test
+eidas.ms.auth.eIDAS.node_v2.forward.method=GET
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=false
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=false
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/.....
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.7=CurrentAddress,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/.....
+eidas.ms.pvp2.keystore.password=
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=
+eidas.ms.sp.0.pvp2.metadata.truststore.password=
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
new file mode 100644
index 00000000..6b235667
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_de_attributes.properties
@@ -0,0 +1,116 @@
+## Basic service configuration
+eidas.ms.context.url.prefix=
+eidas.ms.context.url.request.validation=false
+eidas.ms.core.configRootDir=file:./src/test/resources/config/
+
+
+eidas.ms.context.use.clustermode=true
+
+##Monitoring
+eidas.ms.monitoring.eIDASNode.metadata.url=
+
+
+##Specific logger configuration
+eidas.ms.technicallog.write.MDS.into.techlog=true
+eidas.ms.revisionlog.write.MDS.into.revisionlog=true
+eidas.ms.revisionlog.logIPAddressOfUser=true
+
+##Directory for static Web content
+eidas.ms.webcontent.static.directory=webcontent/
+eidas.ms.webcontent.templates=templates/
+eidas.ms.webcontent.properties=properties/messages
+
+## extended validation of pending-request Id's
+eidas.ms.core.pendingrequestid.maxlifetime=300
+eidas.ms.core.pendingrequestid.digist.algorithm=HmacSHA256
+eidas.ms.core.pendingrequestid.digist.secret=pendingReqIdSecret
+
+## eIDAS Ref. Implementation connector ###
+eidas.ms.auth.eIDAS.node_v2.entityId=ownSpecificConnector
+eidas.ms.auth.eIDAS.node_v2.forward.endpoint=http://test
+eidas.ms.auth.eIDAS.node_v2.forward.method=GET
+eidas.ms.auth.eIDAS.node_v2.countrycode=AT
+#eidas.ms.auth.eIDAS.node_v2.publicSectorTargets=.*
+eidas.ms.auth.eIDAS.node_v2.workarounds.addAlwaysProviderName=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useRequestIdAsTransactionIdentifier=true
+eidas.ms.auth.eIDAS.node_v2.workarounds.useStaticProviderNameForPublicSPs=true
+
+eidas.ms.auth.eIDAS.node_v2.loa.requested.minimum=http://eidas.europa.eu/LoA/high
+
+eidas.ms.auth.eIDAS.szrclient.useTestService=true
+eidas.ms.auth.eIDAS.szrclient.endpoint.prod=
+eidas.ms.auth.eIDAS.szrclient.endpoint.test=http://localhost:1234/demoszr
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.path=keys/.....
+eidas.ms.auth.eIDAS.szrclient.ssl.keyStore.password=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.path=
+eidas.ms.auth.eIDAS.szrclient.ssl.trustStore.password=
+eidas.ms.auth.eIDAS.szrclient.timeout.connection=15
+eidas.ms.auth.eIDAS.szrclient.timeout.response=30
+eidas.ms.auth.eIDAS.szrclient.params.vkz=
+
+eidas.ms.auth.eIDAS.szrclient.params.useSZRForbPKCalculation=false
+
+
+eidas.ms.auth.eIDAS.authblock.keystore.password=f/+saJBc3a}*/T^s
+eidas.ms.auth.eIDAS.authblock.keystore.friendlyName=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.keystore.path=./../keystore/teststore.jks
+eidas.ms.auth.eIDAS.authblock.keystore.type=jks
+eidas.ms.auth.eIDAS.authblock.key.alias=connectorkeypair
+eidas.ms.auth.eIDAS.authblock.key.password=f/+saJBc3a}*/T^s
+
+
+#Raw eIDAS Id data storage
+eidas.ms.auth.eIDAS.szrclient.workarounds.eidmapping.revisionlog.active=true
+
+eidas.ms.auth.eIDAS.szrclient.params.setPlaceOfBirthIfAvailable=true
+eidas.ms.auth.eIDAS.szrclient.params.setBirthNameIfAvailable=true
+
+eidas.ms.auth.eIDAS.szrclient.debug.logfullmessages=true
+eidas.ms.auth.eIDAS.szrclient.debug.useDummySolution=true
+
+##without mandates
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.onlynatural.3=DateOfBirth,true
+
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.4=PlaceOfBirth,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.5=BirthName,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.6=Gender,false
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.de.onlynatural.7=CurrentAddress,false
+
+##with mandates ---- NOT FULLY SUPPORTED AT THE MOMENT -----
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.0=PersonIdentifier,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.1=FamilyName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.2=FirstName,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.3=DateOfBirth,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.4=LegalPerson,true
+eidas.ms.auth.eIDAS.node_v2.attributes.requested.representation.5=LegalName,true
+
+
+## PVP2 S-Profile end-point configuration
+eidas.ms.pvp2.keystore.path=keys/.....
+eidas.ms.pvp2.keystore.password=
+eidas.ms.pvp2.key.metadata.alias=
+eidas.ms.pvp2.key.metadata.password=
+eidas.ms.pvp2.key.signing.alias=
+eidas.ms.pvp2.key.signing.password=
+eidas.ms.pvp2.metadata.validity=24
+
+## Service Provider configuration
+eidas.ms.sp.0.uniqueID=
+eidas.ms.sp.0.pvp2.metadata.truststore=
+eidas.ms.sp.0.pvp2.metadata.truststore.password=
+
+#eidas.ms.sp.0.friendlyName=
+#eidas.ms.sp.0.pvp2.metadata.url=
+#eidas.ms.sp.0.policy.allowed.requested.targets=.*
+#eidas.ms.sp.0.policy.hasBaseIdTransferRestriction=false
+
+
+##only for advanced config
+eidas.ms.configuration.sp.disableRegistrationRequirement=
+eidas.ms.configuration.restrictions.baseID.spTransmission=
+eidas.ms.configuration.auth.default.countrycode=
+eidas.ms.configuration.pvp.scheme.validation=
+eidas.ms.configuration.pvp.enable.entitycategories=
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks b/modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks
new file mode 100644
index 00000000..a18df332
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/src/test/resources/data/junit.jks differ
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws
new file mode 100644
index 00000000..f7c9a1c7
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/signed_eidasBind.jws
@@ -0,0 +1 @@
+eyJ1cm46YXQuZ3YuZWlkOmJpbmR0eXBlIjoidXJuOmF0Lmd2LmVpZDplaWRhc0JpbmQiLCJhbGciOiJSUzUxMiIsIng1dCNTMjU2IjoiY3FtcXBHdWlnS0NRelVWX1doWURHU1EyNEx6Zkxtd0ZtUlNYQlNYR3o3byJ9.eyJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnZzei52YWx1ZSI6IjhEYWNBTUxVSFEiLCJ1cm46ZWlkZ3ZhdDphdHRyaWJ1dGVzLnVzZXIucHVia2V5cyI6WyI1NDZ5OEtXZ3R1V3F1dXVNdC9DUWhKem1pWXZ3bzR1QzhLZWxxdUtMc2VLbG1mQ2dtcnpscGFQd3A1K3Q2NjI4Il0sInVybjplaWRndmF0OmF0dHJpYnV0ZXMuZWlkLnN0YXR1cyI6InVybjplaWRndmF0OmVpZC5zdGF0dXMuZWlkYXMifQ.WiECS-E5RB-zQV3JW6-3B7op093QErqq3yS2S4YVFQq9XmYzTD8UKo63yaHa-2U2WFUbiwNI3OOkwNZIAedMZHHblZ0jzjGTb58zL4Yvm6sPSlq3TP5u0emiQdjIJNQmILE5ZYVOgSA-4MWLXAgRQEl2A1w8lHxptE6ya83GdhA0gP51-rY_536qvVuaZHrQ2Lpahl-lTIY1Zi6Knqj1yFdH-auqkLxB44l-XvMv9QryBZMAkkmiu8J598rzIJ2ifGyw4UqHDJZ53GKUpBbU_X23ZjsZ8B5ZapRTO9JGoEEW3rMDEO5_9cjWYOCn87-CA3bMNVbo1KN146UZGuZbyXuevLPznRkbCtXS--IE0SuuLBaowcktX2ggeeSzaq6UZW7hSmQnErVgxxfP16ijBu8yylo-PFbqgYFNT-Ca2rS8i1Cs0KdPTahYIRm4xLARahYLQbqA15medm7JSoz4tA468c_hcNzyG9aGoXYuw1F5kUrJkHl0IWdHkvSR8RWw
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml
new file mode 100644
index 00000000..d627ded2
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_error_travelerdocexists.xml
@@ -0,0 +1,6 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<SOAP-ENV:Fault xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
+	<faultcode xmlns:p344="urn:SZRServices" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">p344:F455</faultcode>
+	<faultstring>The travel document you sent to insert a person already exists for another person. Either check the document or have the person altered accordingly</faultstring>
+	<faultactor>urn:SZRServices</faultactor>
+</SOAP-ENV:Fault>
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml
new file mode 100644
index 00000000..c376caef
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_1.xml
@@ -0,0 +1,50 @@
+<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
+	<saml:AttributeStatement>
+		<saml:Subject>
+			<saml:SubjectConfirmation>
+				<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+				<saml:SubjectConfirmationData>
+					<pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BVpN1WJO4x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Hans</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1989-05-05</pr:DateOfBirth></pr:Person>
+				</saml:SubjectConfirmationData>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+	</saml:AttributeStatement>
+	<dsig:Signature>
+		<dsig:SignedInfo>
+			<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+			<dsig:Reference URI="">
+				<dsig:Transforms>
+					<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+						<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+					</dsig:Transform>
+					<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+				</dsig:Transforms>
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue>
+			</dsig:Reference>
+			<dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue>
+			</dsig:Reference>
+		</dsig:SignedInfo>
+		<dsig:SignatureValue>
+    a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9
+    Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j
+    zQ9GHFnZnnob0+bBflqIjZOl4xc=
+  </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+		<dsig:Object>
+			<dsig:Manifest Id="manifest">
+				<dsig:Reference URI="">
+					<dsig:Transforms>
+						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+							<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+						</dsig:Transform>
+					</dsig:Transforms>
+					<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					<dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue>
+				</dsig:Reference>
+			</dsig:Manifest>
+		</dsig:Object>
+	</dsig:Signature>
+</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml
new file mode 100644
index 00000000..f07c67d6
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/data/szr/szr_resp_valid_2.xml
@@ -0,0 +1,50 @@
+<ns6:GetIdentityLinkEidasResponse xmlns="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:ns2="http://egov.gv.at/pvp1.xsd" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns5="http://schemas.xmlsoap.org/ws/2002/04/secext" xmlns:ns6="urn:SZRServices"><ns6:GetIdentityLinkReturn><ns6:PersonInfo><ns6:Person><Identification><Value>k+zDM1BVpN1WJO4x7ZQ3ng==</Value><Type>urn:publicid:gv.at:baseid</Type></Identification><Name><GivenName>Franz</GivenName><FamilyName>Mustermann</FamilyName></Name><Sex>unknown</Sex><DateOfBirth>1989-05-05</DateOfBirth></ns6:Person></ns6:PersonInfo><ns6:Assertion><saml:Assertion xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID15650069652921" IssueInstant="2019-08-05T14:09:25+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
+	<saml:AttributeStatement>
+		<saml:Subject>
+			<saml:SubjectConfirmation>
+				<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+				<saml:SubjectConfirmationData>
+					<pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>k+zDM1BV1312312332x7ZQ3ng==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Martina</pr:GivenName><pr:FamilyName primary="undefined">Musterfrau</pr:FamilyName></pr:Name><pr:DateOfBirth>1991-04-15</pr:DateOfBirth></pr:Person>
+				</saml:SubjectConfirmationData>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+	</saml:AttributeStatement>
+	<dsig:Signature>
+		<dsig:SignedInfo>
+			<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+			<dsig:Reference URI="">
+				<dsig:Transforms>
+					<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+						<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+					</dsig:Transform>
+					<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+				</dsig:Transforms>
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>GZjlsEXIhUPBSbOR1R8P4dzRJHE=</dsig:DigestValue>
+			</dsig:Reference>
+			<dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>lCnWsFICFg0ogj0Ha7++Y9gyOQg=</dsig:DigestValue>
+			</dsig:Reference>
+		</dsig:SignedInfo>
+		<dsig:SignatureValue>
+    a6tPfkdriEzAyQh2jU3/4j48baaPnY/i510OHx0vwHRvXLz80UyZzffdmtaRuk3iHVxgUMd9
+    Ld0DLsRt6tFJiPLyBCo0QCuqaOwgTcuUI3Ku/oySpqMjqug3AMdrhxW2j41yQlzvkjiZTT4j
+    zQ9GHFnZnnob0+bBflqIjZOl4xc=
+  </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIICTzCCAbigAwIBAgIBADANBgkqhkiG9w0BAQUFADATMREwDwYDVQQDEwhTWlJQRVJTQjAeFw0wNTA3MDEwMDAwMDBaFw00MDEyMzEyMzU5NTlaMBMxETAPBgNVBAMTCFNaUlBFUlNCMIIBHzANBgkqhkiG9w0BAQEFAAOCAQwAMIIBBwKBgQDGNmo9LOohefioGreKU6j6R05jUwHuddziSOQPolmMSXQG6NnnlLQaITv7BEmFj+EBqaOc+891wgZCRvNA2h+fHdJ69QXi/xjCovJI5SHh9jA+ssqhZ68iXOZHPq4WeegtYiYyJaRxWF+iPLqSm+bknS/KuBUcZol9SM3r6CMf0wKBgHytGrIelzc9ZN97VYXLkOJxi4TNSSj3Q/1TIC0s+HSzjbD694Y6ufINpR+IQm5epLTdXx9Dxv19bYnsLEIt0niMd2Cnm1DxXe8iNaDzpWec7fbRT6vDBwtTnyQkGfu2GGF3nSvVZ5AUDbLdAfZLOlbwsZmPnWU1zktSkLgKnT2XozIwMDAuBglghkgBhvhCAQ0EIRMfQ3JlYXRlZCBieSB6L09TIElDU0YgLSBIQ1I3NzgwIDANBgkqhkiG9w0BAQUFAAOBgQBwPc3l/Qf4myH8rsAAM5HqdCR68bMegWgNVxlPNl5DNJEE2hbPhIJ/K6TF6cjROYKDVuQ/+drtsZcrEOaqhqD3qw7MXAiT9GurV99YM/qTBsMy13yjU3LqeFX25Om8JlccGF5G+iHrVjfNQEUocGnGxCAPMlBvGwia4JjJcIPx7Q==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+		<dsig:Object>
+			<dsig:Manifest Id="manifest">
+				<dsig:Reference URI="">
+					<dsig:Transforms>
+						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+							<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+						</dsig:Transform>
+					</dsig:Transforms>
+					<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					<dsig:DigestValue>SbpaaSlLolEX5D9P7HyTPnImvns=</dsig:DigestValue>
+				</dsig:Reference>
+			</dsig:Manifest>
+		</dsig:Object>
+	</dsig:Signature>
+</saml:Assertion></ns6:Assertion><ns6:AdditionalInfo>ERN</ns6:AdditionalInfo></ns6:GetIdentityLinkReturn></ns6:GetIdentityLinkEidasResponse>
\ No newline at end of file
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks
new file mode 100644
index 00000000..fcc6400c
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/src/test/resources/keystore/teststore.jks differ
-- 
cgit v1.2.3


From b59cc11d18d0c711aae7c5adca9ac6cc48664fc2 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Wed, 9 Mar 2022 18:41:35 +0100
Subject: feature(eidas): add optional parameter to support more-than-one
 MS-Connector stage

# Conflicts:
#	modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
#	modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
---
 .../specific/modules/auth/eidas/v2/Constants.java  |   1 -
 .../eidas/v2/tasks/ReceiveAuthnResponseTask.java   | 139 ++++++++++++++-------
 2 files changed, 93 insertions(+), 47 deletions(-)

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 2c4654ad..9ceb08ee 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -131,7 +131,6 @@ public class Constants {
       CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
 
   public static final String DEFAULT_MS_NODE_COUNTRY_CODE = "AT";
-
   
   @Deprecated
   public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL =
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
index 8d5df99f..c918b7a4 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -23,11 +23,16 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks;
 
+import java.io.IOException;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Component;
+import org.springframework.web.util.UriComponentsBuilder;
 
 import at.asitplus.eidas.specific.core.MsConnectorEventCodes;
 import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
@@ -41,13 +46,22 @@ import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.data.EidAuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import eu.eidas.auth.commons.EidasParameterKeys;
 import eu.eidas.auth.commons.light.ILightResponse;
+import eu.eidas.auth.commons.tx.BinaryLightToken;
+import eu.eidas.specificcommunication.BinaryLightTokenHelper;
+import eu.eidas.specificcommunication.SpecificCommunicationDefinitionBeanNames;
+import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
+import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
 import lombok.extern.slf4j.Slf4j;
 
 @Slf4j
 @Component("ReceiveResponseFromeIDASNodeTask")
 public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 
+  @Autowired
+  ApplicationContext context;
+  
   @Autowired
   private IConfiguration basicConfig;
   @Autowired
@@ -65,54 +79,18 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 
       }
 
-      log.debug("Receive eIDAS response with RespId:" + eidasResponse.getId() + " for ReqId:" + eidasResponse
-          .getInResponseToId());
-      log.trace("Full eIDAS-Resp: " + eidasResponse.toString());
-      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse
-          .getId());
-
-      // check response StatusCode
-      if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
-        log.info("Receice eIDAS Response with StatusCode:" + eidasResponse.getStatus().getStatusCode()
-            + " Subcode:" + eidasResponse.getStatus().getSubStatusCode() + " Msg:" + eidasResponse.getStatus()
-                .getStatusMessage());
-        throw new EidasSAuthenticationException("eidas.02", new Object[] { eidasResponse.getStatus()
-            .getStatusCode(), eidasResponse.getStatus().getStatusMessage() });
-
+      String stagingEndpoint = pendingReq.getRawData(
+          MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, String.class);      
+      if (StringUtils.isNotEmpty(stagingEndpoint)) {
+        log.info("Find ms-connector staging to: {}. Forwarding to that endpoint ... ", stagingEndpoint);
+        forwardToOtherStage(response, executionContext, eidasResponse, stagingEndpoint);
+                
+      } else {
+        executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, false);
+        processResponseOnThatStage(executionContext, eidasResponse);
+        
       }
-
-      // extract all Attributes from response
-
-      // **********************************************************
-      // ******* MS-specificresponse validation **********
-      // **********************************************************
-      final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
-          Constants.DEFAULT_MS_NODE_COUNTRY_CODE);
-      final String citizenCountryCode = (String) executionContext.get(
-          MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
-      EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode,
-          attrRegistry);
-
-      // **********************************************************
-      // ******* Store resonse infos into session object **********
-      // **********************************************************
-
-      // update MOA-Session data with received information
-      log.debug("Store eIDAS response information into pending-request.");
-      final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
-      authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
-      authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
-
       
-      //inject set flag to inject 
-      authProcessData.setTestIdentity(
-          basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false));
-            
-      // store MOA-session to database
-      requestStoreage.storePendingRequest(pendingReq);
-
-      revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
-
     } catch (final EaafException e) {
       revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_NOT_VALID);
       throw new TaskExecutionException(pendingReq, "eIDAS Response processing FAILED.", e);
@@ -124,7 +102,76 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
           new EidasSAuthenticationException("eidas.05", new Object[] { e.getMessage() }, e));
 
     }
+  }
+
+  private void forwardToOtherStage(HttpServletResponse response, ExecutionContext executionContext, 
+      ILightResponse eidasResponse, String stagingEndpoint) throws SpecificCommunicationException, IOException {
+    executionContext.put(MsEidasNodeConstants.EXECCONTEXT_PARAM_MSCONNECTOR_STAGING, true);
+    
+    final SpecificCommunicationService specificConnectorCommunicationService =
+        (SpecificCommunicationService) context.getBean(
+            SpecificCommunicationDefinitionBeanNames.SPECIFIC_CONNECTOR_COMMUNICATION_SERVICE.toString());
+    BinaryLightToken token = specificConnectorCommunicationService.putResponse(eidasResponse);
+    final String tokenBase64 = BinaryLightTokenHelper.encodeBinaryLightTokenBase64(token);    
+    
+    final UriComponentsBuilder redirectUrl = UriComponentsBuilder.fromHttpUrl(stagingEndpoint);
+    redirectUrl.queryParam(EidasParameterKeys.TOKEN.toString(), tokenBase64);
+
+    log.debug("Forward to other stage .... ");
+    response.sendRedirect(redirectUrl.build().encode().toString());
+       
+  }
+
+  private void processResponseOnThatStage(ExecutionContext executionContext, ILightResponse eidasResponse) 
+      throws EaafException {
+    log.debug("Receive eIDAS response with RespId:" + eidasResponse.getId() + " for ReqId:" + eidasResponse
+        .getInResponseToId());
+    log.trace("Full eIDAS-Resp: " + eidasResponse.toString());
+    revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE, eidasResponse
+        .getId());
+
+    // check response StatusCode
+    if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+      log.info("Receice eIDAS Response with StatusCode:" + eidasResponse.getStatus().getStatusCode()
+          + " Subcode:" + eidasResponse.getStatus().getSubStatusCode() + " Msg:" + eidasResponse.getStatus()
+              .getStatusMessage());
+      throw new EidasSAuthenticationException("eidas.02", new Object[] { eidasResponse.getStatus()
+          .getStatusCode(), eidasResponse.getStatus().getStatusMessage() });
+
+    }
 
+    // extract all Attributes from response
+
+    // **********************************************************
+    // ******* MS-specificresponse validation **********
+    // **********************************************************
+    final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE,
+        "AT");
+    final String citizenCountryCode = (String) executionContext.get(
+        MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY);
+    EidasResponseValidator.validateResponse(pendingReq, eidasResponse, spCountry, citizenCountryCode,
+        attrRegistry);
+
+    // **********************************************************
+    // ******* Store resonse infos into session object **********
+    // **********************************************************
+
+    // update MOA-Session data with received information
+    log.debug("Store eIDAS response information into pending-request.");
+    final EidAuthProcessDataWrapper authProcessData = pendingReq.getSessionData(EidAuthProcessDataWrapper.class);
+    authProcessData.setQaaLevel(eidasResponse.getLevelOfAssurance());
+    authProcessData.setGenericDataToSession(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
+
+    
+    //inject set flag to inject 
+    authProcessData.setTestIdentity(
+        basicConfig.getBasicConfigurationBoolean(Constants.CONIG_PROPS_EIDAS_IS_TEST_IDENTITY, false));
+          
+    // store MOA-session to database
+    requestStoreage.storePendingRequest(pendingReq);
+
+    revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.RESPONSE_FROM_EIDAS_NODE_VALID);
+    
   }
 
 }
-- 
cgit v1.2.3


From 8f03c8e42233ae407ad54203c3340d7804adae3e Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 13 May 2022 09:01:28 +0200
Subject: fix(matching): set flag into process context to prohibit warning from
 process engine

---
 .../auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java     | 1 +
 1 file changed, 1 insertion(+)

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
index f335bc2a..b8fe12fe 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAustrianResidenceGuiResponseTask.java
@@ -157,6 +157,7 @@ public class ReceiveAustrianResidenceGuiResponseTask extends AbstractLocaleAuthS
       } else {
         log.debug("Find single match by using residence information. Starting data validation ... ");
         compareSearchResultWithInitialData(residencyResult, eidasData);
+        executionContext.put(TRANSITION_TO_GENERATE_GUI_QUERY_AUSTRIAN_RESIDENCE_TASK, false);
 
       }
 
-- 
cgit v1.2.3


From b0869317938810db6bd79e3ccc2e84b9d18097b2 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 13 May 2022 09:02:03 +0200
Subject: build(qs): update code-coverage checks again

---
 modules/authmodule-eIDAS-v2/pom.xml | 4 ++++
 1 file changed, 4 insertions(+)

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/pom.xml b/modules/authmodule-eIDAS-v2/pom.xml
index 874b2cb5..4a9aae29 100644
--- a/modules/authmodule-eIDAS-v2/pom.xml
+++ b/modules/authmodule-eIDAS-v2/pom.xml
@@ -375,6 +375,10 @@
                 <exclude>**/generated/cxf/*</exclude>
                 <exclude>**at/gv/bmi/namespace/*</exclude>
                 <exclude>**at/asitplus/eidas/specific/modules/auth/eidas/v2/dao/ernp/*</exclude>
+                <exclude>**/at/gv/bmi/namespace/*</exclude>
+                <exclude>**/at/gv/e_government/reference/namespace/*</exclude>
+                <exclude>**/org/w3/_2000/_09/*</exclude>
+                <exclude>**/org/xmlsoap/schemas/ws/*</exclude>
               </excludes>
             </configuration>
           </execution>
-- 
cgit v1.2.3


From 2eb2e6ddeb189ffb2996f3ec3b16244a67bd13e9 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Tue, 24 May 2022 09:11:29 +0200
Subject: chore(eidas): switch to version 2.6.0 of eIDAS Reference
 Implementation

---
 .../2.6.0/eidas-commons-2.6.0-sources.jar          | Bin 0 -> 203436 bytes
 .../eidas-commons/2.6.0/eidas-commons-2.6.0.jar    | Bin 0 -> 300354 bytes
 .../eidas-commons/2.6.0/eidas-commons-2.6.0.pom    | 114 +++
 ...ignite-specific-communication-2.6.0-sources.jar | Bin 0 -> 4156 bytes
 ...-jcache-ignite-specific-communication-2.6.0.jar | Bin 0 -> 6234 bytes
 ...-jcache-ignite-specific-communication-2.6.0.pom |  61 ++
 .../2.6.0/eidas-jcache-ignite-2.6.0-sources.jar    | Bin 0 -> 2850 bytes
 .../2.6.0/eidas-jcache-ignite-2.6.0.jar            | Bin 0 -> 3853 bytes
 .../2.6.0/eidas-jcache-ignite-2.6.0.pom            |  94 +++
 .../2.6.0/eidas-light-commons-2.6.0-sources.jar    | Bin 0 -> 90806 bytes
 .../2.6.0/eidas-light-commons-2.6.0.jar            | Bin 0 -> 126073 bytes
 .../2.6.0/eidas-light-commons-2.6.0.pom            |  59 ++
 .../eidas-parent/2.6.0/eidas-parent-2.6.0.pom      | 900 +++++++++++++++++++++
 ...ific-communication-definition-2.6.0-sources.jar | Bin 0 -> 49656 bytes
 ...das-specific-communication-definition-2.6.0.jar | Bin 0 -> 59363 bytes
 ...das-specific-communication-definition-2.6.0.pom | 125 +++
 16 files changed, 1353 insertions(+)
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0-sources.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.pom
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0-sources.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.pom
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0-sources.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.pom
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0-sources.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.pom
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.6.0/eidas-parent-2.6.0.pom
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0-sources.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.jar
 create mode 100644 modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.pom

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0-sources.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0-sources.jar
new file mode 100644
index 00000000..9313fbe2
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0-sources.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.jar
new file mode 100644
index 00000000..489a118d
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.pom
new file mode 100644
index 00000000..b254385d
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-commons/2.6.0/eidas-commons-2.6.0.pom
@@ -0,0 +1,114 @@
+<!--
+  ~ Copyright (c) 2021 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence.
+  -->
+
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>eidas-commons</artifactId>
+    <packaging>${mod.packaging.type}</packaging>
+    <name>eIDAS Commons</name>
+    <description>
+        The EIDASCommons library provides beans, Java Interfaces and utility classes to integrate EidasNode and SAML
+        Engine.
+    </description>
+    <parent>
+        <groupId>eu.eidas</groupId>
+        <artifactId>eidas-parent</artifactId>
+        <version>2.6.0</version>
+        <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+    </parent>
+    <dependencies>
+        <dependency>
+            <groupId>eu.eidas</groupId>
+            <artifactId>eidas-light-commons</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.owasp.encoder</groupId>
+            <artifactId>encoder</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>javax.cache</groupId>
+            <artifactId>cache-api</artifactId>
+            <version>1.1.0</version>
+        </dependency>
+        <!-- TEST -->
+        <dependency>
+            <groupId>ch.qos.logback</groupId>
+            <artifactId>logback-classic</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>aopalliance</groupId>
+            <artifactId>aopalliance</artifactId>
+            <version>1.0</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <resources>
+            <resource>
+                <directory>${project.basedir}/src/main/resources</directory>
+            </resource>
+        </resources>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+            </plugin>
+        </plugins>
+        <testResources>
+            <testResource>
+                <directory>src/test/resources</directory>
+                <includes>
+                    <include>log4j.xml</include>
+                    <include>*.properties</include>
+                </includes>
+            </testResource>
+        </testResources>
+    </build>
+    <profiles>
+        <profile>
+            <id>metrics</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.jacoco</groupId>
+                        <artifactId>jacoco-maven-plugin</artifactId>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+    <reporting>
+        <plugins>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </reporting>
+</project>
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0-sources.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0-sources.jar
new file mode 100644
index 00000000..76de9f21
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0-sources.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.jar
new file mode 100644
index 00000000..f47d9387
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.pom
new file mode 100644
index 00000000..00c9b834
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite-specific-communication/2.6.0/eidas-jcache-ignite-specific-communication-2.6.0.pom
@@ -0,0 +1,61 @@
+<!--
+  ~ Copyright (c) 2020 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+                             http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+    <packaging>jar</packaging>
+    <name>eIDAS JCache Ignite Specific Communication</name>
+    <description>Implements JCache using Ignite with Specific Communication Definition's beans configurations.</description>
+
+    <parent>
+        <groupId>eu.eidas</groupId>
+        <artifactId>eidas-parent</artifactId>
+        <version>2.6.0</version>
+        <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+    </parent>
+
+    <properties>
+        <ignite.version>2.8.1</ignite.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>eu.eidas</groupId>
+            <artifactId>eidas-jcache-ignite</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.slf4j</groupId>
+            <artifactId>slf4j-simple</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ignite</groupId>
+            <artifactId>ignite-slf4j</artifactId>
+            <version>${ignite.version}</version>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+
+</project>
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0-sources.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0-sources.jar
new file mode 100644
index 00000000..f30cd314
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0-sources.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.jar
new file mode 100644
index 00000000..10487964
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.pom
new file mode 100644
index 00000000..adc838fa
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-jcache-ignite/2.6.0/eidas-jcache-ignite-2.6.0.pom
@@ -0,0 +1,94 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+                             http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>eidas-jcache-ignite</artifactId>
+    <packaging>jar</packaging>
+    <name>eIDAS JCache Ignite</name>
+    <description>Implements JCache using Ignite.</description>
+
+    <parent>
+        <groupId>eu.eidas</groupId>
+        <artifactId>eidas-parent</artifactId>
+        <version>2.6.0</version>
+        <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+    </parent>
+
+    <properties>
+        <ignite.version>2.8.1</ignite.version>
+    </properties>
+
+    <dependencies>
+        <dependency>
+            <groupId>eu.eidas</groupId>
+            <artifactId>eidas-commons</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>commons-logging</groupId>
+            <artifactId>commons-logging</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ignite</groupId>
+            <artifactId>ignite-core</artifactId>
+            <version>${ignite.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.gridgain</groupId>
+                    <artifactId>ignite-shmem</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ignite</groupId>
+            <artifactId>ignite-spring</artifactId>
+            <version>${ignite.version}</version>
+            <exclusions>
+                <exclusion>
+                    <groupId>org.apache.ignite</groupId>
+                    <artifactId>ignite-indexing</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-core</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-aop</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-beans</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-context</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-expression</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-tx</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>org.springframework</groupId>
+                    <artifactId>spring-jdbc</artifactId>
+                </exclusion>
+                <exclusion>
+                    <groupId>commons-logging</groupId>
+                    <artifactId>commons-logging</artifactId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.apache.ignite</groupId>
+            <artifactId>ignite-slf4j</artifactId>
+            <version>${ignite.version}</version>
+        </dependency>
+    </dependencies>
+</project>
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0-sources.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0-sources.jar
new file mode 100644
index 00000000..34de1733
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0-sources.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.jar
new file mode 100644
index 00000000..a24f36cd
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.pom
new file mode 100644
index 00000000..1a9eccef
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-light-commons/2.6.0/eidas-light-commons-2.6.0.pom
@@ -0,0 +1,59 @@
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>eidas-light-commons</artifactId>
+    <packaging>${mod.packaging.type}</packaging>
+    <name>eIDAS Light Commons</name>
+    <description>
+        The EIDASLightCommons library provides Java Interfaces and utility classes to integrate EIDASCommons and eIDAS Specific Communication Definition.
+    </description>
+    <parent>
+        <groupId>eu.eidas</groupId>
+        <artifactId>eidas-parent</artifactId>
+        <version>2.6.0</version>
+        <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+    </parent>
+    <dependencies>
+        <dependency>
+            <groupId>jakarta.xml.bind</groupId>
+            <artifactId>jakarta.xml.bind-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>joda-time</groupId>
+            <artifactId>joda-time</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.ibm.icu</groupId>
+            <artifactId>icu4j</artifactId>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </build>
+    <profiles>
+        <profile>
+            <id>metrics</id>
+            <build>
+                <plugins>
+                    <plugin>
+                        <groupId>org.jacoco</groupId>
+                        <artifactId>jacoco-maven-plugin</artifactId>
+                    </plugin>
+                </plugins>
+            </build>
+        </profile>
+    </profiles>
+    <reporting>
+        <plugins>
+            <plugin>
+                <groupId>org.jacoco</groupId>
+                <artifactId>jacoco-maven-plugin</artifactId>
+            </plugin>
+        </plugins>
+    </reporting>
+</project>
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.6.0/eidas-parent-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.6.0/eidas-parent-2.6.0.pom
new file mode 100644
index 00000000..fe858c92
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-parent/2.6.0/eidas-parent-2.6.0.pom
@@ -0,0 +1,900 @@
+<!--
+  ~ Copyright (c) 2022 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+                             http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <groupId>eu.eidas</groupId>
+    <artifactId>eidas-parent</artifactId>
+    <packaging>pom</packaging>
+    <name>eIDAS Node Parent</name>
+    <version>2.6.0</version>
+    <description>
+        The EIDAS-Parent provides artifacts versions for Eidas Node components.
+    </description>
+    <properties>
+        <!-- 1) Project properties -->
+        <proj.name>EIDASParent</proj.name>
+        <proj.name.eidas>EidasNode</proj.name.eidas>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <app.packaging.type>war</app.packaging.type>
+        <mod.packaging.type>jar</mod.packaging.type>
+        <timestamp>${maven.build.timestamp}</timestamp>
+        <!-- java version targeted in the compile phase -->
+        <java.version>11</java.version>
+
+        <samlspec.version>0.5.2</samlspec.version>
+        <samlspecacept.version>0.5.1</samlspecacept.version>
+
+        <!-- 2) Library dependency versions -->
+        <spring.version>4.3.18.RELEASE</spring.version>
+        <opensaml.not-yet-commons-ssl.version>0.3.9</opensaml.not-yet-commons-ssl.version>
+        <opensaml.openws.version>1.5.5</opensaml.openws.version>
+        <opensaml.version>4.1.1</opensaml.version>
+        <opensaml.api.version>4.1.1</opensaml.api.version>
+        <xmlsec.version>2.2.3</xmlsec.version>
+        <shibboleth.xmlsupport.version>8.0.0</shibboleth.xmlsupport.version>
+        <servlet.version>3.0.1</servlet.version>
+        <jaxb.api.version>2.3.3</jaxb.api.version>
+        <jaxb.runtime.version>2.3.3</jaxb.runtime.version>
+        <json.runtime.version>1.1.4</json.runtime.version>
+        <jsp.api>2.0</jsp.api>
+        <jstl.version>1.2.6</jstl.version>
+        <jasper.version>6.0.53</jasper.version>
+        <slf4j.version>1.7.10</slf4j.version>
+        <logback.version>1.2.9</logback.version>
+        <mockito.version>3.7.0</mockito.version>
+        <junit.version>4.12</junit.version>
+        <hamcrest.version>1.3</hamcrest.version>
+        <commons.codec>1.15</commons.codec>
+        <commons.collections>3.2.2</commons.collections>
+        <commons.io>2.4</commons.io>
+        <commons.lang>2.6</commons.lang>
+        <commons.logging>1.1.3</commons.logging>
+        <commons.httpclient>4.5.13</commons.httpclient>
+        <commons.httpcore>4.4.9</commons.httpcore>
+        <commons.lang3>3.1</commons.lang3>
+        <bouncycastle.version>1.70</bouncycastle.version>
+        <owasp.version>1.2.3</owasp.version>
+        <owasp.dependency-check.version>1.4.0</owasp.dependency-check.version>
+        <joda.time.version>2.6</joda.time.version>
+        <log4j.version>1.2.17</log4j.version>
+        <log4j.api>2.3</log4j.api>
+        <xmlunit.version>1.5</xmlunit.version>
+        <bdr.econnector.version>1.2.2</bdr.econnector.version>
+        <struts.version>2.3.34</struts.version>
+        <vaadin.version>7.4.2</vaadin.version>
+        <vaadin.plugin.version>${vaadin.version}</vaadin.plugin.version>
+        <vaadin-spring.version>1.0.0.beta1</vaadin-spring.version>
+        <vaadin4spring.version>0.0.5.RELEASE</vaadin4spring.version>
+        <jetty.plugin.version>9.2.3.v20140905</jetty.plugin.version>
+        <guava.version>28.1-jre</guava.version>
+        <jsr305.version>3.0.1</jsr305.version>
+        <icu4j.version>57.1</icu4j.version>
+
+        <!-- 3) maven plugin versions -->
+        <javadoc.plugin.version>2.8.1</javadoc.plugin.version>
+        <compile.plugin.version>3.8.0</compile.plugin.version>
+        <surefire.plugin.version>2.19.1</surefire.plugin.version>
+        <war.plugin.version>3.2.0</war.plugin.version>
+        <ear.plugin.version>2.7</ear.plugin.version>
+        <resources.plugin.version>2.4</resources.plugin.version>
+        <jacoco.plugin.version>0.8.7</jacoco.plugin.version>
+        <remote.resources.plugin.version>1.5</remote.resources.plugin.version>
+        <source.plugin.version>2.1.2</source.plugin.version>
+        <install.plugin.version>2.5.2</install.plugin.version>
+        <clean.plugin.version>2.6.1</clean.plugin.version>
+        <maven.jar.plugin.version>3.1.2</maven.jar.plugin.version>
+        <jaxb.plugin.version>2.5.0</jaxb.plugin.version>
+    </properties>
+
+    <dependencyManagement>
+        <dependencies>
+            <!-- eIDAS modules -->
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>SimpleProtocol</artifactId>
+                <version>0.0.4-SNAPSHOT</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-commons</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-light-commons</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-encryption</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-saml-engine</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-updater</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-saml-metadata</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-specific-connector</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-specific-proxyservice</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-specific-communication-definition</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-dev</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-dev-node</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-dev-specific-communication</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-ignite</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-ignite-node</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-node</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-sp</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>eu.eidas</groupId>
+                <artifactId>eidas-idp</artifactId>
+                <version>${project.version}</version>
+            </dependency>
+
+            <!-- Servlets -->
+            <dependency>
+                <groupId>javax.servlet</groupId>
+                <artifactId>javax.servlet-api</artifactId>
+                <version>${servlet.version}</version>
+                <scope>provided</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.glassfish.web</groupId>
+                <artifactId>jakarta.servlet.jsp.jstl</artifactId>
+                <version>${jstl.version}</version>
+                <scope>runtime</scope>
+            </dependency>
+
+            <!-- JSP Java Server Pages -->
+            <dependency>
+                <groupId>javax.servlet</groupId>
+                <artifactId>jsp-api</artifactId>
+                <version>${jsp.api}</version>
+                <scope>provided</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.tomcat</groupId>
+                <artifactId>jasper-el</artifactId>
+                <version>${jasper.version}</version>
+            </dependency>
+
+            <!-- Struts2 -->
+            <dependency>
+                <groupId>org.apache.struts</groupId>
+                <artifactId>struts2-core</artifactId>
+                <version>${struts.version}</version>
+            </dependency>
+
+            <!-- Spring -->
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-core</artifactId>
+                <version>${spring.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-logging</groupId>
+                        <artifactId>commons-logging</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-beans</artifactId>
+                <version>${spring.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-context</artifactId>
+                <version>${spring.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-context-support</artifactId>
+                <version>${spring.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-web</artifactId>
+                <version>${spring.version}</version>
+            </dependency>
+
+            <!-- XML -->
+            <!-- JAXB Jakarta XML Binding -->
+            <dependency>
+                <groupId>jakarta.xml.bind</groupId>
+                <artifactId>jakarta.xml.bind-api</artifactId>
+                <version>${jaxb.api.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.glassfish.jaxb</groupId>
+                <artifactId>jaxb-runtime</artifactId>
+                <version>${jaxb.runtime.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.glassfish</groupId>
+                <artifactId>javax.json</artifactId>
+                <version>${json.runtime.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>xalan</groupId>
+                <artifactId>xalan</artifactId>
+                <version>${xalan.version}</version>
+            </dependency>
+            <!-- OpenSaml -->
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-core</artifactId>
+                <version>${opensaml.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-codec</groupId>
+                        <artifactId>commons-codec</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>commons-collections</groupId>
+                        <artifactId>commons-collections</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>commons-lang</groupId>
+                        <artifactId>commons-lang</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>commons-logging</groupId>
+                        <artifactId>commons-logging</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>javax.servlet</groupId>
+                        <artifactId>servlet-api</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>joda-time</groupId>
+                        <artifactId>joda-time</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>junit</groupId>
+                        <artifactId>junit</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>log4j</groupId>
+                        <artifactId>log4j</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.apache.velocity</groupId>
+                        <artifactId>velocity</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.bouncycastle</groupId>
+                        <artifactId>bcprov-jdk15on</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.slf4j</groupId>
+                        <artifactId>slf4j-api</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.slf4j</groupId>
+                        <artifactId>jcl-over-slf4j</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.slf4j</groupId>
+                        <artifactId>log4j-over-slf4j</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.slf4j</groupId>
+                        <artifactId>jul-to-slf4j</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.springframework</groupId>
+                        <artifactId>spring-test</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-saml-api</artifactId>
+                <version>${opensaml.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-saml-impl</artifactId>
+                <version>${opensaml.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-security-api</artifactId>
+                <version>${opensaml.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.bouncycastle</groupId>
+                        <artifactId>bcprov-jdk15on</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>org.bouncycastle</groupId>
+                        <artifactId>bcpkix-jdk15on</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-security-impl</artifactId>
+                <version>${opensaml.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>net.shibboleth.utilities</groupId>
+                <artifactId>java-support</artifactId>
+                <version>${shibboleth.xmlsupport.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-xmlsec-api</artifactId>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.bouncycastle</groupId>
+                        <artifactId>bcprov-jdk15on</artifactId>
+                    </exclusion>
+                </exclusions>
+                <version>${opensaml.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.opensaml</groupId>
+                <artifactId>opensaml-xmlsec-impl</artifactId>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.bouncycastle</groupId>
+                        <artifactId>bcprov-jdk15on</artifactId>
+                    </exclusion>
+                </exclusions>
+                <version>${opensaml.version}</version>
+            </dependency>
+            <dependency>
+                <!-- EIDINT-4171: Security upgrade of org.apache.santuario:xmlsec found in opensaml-xmlsec-impl -->
+                <groupId>org.apache.santuario</groupId>
+                <artifactId>xmlsec</artifactId>
+                <version>${xmlsec.version}</version>
+            </dependency>
+
+            <!--Logging-->
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>slf4j-api</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>jcl-over-slf4j</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>log4j-over-slf4j</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>jul-to-slf4j</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>slf4j-simple</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.slf4j</groupId>
+                <artifactId>slf4j-log4j12</artifactId>
+                <version>${slf4j.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>commons-logging</groupId>
+                <artifactId>commons-logging</artifactId>
+                <version>${commons.logging}</version>
+            </dependency>
+            <dependency>
+                <groupId>log4j</groupId>
+                <artifactId>log4j</artifactId>
+                <version>${log4j.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>javax.jms</groupId>
+                        <artifactId>jms</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>com.sun.jdmk</groupId>
+                        <artifactId>jmxtools</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>com.sun.jmx</groupId>
+                        <artifactId>jmxri</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <artifactId>mail</artifactId>
+                        <groupId>javax.mail</groupId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>ch.qos.logback</groupId>
+                <artifactId>logback-classic</artifactId>
+                <version>${logback.version}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>org.slf4j</groupId>
+                        <artifactId>slf4j-api</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+
+            <!-- Apache Commons -->
+            <dependency>
+                <groupId>commons-codec</groupId>
+                <artifactId>commons-codec</artifactId>
+                <version>${commons.codec}</version>
+            </dependency>
+            <dependency>
+                <groupId>commons-collections</groupId>
+                <artifactId>commons-collections</artifactId>
+                <version>${commons.collections}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.httpcomponents</groupId>
+                <artifactId>httpclient</artifactId>
+                <version>${commons.httpclient}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-logging</groupId>
+                        <artifactId>commons-logging</artifactId>
+                    </exclusion>
+                    <exclusion>
+                        <groupId>commons-codec</groupId>
+                        <artifactId>commons-codec</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>org.apache.httpcomponents</groupId>
+                <artifactId>httpcore</artifactId>
+                <version>${commons.httpcore}</version>
+                <exclusions>
+                    <exclusion>
+                        <groupId>commons-logging</groupId>
+                        <artifactId>commons-logging</artifactId>
+                    </exclusion>
+                </exclusions>
+            </dependency>
+            <dependency>
+                <groupId>commons-io</groupId>
+                <artifactId>commons-io</artifactId>
+                <version>${commons.io}</version>
+            </dependency>
+            <dependency>
+                <groupId>commons-lang</groupId>
+                <artifactId>commons-lang</artifactId>
+                <version>${commons.lang}</version>
+            </dependency>
+
+            <!-- Additional Dependencies -->
+            <dependency>
+                <groupId>joda-time</groupId>
+                <artifactId>joda-time</artifactId>
+                <version>${joda.time.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.owasp.encoder</groupId>
+                <artifactId>encoder</artifactId>
+                <version>${owasp.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>org.owasp.encoder</groupId>
+                <artifactId>encoder-jsp</artifactId>
+                <version>${owasp.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.google.guava</groupId>
+                <artifactId>guava</artifactId>
+                <version>${guava.version}</version>
+            </dependency>
+            <dependency>
+                <groupId>com.google.code.findbugs</groupId>
+                <artifactId>jsr305</artifactId>
+                <version>${jsr305.version}</version>
+                <scope>provided</scope>
+            </dependency>
+
+            <!-- Bouncy Castle -->
+            <dependency>
+                <groupId>org.bouncycastle</groupId>
+                <artifactId>bcprov-jdk15on</artifactId>
+                <version>${bouncycastle.version}</version>
+            </dependency>
+
+            <!-- International Components for Unicode and Transliteration -->
+            <dependency>
+                <groupId>com.ibm.icu</groupId>
+                <artifactId>icu4j</artifactId>
+                <version>${icu4j.version}</version>
+            </dependency>
+
+            <!-- UNIT TEST Dependencies -->
+            <dependency>
+                <groupId>junit</groupId>
+                <artifactId>junit</artifactId>
+                <version>${junit.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.hamcrest</groupId>
+                <artifactId>hamcrest-all</artifactId>
+                <version>${hamcrest.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.mockito</groupId>
+                <artifactId>mockito-core</artifactId>
+                <version>${mockito.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>xmlunit</groupId>
+                <artifactId>xmlunit</artifactId>
+                <version>${xmlunit.version}</version>
+                <scope>test</scope>
+            </dependency>
+            <dependency>
+                <groupId>org.springframework</groupId>
+                <artifactId>spring-test</artifactId>
+                <version>${spring.version}</version>
+                <scope>test</scope>
+            </dependency>
+        </dependencies>
+    </dependencyManagement>
+
+    <dependencies>
+        <!-- Dependencies in common for all modules -->
+        <dependency>
+            <groupId>commons-collections</groupId>
+            <artifactId>commons-collections</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>commons-io</groupId>
+            <artifactId>commons-io</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>commons-lang</groupId>
+            <artifactId>commons-lang</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.google.guava</groupId>
+            <artifactId>guava</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.google.code.findbugs</groupId>
+            <artifactId>jsr305</artifactId>
+        </dependency>
+
+        <!-- UNIT TEST Dependencies in common for all modules -->
+        <dependency>
+            <groupId>junit</groupId>
+            <artifactId>junit</artifactId>
+            <exclusions>
+                <exclusion>
+                    <artifactId>hamcrest-core</artifactId>
+                    <groupId>org.hamcrest</groupId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.hamcrest</groupId>
+            <artifactId>hamcrest-all</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.mockito</groupId>
+            <artifactId>mockito-core</artifactId>
+            <exclusions>
+                <exclusion>
+                    <artifactId>hamcrest-core</artifactId>
+                    <groupId>org.hamcrest</groupId>
+                </exclusion>
+            </exclusions>
+        </dependency>
+        <dependency>
+            <groupId>xmlunit</groupId>
+            <artifactId>xmlunit</artifactId>
+        </dependency>
+    </dependencies>
+
+    <build>
+        <pluginManagement>
+            <plugins>
+
+                <plugin>
+                    <groupId>com.orctom.mojo</groupId>
+                    <artifactId>was-maven-plugin</artifactId>
+                    <version>1.0.8</version>
+                    <configuration>
+                        <wasHome>c:/pgm/wlp</wasHome>
+                        <applicationName>${proj.name}</applicationName>
+                        <host>localhost</host>
+                        <server>server01</server>
+                        <node>node01</node>
+                        <virtualHost>default_host</virtualHost>
+                        <verbose>true</verbose>
+                    </configuration>
+                </plugin>
+
+                <plugin>
+                    <groupId>org.apache.tomcat.maven</groupId>
+                    <artifactId>tomcat7-maven-plugin</artifactId>
+                    <version>2.2</version>
+                    <configuration>
+                        <url>http://localhost:8080/manager/text</url>
+                        <server>tomcat</server>
+                        <path>/${proj.name}</path>
+                        <username>admin</username>
+                        <password>admin</password>
+                    </configuration>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-war-plugin</artifactId>
+                    <version>${war.plugin.version}</version>
+                    <configuration>
+                        <webResources>
+                            <resource>
+                                <directory>${project.basedir}/src/main/webapp/WEB-INF</directory>
+                                <filtering>true</filtering>
+                                <targetPath>WEB-INF</targetPath>
+                                <includes>
+                                    <include>**/web.xml</include>
+                                </includes>
+                            </resource>
+                        </webResources>
+                    </configuration>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-source-plugin</artifactId>
+                    <version>${source.plugin.version}</version>
+                    <executions>
+                        <execution>
+                            <id>attach-sources</id>
+                            <phase>verify</phase>
+                            <goals>
+                                <goal>jar-no-fork</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin>
+                <plugin>
+                    <groupId>org.jacoco</groupId>
+                    <artifactId>jacoco-maven-plugin</artifactId>
+                    <version>${jacoco.plugin.version}</version>
+                    <executions>
+                        <execution>
+                            <id>default-prepare-agent</id>
+                            <goals>
+                                <goal>prepare-agent</goal>
+                            </goals>
+                        </execution>
+                        <execution>
+                            <id>default-report</id>
+                            <goals>
+                                <goal>report</goal>
+                            </goals>
+                            <configuration>
+                                <formats>HTML,XML</formats>
+                            </configuration>
+                        </execution>
+                    </executions>
+                </plugin>
+                <plugin>
+                    <groupId>org.codehaus.mojo</groupId>
+                    <artifactId>jaxb2-maven-plugin</artifactId>
+                    <version>${jaxb.plugin.version}</version>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-resources-plugin</artifactId>
+                    <version>${resources.plugin.version}</version>
+                </plugin>
+                <plugin>
+                    <groupId>org.apache.maven.plugins</groupId>
+                    <artifactId>maven-jar-plugin</artifactId>
+                    <version>${maven.jar.plugin.version}</version>
+                </plugin>
+                <!--plugin>
+                    <groupId>org.owasp</groupId>
+                    <artifactId>dependency-check-maven</artifactId>
+                    <version>${owasp.dependency-check.version}</version>
+                    <configuration>
+                        <failBuildOnCVSS>8</failBuildOnCVSS>
+                    </configuration>
+                    <executions>
+                        <execution>
+                            <goals>
+                                <goal>check</goal>
+                            </goals>
+                        </execution>
+                    </executions>
+                </plugin-->
+            </plugins>
+        </pluginManagement>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-compiler-plugin</artifactId>
+                <version>${compile.plugin.version}</version>
+                <configuration>
+                    <source>${java.version}</source>
+                    <target>${java.version}</target>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <version>${surefire.plugin.version}</version>
+                <configuration>
+                    <skip>false</skip>
+                </configuration>
+            </plugin>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-javadoc-plugin</artifactId>
+                <version>${javadoc.plugin.version}</version>
+                <configuration>
+                    <detectLinks>true</detectLinks>
+                    <additionalJOption>--add-exports java.base/sun.security.rsa=ALL-UNNAMED</additionalJOption>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+    <modules>
+        <module>../EIDAS-Light-Commons</module>
+        <module>../EIDAS-Commons</module>
+        <module>../EIDAS-Encryption</module>
+        <module>../EIDAS-Metadata</module>
+        <module>../EIDAS-SpecificCommunicationDefinition</module>
+        <!--start of TODO remove when/if EIDAS-Node pom does not depend on eidas-jcache-dev-node artifact to test-->
+        <module>../EIDAS-JCache-Dev</module>
+        <module>../EIDAS-JCache-Dev-Node</module>
+        <!--TODOEND-->
+    </modules>
+    <profiles>
+        <profile>
+            <id>NodeOnly</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>../EIDAS-SAMLEngine</module>
+                <module>../EIDAS-UPDATER</module>
+                <module>../EIDAS-Node</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>DemoToolsOnly</id>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+            </activation>
+            <modules>
+                <module>../EIDAS-SimpleProtocol</module>
+                <module>../EIDAS-SpecificProxyService</module>
+                <module>../EIDAS-SpecificConnector</module>
+                <module>../EIDAS-SP</module>
+                <module>../EIDAS-IdP-1.0</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>nodeJcacheIgnite</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>../EIDAS-JCache-Ignite</module>
+                <module>../EIDAS-JCache-Ignite-Node</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>nodeJcacheDev</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>../EIDAS-JCache-Dev</module>
+                <module>../EIDAS-JCache-Dev-Node</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>specificCommunicationJcacheIgnite</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <modules>
+                <module>../EIDAS-JCache-Ignite</module>
+                <module>../EIDAS-JCache-Ignite-Specific-Communication</module>
+            </modules>
+        </profile>
+        <profile>
+            <id>specificCommunicationJcacheDev</id>
+            <activation>
+                <activeByDefault>false</activeByDefault>
+                <property>
+                    <name>specificJar</name>
+                </property>
+            </activation>
+            <modules>
+                <module>../EIDAS-JCache-Dev</module>
+                <module>../EIDAS-JCache-Dev-Specific-Communication</module>
+            </modules>
+        </profile>
+    </profiles>
+</project>
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0-sources.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0-sources.jar
new file mode 100644
index 00000000..5e405828
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0-sources.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.jar b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.jar
new file mode 100644
index 00000000..f56a139e
Binary files /dev/null and b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.jar differ
diff --git a/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.pom b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.pom
new file mode 100644
index 00000000..df092575
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/repository/eu/eidas/eidas-specific-communication-definition/2.6.0/eidas-specific-communication-definition-2.6.0.pom
@@ -0,0 +1,125 @@
+<!--
+  ~ Copyright (c) 2022 by European Commission
+  ~
+  ~ Licensed under the EUPL, Version 1.2 or - as soon they will be
+  ~ approved by the European Commission - subsequent versions of the
+  ~ EUPL (the "Licence");
+  ~ You may not use this work except in compliance with the Licence.
+  ~ You may obtain a copy of the Licence at:
+  ~ https://joinup.ec.europa.eu/page/eupl-text-11-12
+  ~
+  ~ Unless required by applicable law or agreed to in writing, software
+  ~ distributed under the Licence is distributed on an "AS IS" basis,
+  ~ WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+  ~ implied.
+  ~ See the Licence for the specific language governing permissions and
+  ~ limitations under the Licence.
+  -->
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0
+                             http://maven.apache.org/maven-v4_0_0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+    <artifactId>eidas-specific-communication-definition</artifactId>
+    <packaging>jar</packaging>
+    <name>eIDAS Specific Communication Definition</name>
+    <description>Defines and implements the communication protocol to be used between specific and node modules.
+    </description>
+    <parent>
+        <groupId>eu.eidas</groupId>
+        <artifactId>eidas-parent</artifactId>
+        <version>2.6.0</version>
+        <relativePath>../EIDAS-Parent/pom.xml</relativePath>
+    </parent>
+    <properties>
+        <lightRequest.xsd>lightRequest.xsd</lightRequest.xsd>
+    </properties>
+    <dependencies>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-context</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>eu.eidas</groupId>
+            <artifactId>eidas-commons</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>javax.servlet</groupId>
+            <artifactId>javax.servlet-api</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.glassfish.jaxb</groupId>
+            <artifactId>jaxb-runtime</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-test</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>commons-logging</groupId>
+            <artifactId>commons-logging</artifactId>
+            <scope>test</scope>
+        </dependency>
+        <dependency>
+            <groupId>eu.eidas</groupId>
+            <artifactId>eidas-jcache-dev</artifactId>
+            <scope>test</scope>
+        </dependency>
+    </dependencies>
+    <build>
+        <plugins>
+            <plugin>
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-source-plugin</artifactId>
+            </plugin>
+            <plugin>
+                <groupId>org.codehaus.mojo</groupId>
+                <artifactId>jaxb2-maven-plugin</artifactId>
+                <executions>
+                    <execution>
+                        <id>xjc</id>
+                        <goals>
+                            <goal>xjc</goal>
+                        </goals>
+                    </execution>
+                </executions>
+                <configuration>
+                    <sources>
+                        <source>src/main/resources/xsds/${lightRequest.xsd}</source>
+                        <source>src/main/resources/xsds/lightResponse.xsd</source>
+                    </sources>
+                    <packageName>eu.eidas.specificcommunication</packageName>
+                    <noPackageLevelAnnotations>true</noPackageLevelAnnotations>
+                </configuration>
+            </plugin>
+        </plugins>
+    </build>
+    <profiles>
+        <profile>
+            <id>specificCommunicationJcacheIgnite</id>
+            <activation>
+                <activeByDefault>true</activeByDefault>
+            </activation>
+            <dependencies>
+                <dependency>
+                    <groupId>eu.eidas</groupId>
+                    <artifactId>eidas-jcache-ignite-specific-communication</artifactId>
+                </dependency>
+            </dependencies>
+        </profile>
+        <profile>
+            <id>specificCommunicationJcacheDev</id>
+            <!-- <activation> -->
+                <!-- <property> -->
+                    <!-- <name>specificJar</name> -->
+                <!-- </property> -->
+            <!-- </activation> -->
+            <dependencies>
+                <dependency>
+                    <groupId>eu.eidas</groupId>
+                    <artifactId>eidas-jcache-dev-specific-communication</artifactId>
+                </dependency>
+            </dependencies>
+        </profile>
+    </profiles>
+</project>
-- 
cgit v1.2.3


From 38d7758281b9cb8ba0f1a7e8a8d10098bcf2dcb8 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 3 Jun 2022 11:40:52 +0200
Subject: refactor(eidas): split 'authmodule-eIDAS-v2' into 'common-eidas' 
 code and connector-specific elements

---
 .../checks/spotbugs-exclude.xml                    |   8 +-
 modules/authmodule-eIDAS-v2/pom.xml                |  11 +-
 .../specific/modules/auth/eidas/v2/Constants.java  |  78 +++------
 .../modules/auth/eidas/v2/EidasSignalServlet.java  |   2 +-
 .../auth/eidas/v2/clients/ernp/ErnpRestClient.java |  23 +--
 .../auth/eidas/v2/clients/zmr/ZmrSoapClient.java   |  23 +--
 .../eidas/v2/handler/AbstractEidProcessor.java     |  39 +++--
 .../auth/eidas/v2/handler/DeEidProcessor.java      |   8 +-
 .../handler/DeSpecificDetailSearchProcessor.java   |   5 +-
 .../v2/service/CcSpecificEidProcessingService.java |   8 +-
 .../service/ConnectorEidasAttributeRegistry.java   | 107 ++++++++++++
 .../eidas/v2/service/EidasAttributeRegistry.java   | 180 ---------------------
 .../eidas/v2/tasks/CreateIdentityLinkTask.java     |   1 +
 .../eidas/v2/tasks/GenerateAuthnRequestTask.java   |  20 +--
 .../tasks/ReceiveAuthnResponseAlternativeTask.java |   5 +-
 .../eidas/v2/tasks/ReceiveAuthnResponseTask.java   |   8 +-
 .../auth/eidas/v2/utils/EidasResponseUtils.java    |  43 ++---
 .../eidas/v2/validator/EidasResponseValidator.java |  24 +--
 .../src/main/resources/eidas_v2_auth.beans.xml     |   5 +-
 .../auth/eidas/v2/test/EidasSignalServletTest.java |   9 +-
 .../v2/test/clients/ZmrClientProductionTest.java   |   8 +-
 .../auth/eidas/v2/test/clients/ZmrClientTest.java  |   8 +-
 .../dummy/DummySpecificCommunicationService.java   |  66 --------
 .../AlternativeSearchTaskWithRegisterTest.java     |  15 +-
 .../tasks/CreateIdentityLinkTaskEidNewTest.java    |  19 +--
 .../v2/test/tasks/CreateIdentityLinkTaskTest.java  |  11 +-
 .../test/tasks/GenerateAuthnRequestTaskTest.java   |   7 +-
 .../eidas/v2/test/tasks/InitialSearchTaskTest.java |  15 +-
 .../tasks/InitialSearchTaskWithRegistersTest.java  |  15 +-
 .../test/tasks/ReceiveAuthnResponseTaskTest.java   |  17 +-
 .../test/tasks/ReceiveEidasResponseTaskTest.java   |  19 +--
 .../EidasAttributePostProcessingTest.java          |  15 +-
 .../validation/EidasResponseValidatorTest.java     |   8 +-
 .../resources/SpringTest-context_basic_test.xml    |   9 +-
 .../resources/SpringTest-context_tasks_test.xml    |  14 +-
 35 files changed, 354 insertions(+), 499 deletions(-)
 create mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ConnectorEidasAttributeRegistry.java
 delete mode 100644 modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
 delete mode 100644 modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
index 9b12a750..84efc85d 100644
--- a/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
+++ b/modules/authmodule-eIDAS-v2/checks/spotbugs-exclude.xml
@@ -23,13 +23,7 @@
       <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
       <Method name="restoreEidasAuthProcess" />
       <Bug pattern="SPRING_CSRF_UNRESTRICTED_REQUEST_MAPPING" />               
-    </Match>
-    <Match>
-      <!-- File path is only loaded from configuration -->
-      <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry" />
-      <Method name="initialize" />
-      <Bug pattern="PATH_TRAVERSAL_IN" />               
-    </Match>
+    </Match>    
     <Match>
       <!-- Redirect URL is only loaded from configuration -->
       <Class name="at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask" />
diff --git a/modules/authmodule-eIDAS-v2/pom.xml b/modules/authmodule-eIDAS-v2/pom.xml
index bcec12b6..cfc7ac94 100644
--- a/modules/authmodule-eIDAS-v2/pom.xml
+++ b/modules/authmodule-eIDAS-v2/pom.xml
@@ -45,6 +45,10 @@
       <groupId>at.asitplus.eidas.ms_specific</groupId>
       <artifactId>core_common_lib</artifactId>
     </dependency>
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_commons_eidas</artifactId>
+    </dependency>     
     <dependency>
       <groupId>at.gv.egiz.eaaf</groupId>
       <artifactId>eaaf-core</artifactId>
@@ -194,7 +198,12 @@
       <scope>test</scope>
       <type>test-jar</type>
     </dependency>
-
+    <dependency>
+      <groupId>at.asitplus.eidas.ms_specific</groupId>
+      <artifactId>core_commons_eidas</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>        
+    </dependency>          
     <dependency>
       <groupId>at.gv.egiz.eaaf</groupId>
       <artifactId>eaaf_core_utils</artifactId>
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
index 4b234c41..e766fc49 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/Constants.java
@@ -23,6 +23,7 @@
 
 package at.asitplus.eidas.specific.modules.auth.eidas.v2;
 
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 
 public class Constants {
@@ -54,21 +55,16 @@ public class Constants {
    */
   public static final String DATA_PERSON_MATCH_RESULT = "matching_result";
 
-  // templates for post-binding forwarding
-  public static final String TEMPLATE_POST_FORWARD_NAME = "eidas_node_forward.html";
-  public static final String TEMPLATE_POST_FORWARD_ENDPOINT = "endPoint";
-  public static final String TEMPLATE_POST_FORWARD_TOKEN_NAME = "tokenName";
-  public static final String TEMPLATE_POST_FORWARD_TOKEN_VALUE = "tokenValue";
+
 
   // configuration properties
-  public static final String CONIG_PROPS_EIDAS_PREFIX = "auth.eIDAS";
-  
+    
   public static final String CONIG_PROPS_EIDAS_WORKAROUND_STAGING_MS_CONNECTOR =
-      CONIG_PROPS_EIDAS_PREFIX + ".workarounds.staging.msconnector.endpoint";  
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".workarounds.staging.msconnector.endpoint";  
   public static final String CONIG_PROPS_EIDAS_IS_TEST_IDENTITY = 
-      CONIG_PROPS_EIDAS_PREFIX  + ".eid.testidentity.default";
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX  + ".eid.testidentity.default";
   
-  public static final String CONIG_PROPS_EIDAS_NODE = CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
+  public static final String CONIG_PROPS_EIDAS_NODE = EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".node_v2";
   public static final String CONIG_PROPS_EIDAS_NODE_COUNTRYCODE = CONIG_PROPS_EIDAS_NODE + ".countrycode";
   public static final String CONIG_PROPS_EIDAS_NODE_PUBLICSECTOR_TARGETS = CONIG_PROPS_EIDAS_NODE
       + ".publicSectorTargets";
@@ -78,15 +74,17 @@ public class Constants {
     
   public static final String CONIG_PROPS_EIDAS_NODE_FORWARD_METHOD = CONIG_PROPS_EIDAS_NODE
       + ".forward.method";
+  
   public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL =
-      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural";
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".attributes.requested.onlynatural";
   public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL =
-      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".attributes.requested.{0}.onlynatural";
   public static final String CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_REPRESENTATION =
-      CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation";
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".attributes.requested.representation";
+  
 
   public static final String CONIG_PROPS_EIDAS_NODE_REQUESTERID_USE_HASHED_VERSION =
-      CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";
+      EidasConstants.CONIG_PROPS_EIDAS_NODE + ".requesterId.useHashedForm";
   public static final String CONIG_PROPS_EIDAS_NODE_WORKAROUND_USE_STATIC_REQUESTERID_FOR_LUX =
       CONIG_PROPS_EIDAS_NODE + ".requesterId.lu.useStaticRequesterForAll";
 
@@ -107,7 +105,8 @@ public class Constants {
 
   
   // Common SSL client configuration 
-  public static final String CONIG_PROPS_EIDAS_COMMON_CLIENT = CONIG_PROPS_EIDAS_PREFIX + ".client.common";
+  public static final String CONIG_PROPS_EIDAS_COMMON_CLIENT = 
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".client.common";
   public static final String CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_COMMON_CLIENT
       + ".ssl.keyStore.path";
   public static final String CONIG_PROPS_EIDAS_COMMON_CLIENT_SSL_KEYSTORE_PASSWORD = CONIG_PROPS_EIDAS_COMMON_CLIENT
@@ -131,7 +130,8 @@ public class Constants {
   
     
   // ZMR Client configuration properties
-  public static final String CONIG_PROPS_EIDAS_ZMRCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".zmrclient";
+  public static final String CONIG_PROPS_EIDAS_ZMRCLIENT = 
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".zmrclient";
   public static final String CONIG_PROPS_EIDAS_ZMRCLIENT_ENDPOINT = CONIG_PROPS_EIDAS_ZMRCLIENT
       + ".endpoint";
   public static final String CONIG_PROPS_EIDAS_ZMRCLIENT_DEBUG_TRACEMESSAGES = CONIG_PROPS_EIDAS_ZMRCLIENT
@@ -168,7 +168,8 @@ public class Constants {
       + ".ssl.trustStore.name";
   
   // ErnP Client configuration properties
-  public static final String CONIG_PROPS_EIDAS_ERNPCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".ernpclient";
+  public static final String CONIG_PROPS_EIDAS_ERNPCLIENT = 
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".ernpclient";
   public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_ENDPOINT = CONIG_PROPS_EIDAS_ERNPCLIENT
       + ".endpoint";
   public static final String CONIG_PROPS_EIDAS_ERNPCLIENT_SSL_KEYSTORE_PATH = CONIG_PROPS_EIDAS_ERNPCLIENT
@@ -203,7 +204,8 @@ public class Constants {
   
   
   // SZR Client configuration properties
-  public static final String CONIG_PROPS_EIDAS_SZRCLIENT = CONIG_PROPS_EIDAS_PREFIX + ".szrclient";
+  public static final String CONIG_PROPS_EIDAS_SZRCLIENT = 
+      EidasConstants.CONIG_PROPS_EIDAS_PREFIX + ".szrclient";
   public static final String CONIG_PROPS_EIDAS_SZRCLIENT_USETESTSERVICE = CONIG_PROPS_EIDAS_SZRCLIENT
       + ".useTestService";
   public static final String CONIG_PROPS_EIDAS_SZRCLIENT_DEBUG_TRACEMESSAGES = CONIG_PROPS_EIDAS_SZRCLIENT
@@ -261,7 +263,7 @@ public class Constants {
   public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_REVISIONLOGDATASTORE_ACTIVE =
       CONIG_PROPS_EIDAS_SZRCLIENT + ".revisionlog.eidmapping.active";
 
-  public static final String DEFAULT_MS_NODE_COUNTRY_CODE = "AT";
+  
   
   @Deprecated
   public static final String CONIG_PROPS_EIDAS_SZRCLIENT_WORKAROUND_SQLLITEDATASTORE_URL =
@@ -279,50 +281,12 @@ public class Constants {
   // eIDAS request parameters
   public static final String eIDAS_REQ_NAMEID_FORMAT = "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent";
 
-  // eIDAS attribute names
-  public static final String eIDAS_ATTR_PERSONALIDENTIFIER = "PersonIdentifier";
-  public static final String eIDAS_ATTR_DATEOFBIRTH = "DateOfBirth";
-  public static final String eIDAS_ATTR_CURRENTGIVENNAME = "FirstName";
-  public static final String eIDAS_ATTR_CURRENTFAMILYNAME = "FamilyName";
-  public static final String eIDAS_ATTR_PLACEOFBIRTH = "PlaceOfBirth";
-  public static final String eIDAS_ATTR_BIRTHNAME = "BirthName";
-  public static final String eIDAS_ATTR_CURRENTADDRESS = "CurrentAddress";
-  public static final String eIDAS_ATTR_TAXREFERENCE = "TaxReference";
-
-  public static final String eIDAS_ATTR_LEGALPERSONIDENTIFIER = "LegalPersonIdentifier";
-  public static final String eIDAS_ATTR_LEGALNAME = "LegalName";
-
-  public static final String eIDAS_ATTR_REPRESENTATIVE_PERSONALIDENTIFIER = "RepresentativePersonIdentifier";
-  public static final String eIDAS_ATTR_REPRESENTATIVE_DATEOFBIRTH = "RepresentativeDateOfBirth";
-  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTGIVENNAME = "RepresentativeFirstName";
-  public static final String eIDAS_ATTR_REPRESENTATIVE_CURRENTFAMILYNAME = "RepresentativeFamilyName";
-    
-  //eIDAS attribute URN
-  public static final String eIDAS_ATTRURN_PREFIX = "http://eidas.europa.eu/attributes/";
-  public static final String eIDAS_ATTRURN_PREFIX_NATURAL = eIDAS_ATTRURN_PREFIX + "naturalperson/";
-
-  public static final String eIDAS_ATTRURN_PERSONALIDENTIFIER =
-      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PERSONALIDENTIFIER;  
-  public static final String eIDAS_ATTRURN_CURRENTGIVENNAME =
-      eIDAS_ATTRURN_PREFIX_NATURAL + "CurrentGivenName";
-  public static final String eIDAS_ATTRURN_CURRENTFAMILYNAME =
-      eIDAS_ATTRURN_PREFIX_NATURAL + "CurrentFamilyName";
-  public static final String eIDAS_ATTRURN_DATEOFBIRTH =
-      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_DATEOFBIRTH;  
-  public static final String eIDAS_ATTRURN_PLACEOFBIRTH =
-      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_PLACEOFBIRTH;
-  public static final String eIDAS_ATTRURN_BIRTHNAME =
-      eIDAS_ATTRURN_PREFIX_NATURAL + eIDAS_ATTR_BIRTHNAME;
-
   public static final String eIDAS_REQ_PARAM_SECTOR_PUBLIC = "public";
   public static final String eIDAS_REQ_PARAM_SECTOR_PRIVATE = "private";
 
   public static final String POLICY_DEFAULT_ALLOWED_TARGETS =
       EaafConstants.URN_PREFIX_CDID.replaceAll("\\.", "\\\\.").replaceAll("\\+", "\\\\+") + ".*";
 
-  // SAML2 Constants
-  public static final String SUCCESS_URI = "urn:oasis:names:tc:SAML:2.0:status:Success";
-  public static final String ERROR_URI = "urn:oasis:names:tc:SAML:2.0:status:Responder";
 
   public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_CONNECTION = "30"; // seconds
   public static final String HTTP_CLIENT_DEFAULT_TIMEOUT_RESPONSE = "60"; // seconds
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
index d3cac80c..e3600329 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/EidasSignalServlet.java
@@ -40,7 +40,7 @@ import org.springframework.web.bind.annotation.RequestMethod;
 import com.google.common.collect.ImmutableSortedSet;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractProcessEngineSignalController;
 import eu.eidas.auth.commons.EidasParameterKeys;
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
index 119a7c60..a847a519 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/ernp/ErnpRestClient.java
@@ -65,6 +65,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenti
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ErnpRestCommunicationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.VersionHolder;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.base._20040201_.ServiceFault;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
@@ -104,7 +105,7 @@ public class ErnpRestClient implements IErnpClient {
   //    "ERnP anwser for transaction: {0} with code: {1} and message: {2}";
 
   private static final String PROCESS_SEARCH_PERSONAL_IDENTIFIER =
-      "Searching " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER;
+      "Searching " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER;
   private static final String PROCESS_SEARCH_MDS_ONLY = "Searching with MDS only";
   private static final String PROCESS_SEARCH_COUNTRY_SPECIFIC = "Searching {0} specific";
 
@@ -139,7 +140,7 @@ public class ErnpRestClient implements IErnpClient {
 
       // build search request
       final SuchEidas eidasInfos = new SuchEidas();
-      eidasInfos.setArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
+      eidasInfos.setArt(EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
       eidasInfos.setWert(personIdentifier);
       eidasInfos.setStaatscode2(citizenCountryCode);
 
@@ -427,15 +428,15 @@ public class ErnpRestClient implements IErnpClient {
     // build result
     return RegisterResult.builder()
         .pseudonym(selectAllEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
+            EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
         .familyName(person.getPersonendaten().getFamilienname())
         .givenName(person.getPersonendaten().getVorname())
         .dateOfBirth(getTextualBirthday(person.getPersonendaten().getGeburtsdatum()))
         .bpk(person.getPersonendaten().getBpkZp())
         .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PLACEOFBIRTH))
+            EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH))
         .birthName(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_BIRTHNAME))
+            EidasConstants.eIDAS_ATTRURN_BIRTHNAME))
         .build();
 
   }
@@ -501,11 +502,11 @@ public class ErnpRestClient implements IErnpClient {
     //TODO: maybe we should re-factor SimpleEidasData to a generic data-model to facilitate arbitrary eIDAS attributes  
     Set<Eidas> result = new HashSet<>();   
     addEidasDocumentIfNotAvailable(result, ernpPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym(), true);    
+        EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym(), true);    
     addEidasDocumentIfNotAvailable(result, ernpPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth(), false);
+        EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth(), false);
     addEidasDocumentIfNotAvailable(result, ernpPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName(), false);
+        EidasConstants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName(), false);
         
     return result;
     
@@ -596,17 +597,17 @@ public class ErnpRestClient implements IErnpClient {
   
   private void buildNewEidasDocumens(PersonAnlegen ernpReq, SimpleEidasData eidData) {
     ernpReq.addEidasItem(buildNewEidasDocument(eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym()));
+        EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym()));
     
     if (StringUtils.isNotEmpty(eidData.getPlaceOfBirth())) {
       ernpReq.addEidasItem(buildNewEidasDocument(eidData.getCitizenCountryCode(),
-          Constants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth()));
+          EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth()));
         
     }
         
     if (StringUtils.isNotEmpty(eidData.getBirthName())) {
       ernpReq.addEidasItem(buildNewEidasDocument(eidData.getCitizenCountryCode(), 
-          Constants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName()));
+          EidasConstants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName()));
       
     }        
   }
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
index 8dbd0632..904afc37 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/clients/zmr/ZmrSoapClient.java
@@ -31,6 +31,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenti
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.ZmrCommunicationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.VersionHolder;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.base._20040201.ClientInfoType;
 import at.gv.bmi.namespace.zmr_su.base._20040201.Organisation;
 import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
@@ -95,7 +96,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
   private static final String PROCESS_TASK_UPDATE = "ZPR_VO_Person_aendern";
   
   private static final String PROCESS_SEARCH_PERSONAL_IDENTIFIER = 
-      "Searching " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER;
+      "Searching " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER;
   private static final String PROCESS_SEARCH_MDS_ONLY = "Searching with MDS only";
   private static final String PROCESS_SEARCH_COUNTRY_SPECIFIC = "Searching {0} specific";
   private static final String PROCESS_SEARCH_BY_RESIDENCE = "Searching by residence";
@@ -133,7 +134,7 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
       req.setPersonSuchenRequest(searchPersonReq);
       final EidasSuchdatenType eidasInfos = new EidasSuchdatenType();
       searchPersonReq.getEidasSuchdaten().add(eidasInfos);
-      eidasInfos.setEidasArt(Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
+      eidasInfos.setEidasArt(EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER);
       eidasInfos.setEidasWert(personPseudonym);
       eidasInfos.setStaatscode2(citizenCountryCode);
       
@@ -589,15 +590,15 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
     // build result
     return RegisterResult.builder()
         .pseudonym(selectAllEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
+            EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER))
         .familyName(person.getNatuerlichePerson().getPersonenName().getFamilienname())
         .givenName(person.getNatuerlichePerson().getPersonenName().getVorname())
         .dateOfBirth(person.getNatuerlichePerson().getGeburtsdatum())
         .bpk(extractBpkZp(person.getNatuerlichePerson()))
         .placeOfBirth(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_PLACEOFBIRTH))
+            EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH))
         .birthName(selectSingleEidasDocument(person, citizenCountryCode,
-            Constants.eIDAS_ATTRURN_BIRTHNAME))        
+            EidasConstants.eIDAS_ATTRURN_BIRTHNAME))        
         .build();
 
   }
@@ -765,19 +766,19 @@ public class ZmrSoapClient extends AbstractSoapClient implements IZmrClient {
     //TODO: maybe we should re-factor SimpleEidasData to a generic data-model to facilitate arbitrary eIDAS attributes  
     Set<EidasIdentitaetAnlageType> result = new HashSet<>();   
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym(), true);    
+        EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER, eidData.getPseudonym(), true);    
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth(), false);
+        EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth(), false);
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName(), false);
+        EidasConstants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName(), false);
     
     // add MDS attributes as 'eIDAS-Documents' too, because ZMR does not allow a MDS update on regular places.
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_CURRENTGIVENNAME, eidData.getGivenName(), false);
+        EidasConstants.eIDAS_ATTRURN_CURRENTGIVENNAME, eidData.getGivenName(), false);
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt, eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_CURRENTFAMILYNAME, eidData.getFamilyName(), false);
+        EidasConstants.eIDAS_ATTRURN_CURRENTFAMILYNAME, eidData.getFamilyName(), false);
     addEidasDocumentIfNotAvailable(result, zmrPersonToKitt,  eidData.getCitizenCountryCode(), 
-        Constants.eIDAS_ATTRURN_DATEOFBIRTH, eidData.getDateOfBirth(), false);
+        EidasConstants.eIDAS_ATTRURN_DATEOFBIRTH, eidData.getDateOfBirth(), false);
         
     return result;
     
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
index f626e986..8716f80d 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/AbstractEidProcessor.java
@@ -48,8 +48,9 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ConnectorEidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
@@ -65,7 +66,7 @@ import lombok.extern.slf4j.Slf4j;
 public abstract class AbstractEidProcessor implements INationalEidProcessor {
 
   @Autowired
-  protected EidasAttributeRegistry attrRegistry;
+  protected ConnectorEidasAttributeRegistry attrRegistry;
   @Autowired
   protected IConfigurationWithSP basicConfig;
 
@@ -81,28 +82,31 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   @Override
   public final SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
       EidasAttributeException {
+
     SimpleEidasData.SimpleEidasDataBuilder builder = SimpleEidasData.builder()
         .personalIdentifier(EidasResponseUtils.processPersonalIdentifier(
-            eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)))
+            eidasAttrMap.get(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)))
         
         // MDS attributes
-        .citizenCountryCode(processCountryCode(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)))
-        .pseudonym(processPseudonym(eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER)))
-        .familyName(processFamilyName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTFAMILYNAME)))
-        .givenName(processGivenName(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTGIVENNAME)))
-        .dateOfBirth(processDateOfBirthToString(eidasAttrMap.get(Constants.eIDAS_ATTR_DATEOFBIRTH)))
+        .citizenCountryCode(processCountryCode(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)))
+        .pseudonym(processPseudonym(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER)))
+        .familyName(processFamilyName(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME)))
+        .givenName(processGivenName(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME)))
+        .dateOfBirth(processDateOfBirthToString(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_DATEOFBIRTH)))
 
         // additional attributes
-        .placeOfBirth(processPlaceOfBirth(eidasAttrMap.get(Constants.eIDAS_ATTR_PLACEOFBIRTH)))
-        .birthName(processBirthName(eidasAttrMap.get(Constants.eIDAS_ATTR_BIRTHNAME)))
-        .address(processAddress(eidasAttrMap.get(Constants.eIDAS_ATTR_CURRENTADDRESS)));
+        .placeOfBirth(processPlaceOfBirth(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH)))
+        .birthName(processBirthName(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_BIRTHNAME)))
+        .address(processAddress(eidasAttrMap.get(EidasConstants.eIDAS_ATTR_CURRENTADDRESS)));
     
-    if (eidasAttrMap.containsKey(Constants.eIDAS_ATTR_TAXREFERENCE)) {
-      builder.taxNumber(EidasResponseUtils.processTaxReference(eidasAttrMap.get(Constants.eIDAS_ATTR_TAXREFERENCE)));
+    if (eidasAttrMap.containsKey(EidasConstants.eIDAS_ATTR_TAXREFERENCE)) {
+      builder.taxNumber(EidasResponseUtils.processTaxReference(
+          eidasAttrMap.get(EidasConstants.eIDAS_ATTR_TAXREFERENCE)));
       
     }
     
     return builder.build();
+
   }
 
 
@@ -125,6 +129,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected PostalAddressType processAddress(Object currentAddressObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processAddress(currentAddressObj);
+    
   }
 
   /**
@@ -138,6 +143,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected String processBirthName(Object birthNameObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processBirthName(birthNameObj);
+
   }
 
   /**
@@ -151,6 +157,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected String processPlaceOfBirth(Object placeOfBirthObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processPlaceOfBirth(placeOfBirthObj);
+
   }
 
   /**
@@ -164,6 +171,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected DateTime processDateOfBirth(Object dateOfBirthObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processDateOfBirth(dateOfBirthObj);
+
   }
 
   /**
@@ -177,6 +185,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected String processGivenName(Object givenNameObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processGivenName(givenNameObj);
+
   }
 
   /**
@@ -190,6 +199,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected String processFamilyName(Object familyNameObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processFamilyName(familyNameObj);
+
   }
 
   /**
@@ -203,6 +213,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
   protected String processPseudonym(Object personalIdObj) throws EidPostProcessingException,
       EidasAttributeException {
     return EidasResponseUtils.processPseudonym(personalIdObj);
+
   }
 
   /**
@@ -334,7 +345,7 @@ public abstract class AbstractEidProcessor implements INationalEidProcessor {
     final ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder();
     for (final Map.Entry<String, Boolean> attribute : requiredAttributes.entrySet()) {
       final String name = attribute.getKey();
-      final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry
+      final ImmutableSortedSet<AttributeDefinition<?>> byFriendlyName = attrRegistry.getCoreRegistry()
           .getCoreAttributeRegistry().getByFriendlyName(name);
       if (!byFriendlyName.isEmpty()) {
         final AttributeDefinition<?> attributeDefinition = byFriendlyName.first();
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
index 6dc08181..2c1e8fdd 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeEidProcessor.java
@@ -32,10 +32,10 @@ import org.apache.commons.codec.binary.Hex;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.egiz.eaaf.core.impl.data.Triple;
 
 
@@ -70,15 +70,15 @@ public class DeEidProcessor extends AbstractEidProcessor {
   protected String processPseudonym(Object uniqeIdentifierObj) throws EidPostProcessingException,
       EidasAttributeException {
     if (uniqeIdentifierObj == null || !(uniqeIdentifierObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     }
 
     final Triple<String, String, String> eIdentifier =
         EidasResponseUtils.parseEidasPersonalIdentifier((String) uniqeIdentifierObj);
 
-    log.trace(getName() + " starts processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    log.trace(getName() + " starts processing of attribute: " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     final String result = convertDeIdentifier(eIdentifier.getThird());
-    log.debug(getName() + " finished processing of attribute: " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    log.debug(getName() + " finished processing of attribute: " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
 
     return result;
 
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
index e05fe86b..64db9eed 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/handler/DeSpecificDetailSearchProcessor.java
@@ -27,6 +27,7 @@ import org.apache.commons.lang3.StringUtils;
 
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
 import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
@@ -62,9 +63,9 @@ public class DeSpecificDetailSearchProcessor implements CountrySpecificDetailSea
     
     //add addtional eIDAS attributes from DE
     req.getEidasSuchdaten().add(buildEidasSuchData(
-        Constants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth()));
+        EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, eidData.getPlaceOfBirth()));
     req.getEidasSuchdaten().add(buildEidasSuchData(
-        Constants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName()));
+        EidasConstants.eIDAS_ATTRURN_BIRTHNAME, eidData.getBirthName()));
   
     return req;
     
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
index b5493edb..bbfcb5ff 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/CcSpecificEidProcessingService.java
@@ -32,7 +32,6 @@ import java.util.Map.Entry;
 
 import javax.annotation.PostConstruct;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import org.apache.commons.lang3.StringUtils;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -40,11 +39,12 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Service;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.handler.INationalEidProcessor;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.impl.data.Triple;
 import eu.eidas.auth.commons.light.impl.LightRequest.Builder;
@@ -107,9 +107,9 @@ public class CcSpecificEidProcessingService implements ICcSpecificEidProcessingS
   public SimpleEidasData postProcess(Map<String, Object> eidasAttrMap) throws EidPostProcessingException,
       EidasAttributeException {
     // extract citizen country from eIDAS unique identifier
-    final Object eIdentifierObj = eidasAttrMap.get(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+    final Object eIdentifierObj = eidasAttrMap.get(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     if (eIdentifierObj == null || !(eIdentifierObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     }
 
     final Triple<String, String, String> eIdentifier =
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ConnectorEidasAttributeRegistry.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ConnectorEidasAttributeRegistry.java
new file mode 100644
index 00000000..8a120093
--- /dev/null
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/ConnectorEidasAttributeRegistry.java
@@ -0,0 +1,107 @@
+package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
+
+import java.text.MessageFormat;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.lang.NonNull;
+
+import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import lombok.Getter;
+import lombok.extern.slf4j.Slf4j;
+
+@Slf4j
+public class ConnectorEidasAttributeRegistry {
+
+  @Autowired IConfigurationWithSP basicConfig;
+  
+  @Getter
+  private EidasAttributeRegistry coreRegistry;
+  
+  /**
+   * Attribute Registry for eIDAS Connector implementation.
+   * @param registry Core attribute registry
+   */
+  public ConnectorEidasAttributeRegistry(@Autowired EidasAttributeRegistry registry) {
+    this.coreRegistry = registry;
+        
+  }
+  
+  
+  /**
+   * Get Map of attributes that are requested by default.
+   * 
+   * @return Map of AttributeIdentifier, isRequired flag
+   */
+  @NonNull
+  public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
+    /*
+     * TODO: select set for representation if mandates should be used. It's an open
+     * task in respect to requested eIDAS attributes and isRequired flag, because
+     * there can be a decision problem in case of natural or legal person
+     * representation! From an Austrian use-case point of view, an Austrian service
+     * provider can support mandates for natural and legal persons at the same time.
+     * However, we CAN NOT request attributes for natural AND legal persons on the
+     * same time, because it's not possible to represent both simultaneously.
+     */
+    final Map<String, String> configAttributes =
+        basicConfig.getBasicConfigurationWithPrefix(
+            Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
+    return processAttributeInfosFromConfig(configAttributes);
+
+  }
+
+  /**
+   * Get a Map of attributes that are additionally requested for a specific country.
+   * 
+   * @param countryCode Country Code
+   * @return Map of AttributeIdentifier, isRequired flag
+   */
+  @NonNull
+  public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
+
+    /*
+     * TODO: select set for representation if mandates should be used. It's an open
+     * task in respect to requested eIDAS attributes and isRequired flag, because
+     * there can be a decision problem in case of natural or legal person
+     * representation! From an Austrian use-case point of view, an Austrian service
+     * provider can support mandates for natural and legal persons at the same time.
+     * However, we CAN NOT request attributes for natural AND legal persons on the
+     * same time, because it's not possible to represent both simultaneously.
+     */
+    final Map<String, String> configAttributes =
+        basicConfig.getBasicConfigurationWithPrefix(
+            MessageFormat.format(
+                Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
+                countryCode.toLowerCase()));
+    return processAttributeInfosFromConfig(configAttributes);
+
+  }
+  
+  private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
+
+    final Map<String, Boolean> result = new HashMap<>();
+    for (final String el : configAttributes.values()) {
+      if (StringUtils.isNotEmpty(el.trim())) {
+        final List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim());
+        boolean isRequired = false;
+        if (attrDef.size() == 2) {
+          isRequired = Boolean.parseBoolean(attrDef.get(1));
+        }
+
+        result.put(attrDef.get(0), isRequired);
+
+      }
+    }
+
+    log.trace("Load #" + result.size() + " requested attributes from configuration");
+    return result;
+
+  }
+}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
deleted file mode 100644
index e73491ab..00000000
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/service/EidasAttributeRegistry.java
+++ /dev/null
@@ -1,180 +0,0 @@
-/*
- * Copyright 2018 A-SIT Plus GmbH
- * AT-specific eIDAS Connector has been developed in a cooperation between EGIZ,
- * A-SIT Plus GmbH, A-SIT, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.2 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "License");
- * You may not use this work except in compliance with the License.
- * You may obtain a copy of the License at:
- * https://joinup.ec.europa.eu/news/understanding-eupl-v12
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
-*/
-
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.service;
-
-import java.io.File;
-import java.text.MessageFormat;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import javax.annotation.PostConstruct;
-
-import org.apache.commons.lang3.StringUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.lang.NonNull;
-import org.springframework.stereotype.Service;
-
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
-import at.gv.egiz.eaaf.core.exceptions.EaafConfigurationException;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
-import eu.eidas.auth.commons.attribute.AttributeRegistries;
-import eu.eidas.auth.commons.attribute.AttributeRegistry;
-
-@Service("attributeRegistry")
-public class EidasAttributeRegistry {
-  private static final Logger log = LoggerFactory.getLogger(EidasAttributeRegistry.class);
-  @Autowired
-  private IConfigurationWithSP basicConfig;
-
-  private AttributeRegistry coreAttributeRegistry;
-
-  private String eidasAttributesFile;
-  private String additionalAttributesFile;
-
-  @PostConstruct
-  private void initialize() throws RuntimeException {
-    try {
-      if (eidasAttributesFile.isEmpty()) {
-        log.error("Basic eIDAS addribute definition NOT defined");
-        throw new EaafConfigurationException("config.30",
-            new Object[] { "eidas-attributes.xml" });
-
-      }
-
-      boolean additionalAttrAvailabe = false;
-      if (!additionalAttributesFile.isEmpty()) {
-        final File file = new File(additionalAttributesFile);
-        if (file.exists()) {
-          additionalAttrAvailabe = true;
-        }
-
-      }
-
-      if (!additionalAttrAvailabe) {
-        log.info("Start eIDAS ref. impl. Core without additional eIDAS attribute definitions ... ");
-        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null);
-
-      } else {
-        // load attribute definitions
-        log.info("Start eIDAS ref. impl. Core with additional eIDAS attribute definitions ... ");
-        coreAttributeRegistry = AttributeRegistries.fromFiles(eidasAttributesFile, null,
-            additionalAttributesFile);
-
-      }
-
-    } catch (final Throwable e) {
-      log.error("Can NOT initialize eIDAS attribute definition.", e);
-      throw new RuntimeException("Can NOT initialize eIDAS attribute definition.", e);
-
-    }
-  }
-
-  public AttributeRegistry getCoreAttributeRegistry() {
-    return coreAttributeRegistry;
-  }
-
-  /**
-   * Get Map of attributes that are requested by default.
-   * 
-   * @return Map of AttributeIdentifier, isRequired flag
-   */
-  @NonNull
-  public Map<String, Boolean> getDefaultAttributeSetFromConfiguration() {
-    /*
-     * TODO: select set for representation if mandates should be used. It's an open
-     * task in respect to requested eIDAS attributes and isRequired flag, because
-     * there can be a decision problem in case of natural or legal person
-     * representation! From an Austrian use-case point of view, an Austrian service
-     * provider can support mandates for natural and legal persons at the same time.
-     * However, we CAN NOT request attributes for natural AND legal persons on the
-     * same time, because it's not possible to represent both simultaneously.
-     */
-    final Map<String, String> configAttributes =
-        basicConfig.getBasicConfigurationWithPrefix(
-            Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_DEFAULT_ONLYNATURAL);
-    return processAttributeInfosFromConfig(configAttributes);
-
-  }
-
-  /**
-   * Get a Map of attributes that are additionally requested for a specific country.
-   * 
-   * @param countryCode Country Code
-   * @return Map of AttributeIdentifier, isRequired flag
-   */
-  @NonNull
-  public Map<String, Boolean> getAttributeSetFromConfiguration(String countryCode) {
-
-    /*
-     * TODO: select set for representation if mandates should be used. It's an open
-     * task in respect to requested eIDAS attributes and isRequired flag, because
-     * there can be a decision problem in case of natural or legal person
-     * representation! From an Austrian use-case point of view, an Austrian service
-     * provider can support mandates for natural and legal persons at the same time.
-     * However, we CAN NOT request attributes for natural AND legal persons on the
-     * same time, because it's not possible to represent both simultaneously.
-     */
-    final Map<String, String> configAttributes =
-        basicConfig.getBasicConfigurationWithPrefix(
-            MessageFormat.format(
-                Constants.CONIG_PROPS_EIDAS_NODE_ATTRIBUTES_REQUESTED_CC_SPECIFIC_ONLYNATURAL,
-                countryCode.toLowerCase()));
-    return processAttributeInfosFromConfig(configAttributes);
-
-  }
-
-  private Map<String, Boolean> processAttributeInfosFromConfig(Map<String, String> configAttributes) {
-
-    final Map<String, Boolean> result = new HashMap<>();
-    for (final String el : configAttributes.values()) {
-      if (StringUtils.isNotEmpty(el.trim())) {
-        final List<String> attrDef = KeyValueUtils.getListOfCsvValues(el.trim());
-        boolean isRequired = false;
-        if (attrDef.size() == 2) {
-          isRequired = Boolean.parseBoolean(attrDef.get(1));
-        }
-
-        result.put(attrDef.get(0), isRequired);
-
-      }
-    }
-
-    log.trace("Load #" + result.size() + " requested attributes from configuration");
-    return result;
-
-  }
-
-  public void setEidasAttributesFile(String eidasAttributesFile) {
-    this.eidasAttributesFile = eidasAttributesFile;
-  }
-
-  public void setAdditionalAttributesFile(String additionalAttributesFile) {
-    this.additionalAttributesFile = additionalAttributesFile;
-  }
-
-}
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
index 6d315b0a..e8b7b2c1 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/CreateIdentityLinkTask.java
@@ -146,6 +146,7 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
     }
   }
 
+
   private void storeGenericInfoToSession(SimpleEidasData eidData) throws EaafStorageException {
     AuthProcessDataWrapper authProcessData = MatchingTaskUtils.getAuthProcessDataWrapper(pendingReq);
     authProcessData.setForeigner(true);
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
index 774d27d6..535c2958 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/GenerateAuthnRequestTask.java
@@ -44,6 +44,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.egiz.eaaf.core.api.gui.ISpringMvcGuiFormBuilder;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -131,6 +132,7 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
 
       } else {
         sendPost(request, response, tokenBase64, forwardUrl);
+
       }
 
       revisionsLogger.logEvent(pendingReq, MsConnectorEventCodes.EIDAS_NODE_CONNECTED, lightAuthnReq.getId());
@@ -257,20 +259,20 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
   private String selectedForwardUrlForEnvironment(String environment) {
     log.trace("Starting endpoint selection process for environment: {} ... ", environment);
     if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_PRODUCTION)) {
-      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL);
-      
+      return basicConfig.getBasicConfiguration(EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL);
+
     } else if (environment.equalsIgnoreCase(MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS)) {
-      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+      return basicConfig.getBasicConfiguration(EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
           + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_QS);
       
     } else if (environment.equalsIgnoreCase(
         MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING)) {
-      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+      return basicConfig.getBasicConfiguration(EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
           + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_TESTING);
       
     } else if (environment.equalsIgnoreCase(
         MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT)) {
-      return basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
+      return basicConfig.getBasicConfiguration(EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL
           + "." + MsEidasNodeConstants.REQ_PARAM_SELECTED_ENVIRONMENT_VALUE_DEVELOPMENT);
       
     }
@@ -292,11 +294,11 @@ public class GenerateAuthnRequestTask extends AbstractAuthServletTask {
       throws GuiBuildException {
     log.debug("Use http-post for eIDAS node forwarding ...  ");
     final StaticGuiBuilderConfiguration config = new StaticGuiBuilderConfiguration(
-        basicConfig, pendingReq, Constants.TEMPLATE_POST_FORWARD_NAME, null, resourceLoader);
-    config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl);
+        basicConfig, pendingReq, EidasConstants.TEMPLATE_POST_FORWARD_NAME, null, resourceLoader);
+    config.putCustomParameter(null, EidasConstants.TEMPLATE_POST_FORWARD_ENDPOINT, forwardUrl);
     String token = EidasParameterKeys.TOKEN.toString();
-    config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_NAME, token);
-    config.putCustomParameter(null, Constants.TEMPLATE_POST_FORWARD_TOKEN_VALUE, tokenBase64);
+    config.putCustomParameter(null, EidasConstants.TEMPLATE_POST_FORWARD_TOKEN_NAME, token);
+    config.putCustomParameter(null, EidasConstants.TEMPLATE_POST_FORWARD_TOKEN_VALUE, tokenBase64);
     guiBuilder.build(request, response, config, "Forward to eIDASNode form");
   }
 
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseAlternativeTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseAlternativeTask.java
index d2bd0128..ac70a2ac 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseAlternativeTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseAlternativeTask.java
@@ -39,8 +39,9 @@ import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
@@ -135,7 +136,7 @@ public class ReceiveAuthnResponseAlternativeTask extends AbstractAuthServletTask
   }
 
   private void checkStatusCode(ILightResponse eidasResponse) throws EidasSAuthenticationException {
-    if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+    if (!eidasResponse.getStatus().getStatusCode().equals(EidasConstants.SUCCESS_URI)) {
       log.info("Receive eIDAS Response with StatusCode: {} Subcode: {} Msg: {}",
           eidasResponse.getStatus().getStatusCode(),
           eidasResponse.getStatus().getSubStatusCode(),
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
index 5e4075de..a16da17f 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/tasks/ReceiveAuthnResponseTask.java
@@ -40,8 +40,9 @@ import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EaafException;
@@ -162,17 +163,20 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
     return eidasResponse;
   }
 
+
   private void checkStatusCode(ILightResponse eidasResponse) throws EidasSAuthenticationException {
-    if (!eidasResponse.getStatus().getStatusCode().equals(Constants.SUCCESS_URI)) {
+    if (!eidasResponse.getStatus().getStatusCode().equals(EidasConstants.SUCCESS_URI)) {
       log.info("Receive eIDAS Response with StatusCode: {} Subcode: {} Msg: {}",
           eidasResponse.getStatus().getStatusCode(),
           eidasResponse.getStatus().getSubStatusCode(),
           eidasResponse.getStatus().getStatusMessage());
       throw new EidasSAuthenticationException("eidas.02", new Object[]{eidasResponse.getStatus()
           .getStatusCode(), eidasResponse.getStatus().getStatusMessage()});
+      
     }
   }
 
+
   private void validateMsSpecificResponse(ExecutionContext executionContext, ILightResponse eidasResponse)
       throws EidasValidationException {
     final String spCountry = basicConfig.getBasicConfiguration(Constants.CONIG_PROPS_EIDAS_NODE_COUNTRYCODE, "AT");
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
index 2853d8ab..91a6ce42 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/utils/EidasResponseUtils.java
@@ -38,8 +38,8 @@ import org.joda.time.DateTime;
 import com.google.common.collect.ImmutableList;
 import com.google.common.collect.ImmutableSet;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.e_government.reference.namespace.persondata._20020228.PostalAddressType;
 import at.gv.egiz.eaaf.core.impl.data.Triple;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
@@ -84,8 +84,9 @@ public class EidasResponseUtils {
    */
   public static Triple<String, String, String> parseEidasPersonalIdentifier(String uniqueID) {
     if (!validateEidasPersonalIdentifier(uniqueID)) {
-      log.error("eIDAS attribute value for {} looks wrong formated. Value: {}",
-          Constants.eIDAS_ATTR_PERSONALIDENTIFIER, uniqueID);
+      log.error("eIDAS attribute value for {} looks wrong formated. Value: {}", 
+          EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, uniqueID);
+
       return null;
 
     }
@@ -210,11 +211,11 @@ public class EidasResponseUtils {
         // TODO: add more mappings
         return result;
       } else {
-        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
-        throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTADDRESS);
+        log.warn("eIDAS attr: " + EidasConstants.eIDAS_ATTR_CURRENTADDRESS + " is of WRONG type");
+        throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_CURRENTADDRESS);
       }
     } else {
-      log.debug("NO '" + Constants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
+      log.debug("NO '" + EidasConstants.eIDAS_ATTR_CURRENTADDRESS + "' attribute. Post-Processing skipped ... ");
     }
     return null;
   }
@@ -231,11 +232,11 @@ public class EidasResponseUtils {
       if (birthNameObj instanceof String) {
         return (String) birthNameObj;
       } else {
-        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
-        throw new EidasAttributeException(Constants.eIDAS_ATTR_BIRTHNAME);
+        log.warn("eIDAS attr: " + EidasConstants.eIDAS_ATTR_BIRTHNAME + " is of WRONG type");
+        throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_BIRTHNAME);
       }
     } else {
-      log.debug("NO '" + Constants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
+      log.debug("NO '" + EidasConstants.eIDAS_ATTR_BIRTHNAME + "' attribute. Post-Processing skipped ... ");
     }
     return null;
   }
@@ -253,13 +254,13 @@ public class EidasResponseUtils {
         return (String) placeOfBirthObj;
 
       } else {
-        log.warn("eIDAS attr: " + Constants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
-        throw new EidasAttributeException(Constants.eIDAS_ATTR_PLACEOFBIRTH);
+        log.warn("eIDAS attr: " + EidasConstants.eIDAS_ATTR_PLACEOFBIRTH + " is of WRONG type");
+        throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH);
 
       }
 
     } else {
-      log.debug("NO '" + Constants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
+      log.debug("NO '" + EidasConstants.eIDAS_ATTR_PLACEOFBIRTH + "' attribute. Post-Processing skipped ... ");
     }
     return null;
   }
@@ -273,7 +274,7 @@ public class EidasResponseUtils {
    */
   public static DateTime processDateOfBirth(Object dateOfBirthObj) throws EidasAttributeException {
     if (!(dateOfBirthObj instanceof DateTime)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_DATEOFBIRTH);
     }
     return (DateTime) dateOfBirthObj;
   }
@@ -291,11 +292,11 @@ public class EidasResponseUtils {
         new SimpleDateFormat("yyyy-MM-dd").parse((String) dateOfBirthObj);
         return (String) dateOfBirthObj;
       } catch (ParseException e) {
-        throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+        throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_DATEOFBIRTH);
       }
     }
     if (!(dateOfBirthObj instanceof DateTime)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_DATEOFBIRTH);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_DATEOFBIRTH);
     }
     return new SimpleDateFormat("yyyy-MM-dd").format(((DateTime) dateOfBirthObj).toDate());
   }
@@ -309,7 +310,7 @@ public class EidasResponseUtils {
    */
   public static String processGivenName(Object givenNameObj) throws EidasAttributeException {
     if (!(givenNameObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTGIVENNAME);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME);
     }
     return (String) givenNameObj;
   }
@@ -323,7 +324,7 @@ public class EidasResponseUtils {
    */
   public static String processFamilyName(Object familyNameObj) throws EidasAttributeException {
     if (!(familyNameObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_CURRENTFAMILYNAME);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME);
     }
     return (String) familyNameObj;
   }
@@ -337,7 +338,7 @@ public class EidasResponseUtils {
    */
   public static String processPersonalIdentifier(Object personalIdentifierObj) throws EidasAttributeException {
     if (!(personalIdentifierObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     }
     return (String) personalIdentifierObj;
   }
@@ -352,7 +353,7 @@ public class EidasResponseUtils {
    */
   public static String processPseudonym(Object personalIdObj) throws EidasAttributeException {
     if (!(personalIdObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     }
     final Triple<String, String, String> eIdentifier =
         EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj);
@@ -371,7 +372,7 @@ public class EidasResponseUtils {
    */
   public static String processCountryCode(Object personalIdObj) throws EidasAttributeException {
     if (!(personalIdObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_PERSONALIDENTIFIER);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER);
     }
     final Triple<String, String, String> eIdentifier =
         EidasResponseUtils.parseEidasPersonalIdentifier((String) personalIdObj);
@@ -390,7 +391,7 @@ public class EidasResponseUtils {
    */
   public static String processTaxReference(Object taxReferenceObj) throws EidasAttributeException {
     if (!(taxReferenceObj instanceof String)) {
-      throw new EidasAttributeException(Constants.eIDAS_ATTR_TAXREFERENCE);
+      throw new EidasAttributeException(EidasConstants.eIDAS_ATTR_TAXREFERENCE);
     }
     return (String) taxReferenceObj;
   }
diff --git a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
index 9d9a0647..d1962654 100644
--- a/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
+++ b/modules/authmodule-eIDAS-v2/src/main/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/validator/EidasResponseValidator.java
@@ -31,10 +31,10 @@ import org.slf4j.LoggerFactory;
 
 import com.google.common.collect.ImmutableSet;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.impl.data.Triple;
 import eu.eidas.auth.commons.attribute.AttributeDefinition;
@@ -97,7 +97,7 @@ public class EidasResponseValidator {
      *_____________________________________________________|
      */
     final AttributeDefinition<?> attrDefinition = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
     final ImmutableSet<? extends AttributeValue<?>> attributeValues = eidasResponse.getAttributes()
         .getAttributeMap().get(attrDefinition);
     final List<String> personalIdObj = EidasResponseUtils.translateStringListAttribute(attrDefinition,
@@ -123,48 +123,48 @@ public class EidasResponseValidator {
       if (split == null) {
         throw new EidasValidationException("eidas.07",
             new Object[] {
-                Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
                 "Wrong identifier format" });
 
       } else {
         // validation according to eIDAS SAML Attribute Profile, Section 2.2.3
         if (StringUtils.isEmpty(split.getSecond())) {
-          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+          log.warn("eIDAS attribute value for " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER
               + " includes NO destination country. Value:" + natPersId);
           throw new EidasValidationException("eidas.07",
               new Object[] {
-                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
                   "No or empty destination country" });
 
         }
         if (!split.getSecond().equalsIgnoreCase(spCountry)) {
-          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+          log.warn("eIDAS attribute value for " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER
               + " includes wrong destination country. Value:" + natPersId
               + " SP-Country:" + spCountry);
           throw new EidasValidationException("eidas.07",
               new Object[] {
-                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
                   "Destination country does not match to SP country" });
 
         }
 
         if (StringUtils.isEmpty(split.getFirst())) {
-          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+          log.warn("eIDAS attribute value for " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER
               + " includes NO citizen country. Value:" + natPersId);
           throw new EidasValidationException("eidas.07",
               new Object[] {
-                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
                   "No or empty citizen country" });
 
         }
         if (!split.getFirst().equalsIgnoreCase(citizenCountryCode)) {
-          log.warn("eIDAS attribute value for " + Constants.eIDAS_ATTR_PERSONALIDENTIFIER
+          log.warn("eIDAS attribute value for " + EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER
               + " includes a citizen country that does not match to service-provider country. "
               + " Value:" + natPersId
               + " citiczen Country:" + spCountry);
           throw new EidasValidationException("eidas.07",
               new Object[] {
-                  Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+                  EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
                   "Citizen country does not match to eIDAS-node country that generates the response" });
 
         }
diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
index 178d768f..ab4228fd 100644
--- a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
+++ b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth.beans.xml
@@ -38,13 +38,16 @@
     class="at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet" />
 
   <bean id="attributeRegistry"
-    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+    class="at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry">
     <property name="eidasAttributesFile"
       ref="specificConnectorAttributesFileWithPath" />
     <property name="additionalAttributesFile"
       ref="specificConnectorAdditionalAttributesFileWithPath" />
   </bean>
 
+  <bean id="connectorAttributeRegistry"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ConnectorEidasAttributeRegistry" />
+
   <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore"
     /> -->
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
index 4d4ac47d..3bc06092 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/EidasSignalServletTest.java
@@ -29,7 +29,8 @@ import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfi
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.EidasSignalServlet;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
@@ -138,7 +139,7 @@ public class EidasSignalServletTest {
     iLightResponse.id("_".concat(Random.nextHexRandom16()))
         .issuer(RandomStringUtils.randomAlphabetic(10))
         .subject(RandomStringUtils.randomAlphabetic(10))
-        .statusCode(Constants.SUCCESS_URI)
+        .statusCode(EidasConstants.SUCCESS_URI)
         .inResponseTo("_".concat(Random.nextHexRandom16()))
         .subjectNameIdFormat("afaf")
         .relayState(relayState);
@@ -177,7 +178,7 @@ public class EidasSignalServletTest {
     iLightResponse.id("_".concat(Random.nextHexRandom16()))
         .issuer(RandomStringUtils.randomAlphabetic(10))
         .subject(RandomStringUtils.randomAlphabetic(10))
-        .statusCode(Constants.SUCCESS_URI)
+        .statusCode(EidasConstants.SUCCESS_URI)
         .inResponseTo(inResponseTo)
         .subjectNameIdFormat("afaf");
 
@@ -213,7 +214,7 @@ public class EidasSignalServletTest {
     iLightResponse.id("_".concat(Random.nextHexRandom16()))
         .issuer(RandomStringUtils.randomAlphabetic(10))
         .subject(RandomStringUtils.randomAlphabetic(10))
-        .statusCode(Constants.SUCCESS_URI)
+        .statusCode(EidasConstants.SUCCESS_URI)
         .inResponseTo(inResponseTo)
         .subjectNameIdFormat("afaf");
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
index cb9df7e5..af1867e7 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientProductionTest.java
@@ -19,12 +19,12 @@ import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.TestPropertySource;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.LoggingHandler;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.EidasSuchdatenType;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
 import at.gv.e_government.reference.namespace.persondata.de._20040201.NatuerlichePersonTyp;
@@ -453,9 +453,9 @@ public class ZmrClientProductionTest {
     searchNatPerson.setGeburtsdatum(dateOfBirth);
 
     // add addtional eIDAS attributes if available
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_BIRTHNAME, birthName);
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_BIRTHNAME, birthName);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
 
     return req;
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java
index 4e0a1f28..ef9cc9b7 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/clients/ZmrClientTest.java
@@ -38,7 +38,6 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import com.github.skjolber.mockito.soap.SoapServiceRule;
 
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.zmr.ZmrSoapClient.ZmrRegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.controller.AdresssucheController.AdresssucheOutput;
@@ -46,6 +45,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.RegisterResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.WorkflowException;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
 import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
 import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
@@ -1139,9 +1139,9 @@ public class ZmrClientTest {
     searchNatPerson.setGeburtsdatum(dateOfBirth);
 
     // add addtional eIDAS attributes if available
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_BIRTHNAME, birthName);
-    addIfAvailable(req.getEidasSuchdaten(), cc, Constants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_PLACEOFBIRTH, placeOfBirth);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_BIRTHNAME, birthName);
+    addIfAvailable(req.getEidasSuchdaten(), cc, EidasConstants.eIDAS_ATTRURN_PERSONALIDENTIFIER, personalId);
 
     return req;
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
deleted file mode 100644
index 78294047..00000000
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/dummy/DummySpecificCommunicationService.java
+++ /dev/null
@@ -1,66 +0,0 @@
-package at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy;
-
-import java.util.Collection;
-
-import eu.eidas.auth.commons.attribute.AttributeDefinition;
-import eu.eidas.auth.commons.light.ILightRequest;
-import eu.eidas.auth.commons.light.ILightResponse;
-import eu.eidas.auth.commons.tx.BinaryLightToken;
-import eu.eidas.specificcommunication.BinaryLightTokenHelper;
-import eu.eidas.specificcommunication.exception.SpecificCommunicationException;
-import eu.eidas.specificcommunication.protocol.SpecificCommunicationService;
-import lombok.Setter;
-
-public class DummySpecificCommunicationService implements SpecificCommunicationService {
-
-  private ILightRequest lightRequest;
-  private ILightResponse lightResponse;
-
-  @Setter
-  private SpecificCommunicationException error;
-  
-  @Override
-  public BinaryLightToken putRequest(ILightRequest lightRequest) throws SpecificCommunicationException {
-    this.lightRequest = lightRequest;
-    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
-  }
-
-  @Override
-  public ILightRequest getAndRemoveRequest(String tokenBase64, Collection<AttributeDefinition<?>> registry)
-      throws SpecificCommunicationException {
-    if (error != null) {
-      throw error;
-      
-    }
-    return lightRequest;
-  }
-
-  @Override
-  public BinaryLightToken putResponse(ILightResponse lightResponse) throws SpecificCommunicationException {
-    this.lightResponse = lightResponse;
-    return BinaryLightTokenHelper.createBinaryLightToken("Test", "TestSecret", "SHA-256");
-  }
-
-  @Override
-  public ILightResponse getAndRemoveResponse(String tokenBase64, Collection<AttributeDefinition<?>> registry)
-      throws SpecificCommunicationException {
-    return lightResponse;
-  }
-
-  public ILightRequest getiLightRequest() {
-    return lightRequest;
-  }
-
-  public void setiLightRequest(ILightRequest lightReques) {
-    this.lightRequest = lightReques;
-  }
-
-  public ILightResponse getiLightResponse() {
-    return lightResponse;
-  }
-
-  public void setiLightResponse(ILightResponse lightResponse) {
-    this.lightResponse = lightResponse;
-  }
-
-}
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java
index 682db41e..176e95cb 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/AlternativeSearchTaskWithRegisterTest.java
@@ -67,6 +67,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchSe
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.AlternativeSearchTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
 import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
 import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
@@ -913,24 +914,24 @@ public class AlternativeSearchTaskWithRegisterTest {
                                                         String dateOfBirth, String taxNumber, String placeOfBirth,
                                                         String birthName) throws URISyntaxException {
     ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
             randomAlphabetic(2), randomAlphabetic(2)), identifier)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME,
             randomAlphabetic(3), randomAlphabetic(3)), familyName)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME,
             randomAlphabetic(4), randomAlphabetic(4)), givenName)
-        .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+        .put(generateDateTimeAttribute(EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
             randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
     if (taxNumber != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_TAXREFERENCE,
           randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
     }
     if (birthName != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_BIRTHNAME,
           randomAlphabetic(7), randomAlphabetic(7)), birthName);
     }
     if (placeOfBirth != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH,
           randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
     }
     final ImmutableAttributeMap attributeMap = builder.build();
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
index 023c196c..36c0c2af 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskEidNewTest.java
@@ -57,13 +57,14 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.SzrCommunicationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.JoseUtils.JwsResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -605,18 +606,18 @@ public class CreateIdentityLinkTaskEidNewTest {
   @Nonnull
   private AuthenticationResponse buildDummyAuthResponse(boolean withAll, boolean withEmpty) throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
     final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
     final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first();
     final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+        EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first();
     final AttributeDefinition attributeDef5 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PLACEOFBIRTH).first();
+        EidasConstants.eIDAS_ATTR_PLACEOFBIRTH).first();
     final AttributeDefinition attributeDef6 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_BIRTHNAME).first();
-
+        EidasConstants.eIDAS_ATTR_BIRTHNAME).first();
+   
     final Builder attributeMap = ImmutableAttributeMap.builder();
     attributeMap.put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64));
     attributeMap.put(attributeDef2, RandomStringUtils.randomAlphabetic(10));
@@ -638,7 +639,7 @@ public class CreateIdentityLinkTaskEidNewTest {
     return b.id("_".concat(Random.nextHexRandom16()))
         .issuer(RandomStringUtils.randomAlphabetic(10))
         .subject(RandomStringUtils.randomAlphabetic(10))
-        .statusCode(Constants.SUCCESS_URI)
+        .statusCode(EidasConstants.SUCCESS_URI)
         .inResponseTo("_".concat(Random.nextHexRandom16()))
         .subjectNameIdFormat("afaf")
         .levelOfAssurance(EaafConstants.EIDAS_LOA_PREFIX + RandomStringUtils.randomAlphabetic(5))
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
index 5c528532..5db6e95d 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/CreateIdentityLinkTaskTest.java
@@ -41,11 +41,12 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.MatchedPersonResult;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidPostProcessingException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasAttributeException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ICcSpecificEidProcessingService;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.CreateIdentityLinkTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.EidasResponseUtils;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -475,13 +476,13 @@ public class CreateIdentityLinkTaskTest {
   @NotNull
   private AuthenticationResponse buildDummyAuthResponse() throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
     final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
     final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first();
     final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+        EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first();
 
     final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
         .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
index 9521e348..761738aa 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/GenerateAuthnRequestTaskTest.java
@@ -26,7 +26,8 @@ import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigM
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.GenerateAuthnRequestTask;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -138,7 +139,7 @@ public class GenerateAuthnRequestTaskTest {
           .getErrorId());
       Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
           .getParams().length);
-      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL, ((EaafException) e
+      Assert.assertEquals("wrong errorMsg", EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL, ((EaafException) e
           .getOriginalException()).getParams()[0]);
 
     }
@@ -163,7 +164,7 @@ public class GenerateAuthnRequestTaskTest {
           .getErrorId());
       Assert.assertEquals("wrong parameter size", 1, ((EaafException) e.getOriginalException())
           .getParams().length);
-      Assert.assertEquals("wrong errorMsg", Constants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL + "." + stage, ((EaafException) e
+      Assert.assertEquals("wrong errorMsg", EidasConstants.CONIG_PROPS_EIDAS_CONNECTOR_NODE_FORWARD_URL + "." + stage, ((EaafException) e
           .getOriginalException()).getParams()[0]);
 
     }
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
index 74ac065e..eef31a02 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskTest.java
@@ -83,6 +83,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchSe
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.RegisterSearchService.RegisterStatusResults;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.zmr._20040201.PersonSuchenRequest;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -887,24 +888,24 @@ public class InitialSearchTaskTest {
                                                         String dateOfBirth, String taxNumber, String placeOfBirth,
                                                         String birthName) throws URISyntaxException {
     ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
             randomAlphabetic(2), randomAlphabetic(2)), identifier)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME,
             randomAlphabetic(3), randomAlphabetic(3)), familyName)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME,
             randomAlphabetic(4), randomAlphabetic(4)), givenName)
-        .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+        .put(generateDateTimeAttribute(EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
             randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
     if (taxNumber != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_TAXREFERENCE,
           randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
     }
     if (birthName != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_BIRTHNAME,
           randomAlphabetic(7), randomAlphabetic(7)), birthName);
     }
     if (placeOfBirth != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH,
           randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
     }
     final ImmutableAttributeMap attributeMap = builder.build();
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java
index 6d0e7c31..4b9e9fe2 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/InitialSearchTaskWithRegistersTest.java
@@ -88,6 +88,7 @@ import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.InitialSearchTask;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ErnpRestClientTest;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.test.clients.ZmrClientTest;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.utils.MatchingTaskUtils;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import at.gv.bmi.namespace.zmr_su.base._20040201.RequestType;
 import at.gv.bmi.namespace.zmr_su.base._20040201.ResponseType;
 import at.gv.bmi.namespace.zmr_su.base._20040201_.ServicePort;
@@ -607,24 +608,24 @@ public class InitialSearchTaskWithRegistersTest {
                                                         String dateOfBirth, String taxNumber, String placeOfBirth,
                                                         String birthName) throws URISyntaxException {
     ImmutableAttributeMap.Builder builder = ImmutableAttributeMap.builder()
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_PERSONALIDENTIFIER,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER,
             randomAlphabetic(2), randomAlphabetic(2)), identifier)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTFAMILYNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME,
             randomAlphabetic(3), randomAlphabetic(3)), familyName)
-        .put(generateStringAttribute(Constants.eIDAS_ATTR_CURRENTGIVENNAME,
+        .put(generateStringAttribute(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME,
             randomAlphabetic(4), randomAlphabetic(4)), givenName)
-        .put(generateDateTimeAttribute(Constants.eIDAS_ATTR_DATEOFBIRTH,
+        .put(generateDateTimeAttribute(EidasConstants.eIDAS_ATTR_DATEOFBIRTH,
             randomAlphabetic(5), randomAlphabetic(5)), dateOfBirth);
     if (taxNumber != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_TAXREFERENCE,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_TAXREFERENCE,
           randomAlphabetic(6), randomAlphabetic(6)), taxNumber);
     }
     if (birthName != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_BIRTHNAME,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_BIRTHNAME,
           randomAlphabetic(7), randomAlphabetic(7)), birthName);
     }
     if (placeOfBirth != null) {
-      builder.put(generateStringAttribute(Constants.eIDAS_ATTR_PLACEOFBIRTH,
+      builder.put(generateStringAttribute(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH,
           randomAlphabetic(8), randomAlphabetic(8)), placeOfBirth);
     }
     final ImmutableAttributeMap attributeMap = builder.build();
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java
index 842c8bf7..53f83095 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveAuthnResponseTaskTest.java
@@ -27,8 +27,9 @@ import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseTask;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -142,7 +143,7 @@ public class ReceiveAuthnResponseTaskTest {
   public void successAndForward() throws URISyntaxException, TaskExecutionException, 
       PendingReqIdValidationException, EaafStorageException {    
     
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
         
     String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10);
@@ -172,7 +173,7 @@ public class ReceiveAuthnResponseTaskTest {
   
   public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
     @Nonnull
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
     executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");
 
@@ -200,7 +201,7 @@ public class ReceiveAuthnResponseTaskTest {
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
     
     @Nonnull      
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
     executionContext.put(MsEidasNodeConstants.REQ_PARAM_SELECTED_COUNTRY, "LU");    
       
@@ -226,13 +227,13 @@ public class ReceiveAuthnResponseTaskTest {
   @Nonnull
   private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
     final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
     final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first();
     final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
+        EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first();
 
     final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
         .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
index 4148b138..4112e047 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/tasks/ReceiveEidasResponseTaskTest.java
@@ -27,8 +27,9 @@ import at.asitplus.eidas.specific.core.MsEidasNodeConstants;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.tasks.ReceiveAuthnResponseAlternativeTask;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
@@ -141,7 +142,7 @@ public class ReceiveEidasResponseTaskTest {
   public void successAndForward() throws URISyntaxException, TaskExecutionException, 
       PendingReqIdValidationException, EaafStorageException {    
     
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
         
     String alternativReturnEndpoint = "http://ms-connector.alternative/" + RandomStringUtils.randomAlphabetic(10);
@@ -171,7 +172,7 @@ public class ReceiveEidasResponseTaskTest {
   
   public void success() throws URISyntaxException, TaskExecutionException, PendingReqIdValidationException {
     @Nonnull
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
 
     //execute test
@@ -198,7 +199,7 @@ public class ReceiveEidasResponseTaskTest {
     basicConfig.putConfigValue("eidas.ms.auth.eIDAS.eid.testidentity.default", "true");
     
     @Nonnull      
-    AuthenticationResponse eidasResponse = buildDummyAuthResponse(Constants.SUCCESS_URI);
+    AuthenticationResponse eidasResponse = buildDummyAuthResponse(EidasConstants.SUCCESS_URI);
     httpReq.setAttribute(Constants.DATA_FULL_EIDAS_RESPONSE, eidasResponse);
       
     //execute test
@@ -223,14 +224,14 @@ public class ReceiveEidasResponseTaskTest {
   @Nonnull
   private AuthenticationResponse buildDummyAuthResponse(String statusCode) throws URISyntaxException {
     final AttributeDefinition attributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
     final AttributeDefinition attributeDef2 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME).first();
     final AttributeDefinition attributeDef3 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_CURRENTGIVENNAME).first();
+        EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME).first();
     final AttributeDefinition attributeDef4 = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_DATEOFBIRTH).first();
-
+        EidasConstants.eIDAS_ATTR_DATEOFBIRTH).first();
+   
     final ImmutableAttributeMap attributeMap = ImmutableAttributeMap.builder()
         .put(attributeDef, "LU/AT/" + RandomStringUtils.randomNumeric(64))
         .put(attributeDef2, RandomStringUtils.randomAlphabetic(10))
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
index 16efd84b..b8cb0642 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasAttributePostProcessingTest.java
@@ -40,12 +40,13 @@ import org.springframework.test.annotation.DirtiesContext.ClassMode;
 import org.springframework.test.context.ContextConfiguration;
 import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.dao.SimpleEidasData;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasSAuthenticationException;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
 import lombok.SneakyThrows;
 
+
 @RunWith(SpringJUnit4ClassRunner.class)
 @ContextConfiguration(locations = {
     "/SpringTest-context_tasks_test.xml",
@@ -352,12 +353,12 @@ public class EidasAttributePostProcessingTest {
   private Map<String, Object> generateInputData(String id, String familyName, String givenName,
       String dateOfBirth, String placeOfBirth, String birthName) {
     final Map<String, Object> result = new HashMap<>();
-    result.put(Constants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
-    result.put(Constants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
-    result.put(Constants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
-    result.put(Constants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
-    result.put(Constants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
-    result.put(Constants.eIDAS_ATTR_BIRTHNAME, birthName);
+    result.put(EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER, id);
+    result.put(EidasConstants.eIDAS_ATTR_CURRENTGIVENNAME, givenName);
+    result.put(EidasConstants.eIDAS_ATTR_CURRENTFAMILYNAME, familyName);
+    result.put(EidasConstants.eIDAS_ATTR_DATEOFBIRTH, dateOfBirth);
+    result.put(EidasConstants.eIDAS_ATTR_PLACEOFBIRTH, placeOfBirth);
+    result.put(EidasConstants.eIDAS_ATTR_BIRTHNAME, birthName);
     return result;
 
   }
diff --git a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
index bbba56e2..91a50d28 100644
--- a/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
+++ b/modules/authmodule-eIDAS-v2/src/test/java/at/asitplus/eidas/specific/modules/auth/eidas/v2/test/validation/EidasResponseValidatorTest.java
@@ -21,10 +21,10 @@ import com.google.common.collect.ImmutableSet;
 
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummyConfigMap;
 import at.asitplus.eidas.specific.core.test.config.dummy.MsConnectorDummySpConfiguration;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.Constants;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.exception.EidasValidationException;
-import at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry;
 import at.asitplus.eidas.specific.modules.auth.eidas.v2.validator.EidasResponseValidator;
+import at.asitplus.eidas.specific.modules.core.eidas.EidasConstants;
+import at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry;
 import at.gv.egiz.eaaf.core.api.data.EaafConfigConstants;
 import at.gv.egiz.eaaf.core.api.data.EaafConstants;
 import at.gv.egiz.eaaf.core.exceptions.EaafStorageException;
@@ -300,7 +300,7 @@ public class EidasResponseValidatorTest {
 
 
     final AttributeDefinition personIdattributeDef = attrRegistry.getCoreAttributeRegistry().getByFriendlyName(
-        Constants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
+        EidasConstants.eIDAS_ATTR_PERSONALIDENTIFIER).first();
 
     final Builder attributeMap = ImmutableAttributeMap.builder();
     if (personalId != null) {
@@ -319,7 +319,7 @@ public class EidasResponseValidatorTest {
     return b.id("_".concat(Random.nextHexRandom16()))
         .issuer(RandomStringUtils.randomAlphabetic(10))
         .subject(RandomStringUtils.randomAlphabetic(10))
-        .statusCode(Constants.SUCCESS_URI)
+        .statusCode(EidasConstants.SUCCESS_URI)
         .inResponseTo("_".concat(Random.nextHexRandom16()))
         .subjectNameIdFormat("afaf")
         .levelOfAssurance(loa)
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
index c843c40c..d71a47dc 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_basic_test.xml
@@ -17,13 +17,13 @@
         class="at.asitplus.eidas.specific.modules.auth.eidas.v2.config.EidasConnectorMessageSource"/>
   
   <bean id="SZRClientForeIDAS"
-    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.szr.SzrClient" />
+    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.clients.szr.SzrClient" />
 
   <!-- <bean id="eIDASDataStore" class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.eIDASDataStore" 
     /> -->
 
   <bean id="springManagedSpecificConnectorCommunicationService"
-    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+    class="at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService" />
 
   <bean id="specificConnectorAttributesFileWithPath"
     class="java.lang.String">
@@ -38,13 +38,16 @@
   </bean>
 
   <bean id="attributeRegistry"
-    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.EidasAttributeRegistry">
+    class="at.asitplus.eidas.specific.modules.core.eidas.service.EidasAttributeRegistry">
     <property name="eidasAttributesFile"
       ref="specificConnectorAttributesFileWithPath" />
     <property name="additionalAttributesFile"
       ref="specificConnectorAdditionalAttributesFileWithPath" />
   </bean>
 
+  <bean id="connectorAttributeRegistry"
+        class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.ConnectorEidasAttributeRegistry" />
+
   <bean id="EIDPostProcessingService"
     class="at.asitplus.eidas.specific.modules.auth.eidas.v2.service.CcSpecificEidProcessingService" />
 
diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
index 0afa0d7d..1b5391d5 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/SpringTest-context_tasks_test.xml
@@ -25,7 +25,7 @@
     class="at.gv.egiz.eaaf.core.impl.gui.builder.SpringMvcGuiFormBuilderImpl" />
 
   <bean id="springManagedSpecificConnectorCommunicationService"
-    class="at.asitplus.eidas.specific.modules.auth.eidas.v2.test.dummy.DummySpecificCommunicationService" />
+    class="at.asitplus.eidas.specific.modules.core.eidas.test.dummy.DummySpecificCommunicationService" />
 
   <bean id="dummyPvpConfig"
         class="at.gv.egiz.eaaf.modules.pvp2.idp.test.dummy.DummyPvpConfiguration" />
@@ -36,17 +36,5 @@
   <bean id="dummyVelocityBuilder"
         class="at.gv.egiz.eaaf.core.impl.idp.module.gui.DummyVelocityGuiFormBuilder" />
 
-  <bean id="specificConnectorAttributesFileWithPath"
-    class="java.lang.String">
-    <constructor-arg
-      value="src/test/resources/config/eidas-attributes.xml" />
-  </bean>
-
-  <bean id="specificConnectorAdditionalAttributesFileWithPath"
-    class="java.lang.String">
-    <constructor-arg
-      value="src/test/resources/config/additional-attributes.xml" />
-  </bean>
-
 
 </beans>
\ No newline at end of file
-- 
cgit v1.2.3


From 7f0a925a72dc9841280e66fcba1515af62b9efdf Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 3 Jun 2022 15:24:01 +0200
Subject: test(core): add smoke test with full eIDAS OutGoing login and
 error-handling

---
 .../eidas_v2_auth_ref_impl_config.beans.xml        | 39 ----------------------
 1 file changed, 39 deletions(-)
 delete mode 100644 modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth_ref_impl_config.beans.xml

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth_ref_impl_config.beans.xml b/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth_ref_impl_config.beans.xml
deleted file mode 100644
index cde9687e..00000000
--- a/modules/authmodule-eIDAS-v2/src/main/resources/eidas_v2_auth_ref_impl_config.beans.xml
+++ /dev/null
@@ -1,39 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-  xmlns:context="http://www.springframework.org/schema/context"
-  xmlns:tx="http://www.springframework.org/schema/tx"
-  xmlns:aop="http://www.springframework.org/schema/aop"
-  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
-    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
-    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
-    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
-
-  <context:annotation-config />
-
-  <import
-    resource="classpath:specificCommunicationDefinitionApplicationContext.xml" />
-
-  <bean id="specificConnectorAttributesFile"
-    class="java.lang.String">
-    <constructor-arg value="eidas-attributes.xml" />
-  </bean>
-
-  <bean id="specificAdditionalAttributesFile"
-    class="java.lang.String">
-    <constructor-arg value="additional-attributes.xml" />
-  </bean>
-
-  <bean id="specificConnectorAttributesFileWithPath"
-    class="java.lang.String">
-    <constructor-arg
-      value="#{specificConnectorConfigRepository}#{specificConnectorAttributesFile}" />
-  </bean>
-
-  <bean id="specificConnectorAdditionalAttributesFileWithPath"
-    class="java.lang.String">
-    <constructor-arg
-      value="#{specificConnectorConfigRepository}#{specificAdditionalAttributesFile}" />
-  </bean>
-
-</beans>
\ No newline at end of file
-- 
cgit v1.2.3


From 9d1d6626032aa59eb169e310ed239b94c0bc5447 Mon Sep 17 00:00:00 2001
From: Thomas <>
Date: Fri, 3 Jun 2022 16:02:01 +0200
Subject: chore(config): split default configuration into MS-Connector and
 MS-Proxy-Servie

---
 .../src/test/resources/config/junit_config_1.properties             | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'modules/authmodule-eIDAS-v2')

diff --git a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
index 6d97513a..41f0fe7b 100644
--- a/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
+++ b/modules/authmodule-eIDAS-v2/src/test/resources/config/junit_config_1.properties
@@ -19,9 +19,9 @@ eidas.ms.revisionlog.write.MDS.into.revisionlog=true
 eidas.ms.revisionlog.logIPAddressOfUser=true
 
 ##Directory for static Web content
-eidas.ms.webcontent.static.directory=../../../../../../basicConfig/webcontent/
-eidas.ms.webcontent.templates=../../../../../../basicConfig/templates/
-eidas.ms.webcontent.properties=../../../../../../basicConfig/properties/messages
+eidas.ms.webcontent.static.directory=../../../../../../basicConfig/ms-connector/webcontent/
+eidas.ms.webcontent.templates=../../../../../../basicConfig/ms-connector/templates/
+eidas.ms.webcontent.properties=../../../../../../basicConfig/ms-connector/properties/messages
 
 ## extended validation of pending-request Id's
 eidas.ms.core.pendingrequestid.maxlifetime=300
-- 
cgit v1.2.3