first beta version of new MOA-ID WebGUI module for configuration

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-17 09:18:28 +0200
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2015-07-17 09:18:28 +0200
commit: 98dbb23fa5dcd9518beb56fd2410667b385b5524 (patch)
tree: b95ad14a2401f553d72d6dc911814980689866b5
parent: d774a81910498c9ee1277c1611d57b07bf069fbd (diff)
download: moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.gz
moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.bz2
moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.zip
82 files changed, 4969 insertions, 397 deletions
diff --git a/id/moa-id-webgui/pom.xml b/id/moa-id-webgui/pom.xml
index 76660eac2..35436db4b 100644
--- a/id/moa-id-webgui/pom.xml
+++ b/id/moa-id-webgui/pom.xml
@@ -16,8 +16,16 @@
     <repositoryPath>${basedir}/../../repository</repositoryPath>
   </properties>
   
+  <repositories>
+		<repository>
+			<id>shibboleth.internet2.edu</id>
+			<name>Internet2</name>
+			<url>https://build.shibboleth.net/nexus/content/groups/public/</url>
+		</repository>
+	</repositories>
+  
   <build>
-    <sourceDirectory>src/main/jave</sourceDirectory>
+    <sourceDirectory>src/main/java</sourceDirectory>
     <plugins>
       <plugin>
         <artifactId>maven-compiler-plugin</artifactId>
@@ -47,6 +55,27 @@
       <artifactId>moa-id-commons</artifactId>
     </dependency>
     
+        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>opensaml</artifactId>
+            <exclusions>
+							<exclusion>
+								<groupId>org.slf4j</groupId>
+								<artifactId>log4j-over-slf4j</artifactId>
+							</exclusion>
+						</exclusions>
+        </dependency>
+        <dependency>
+            <groupId>org.opensaml</groupId>
+            <artifactId>xmltooling</artifactId>
+            <exclusions>
+							<exclusion>
+								<groupId>org.slf4j</groupId>
+								<artifactId>log4j-over-slf4j</artifactId>
+							</exclusion>
+						</exclusions>
+        </dependency>
+    
   </dependencies>
   
   
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java
index 72e2321e9..0ec230324 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDConfigurationModul.java
@@ -45,6 +45,9 @@ import at.gv.egiz.components.configuration.meta.api.MetadataConfiguration;
 import at.gv.egiz.components.configuration.meta.api.SchemaEntry;
 import at.gv.egiz.components.configuration.meta.api.impl.BaseMetadataConfiguration;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfigurationImpl;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
 import at.gv.egovernment.moa.id.config.webgui.validation.MOAIDConfigurationValidator;
 
@@ -57,7 +60,7 @@ public class MOAIDConfigurationModul implements ConfigurationModul{
 
 	private static final String MODULE_NAME = "MOAIDConfigurationModul";
 	
-	private static Configuration config;
+	private static MOAIDConfiguration config;
 	private static Configuration meta;
 	private static MetadataConfiguration metadata = null;
 	
@@ -76,23 +79,29 @@ public class MOAIDConfigurationModul implements ConfigurationModul{
 	}
 	
 	@Autowired
-	public void setDatabaseConfiguration(Configuration dbconfig) {
+	public void setDatabaseConfiguration(MOAIDConfiguration dbconfig) {
 		config = dbconfig;
 	}
 	
 	/**
+	 * @throws Exception 
 	 * 
 	 */
-	public MOAIDConfigurationModul() {		
-		loadType("general", "/gui/types/general.json");
-		
-//		loadType("oa", "/gui/types/oa.json");
-		
-		//TODO: load correct types
-//		loadType("vidp", "/gui/types/oa.json");
-//		loadType("iidp", "/gui/types/oa.json");
-//		loadType("gateway", "/gui/types/oa.json");
+	public MOAIDConfigurationModul() throws Exception {		
+		loadType("general", "/gui/types/general.json");		
+		loadType("moaidoa", "/gui/types/oa.json");		
+		loadType("moaidvidp", "/gui/types/vidp.json");
+		loadType("moaidiidp", "/gui/types/iidp.json");
+		loadType("moaidgateway", "/gui/types/gateway.json");
 		
+		try {
+			MOAIDWebGUIConfiguration.getInstance();
+			
+		} catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+			logger.error("MOA-ID WebGUI initialization FAILED! (Reason: {})", e.getMessage());
+			throw new Exception(e);
+			
+		}
 		
 	}
 	
@@ -146,8 +155,19 @@ public class MOAIDConfigurationModul implements ConfigurationModul{
 	@Override
 	public String buildArrayIdentifier(String arrayId, int refCounter,
 			Map<String, String> properties) throws ConfigurationException {
-		// TODO Auto-generated method stub
-		return null;
+		logger.trace("Search next free list index for key: " + arrayId);
+		
+		if (arrayId.startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
+			String[] allListKeys = config.findConfigurationId(arrayId + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+			int freeIndex = KeyValueUtils.findNextFreeListCounter(allListKeys, arrayId) + refCounter;
+			logger.debug("Found free listIndex: " + freeIndex + " for serviceKey: " + arrayId);
+			return String.valueOf(freeIndex);
+		
+		} else {
+			logger.warn("Actually, only services are from type array and need an index.");
+			throw new ConfigurationException("Actually, only services are from type array and need an index.");
+			
+		}
 	}
 
 	/* (non-Javadoc)
@@ -203,7 +223,7 @@ public class MOAIDConfigurationModul implements ConfigurationModul{
 				Iterator<String> deleteInterator = deleted.iterator();
 				while (deleteInterator.hasNext()) {
 					String el = deleteInterator.next();
-					try {					
+					try {						
 						config.deleteIds(el);
 						logger.trace("Delete key {}", el);
 				
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java
index 61e1a1192..f9f8d1d2d 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDSpringResourceProvider.java
@@ -22,10 +22,14 @@
  */
 package at.gv.egovernment.moa.id.config.webgui;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 import org.springframework.core.io.ClassPathResource;
 import org.springframework.core.io.Resource;
 
 import at.gv.egiz.components.spring.api.SpringResourceProvider;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask;
 
 /**
  * @author tlenz
@@ -33,16 +37,33 @@ import at.gv.egiz.components.spring.api.SpringResourceProvider;
  */
 public class MOAIDSpringResourceProvider implements SpringResourceProvider {
 
-	private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
+	private static final Logger log = LoggerFactory.getLogger(MOAIDSpringResourceProvider.class);
 	
 	/* (non-Javadoc)
 	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
 	 */
 	@Override
-	public Resource[] getResourcesToLoad() {			
-		ClassPathResource webguicontextconfig = new ClassPathResource("/moaid.webgui.beans.xml", MOAIDSpringResourceProvider.class);
+	public Resource[] getResourcesToLoad() {
+//		try {
+			//TODO: is not a nice solution -> fix in futher version
+			//MOAIDWebGUIConfiguration moaIdWebguiConfig = MOAIDWebGUIConfiguration.getInstance();
+			//JPAPropertiesWithJavaConfig.setLocalProperties(moaIdWebguiConfig.getDatabaseProperties());
+			
 		ClassPathResource databasecontextconfig = new ClassPathResource("/configuration.beans.xml", MOAIDSpringResourceProvider.class);
-		return new Resource[] {webguicontextconfig, databasecontextconfig};
+			ClassPathResource webguicontextconfig = new ClassPathResource("/moaid.webgui.beans.xml", MOAIDSpringResourceProvider.class);
+			ClassPathResource webguidatabasecontextconfig = new ClassPathResource("/moaid.migration.beans.xml", MOAIDSpringResourceProvider.class);
+			
+			
+			
+			return new Resource[] {databasecontextconfig, webguidatabasecontextconfig, webguicontextconfig};
+			
+//		} catch (ConfigurationException e) {
+//			log.error("Can not load MOA-ID WebGUI configuration.", e);
+//			return null;
+//			
+//		}
+		
+
 		
 	}
 
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java
new file mode 100644
index 000000000..0a3a9eef8
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/MOAIDWebGUIConfiguration.java
@@ -0,0 +1,160 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.net.URI;
+import java.net.URISyntaxException;
+import java.util.Properties;
+
+import org.opensaml.DefaultBootstrap;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.stereotype.Service;
+
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException;
+import at.gv.egovernment.moa.util.FileUtils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+@Service
+public class MOAIDWebGUIConfiguration  {
+
+	private static final String SYSTEM_PROP_CONFIG = "moa.id.webconfig";
+	
+	private static final Logger log = LoggerFactory.getLogger(MOAIDWebGUIConfiguration.class);
+	
+	
+	
+	private Properties props;
+	private String configFileName;
+	private String configRootDir;
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.commons.config.persistence.LocalConfigurationBean#getLocalDatabaseProperties()
+	 */
+	
+	private static MOAIDWebGUIConfiguration instance = null;
+	
+	public static MOAIDWebGUIConfiguration getInstance() throws ConfigurationException {
+		if (instance == null) {
+			instance = new MOAIDWebGUIConfiguration();
+			
+		}		
+		return instance;
+	}
+	
+	
+	MOAIDWebGUIConfiguration() throws ConfigurationException {	
+		configFileName = System.getProperty(SYSTEM_PROP_CONFIG);
+		
+	    if (configFileName == null) {
+	        throw new ConfigurationException("config.05");
+	    }
+		try {
+			URI fileURI = new URI(configFileName);
+	    
+			// determine the directory of the root config file
+			configRootDir = new File(fileURI).getParent();	
+	    
+			log.info("Loading MOA-ID WebGUI configuration from file " + fileURI);
+	   			
+			//Load MOAID-2.0 properties file
+			
+			File propertiesFile = new File(fileURI);
+			FileInputStream fis;
+			props = new Properties();
+	
+			fis = new FileInputStream(propertiesFile);
+			props.load(fis);
+			
+			fis.close();
+						
+			log.debug("OpenSAML initialization started ...");
+			DefaultBootstrap.bootstrap();
+			log.info("OpenSAML initialization complete.");
+	
+			log.info("Pre-Initialization step of MOA-ID WebGUI module finished ... ");
+			
+							
+		} catch (FileNotFoundException e) {
+			throw new ConfigurationException("config.01", new Object[]{configFileName},  e);
+			
+		} catch (IOException e) {
+			throw new ConfigurationException("config.02", new Object[]{configFileName}, e);
+			
+		} catch (org.opensaml.xml.ConfigurationException e) {
+			throw new ConfigurationException("config.04", e);
+			
+		} catch (URISyntaxException e) {
+			throw new ConfigurationException("config.06", new Object[]{MOAIDConfigurationConstants.FILE_URI_PREFIX, configFileName},  e);
+			
+		}
+	}
+	
+//	@Override
+//	protected Properties getLocalDatabaseProperties() {
+//		return this.props;
+//	}
+
+	public String getConfigFile() {
+		return configFileName;
+	}
+	
+	public String getConfigRootDir() {
+		return configRootDir;
+	}
+	
+	public String getCertStoreDirectory() throws ConfigurationException {
+		String dir = props.getProperty("general.ssl.certstore");
+		if (MiscUtil.isNotEmpty(dir))
+				return FileUtils.makeAbsoluteURL(dir, configRootDir);
+		
+		else
+			throw new ConfigurationException("No SSLCertStore configured use default JAVA TrustStore.");
+		
+	}
+	
+	public String getTrustStoreDirectory() throws ConfigurationException {
+		String dir = props.getProperty("general.ssl.truststore");
+		if (MiscUtil.isNotEmpty(dir))
+				return FileUtils.makeAbsoluteURL(dir, configRootDir);
+		
+		else
+			throw new ConfigurationException("No SSLTrustStore configured use default JAVA TrustStore.");
+		
+	}
+	
+	public boolean isPVPMetadataSchemaValidationActive() {
+		return Boolean.parseBoolean(props.getProperty("general.pvp.schemavalidation", "true"));
+				
+	}
+	
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java
index 3aa3910cc..2f2decab9 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/exception/ConfigurationException.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/ConfigurationException.java
@@ -20,9 +20,10 @@
  * The "NOTICE" text file is part of the distribution. Any derivative works
  * that you distribute must include a readable copy of the "NOTICE" text file.
  *******************************************************************************/
-package at.gv.egovernment.moa.id.configuration.exception;
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
 
-import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
 
 public class ConfigurationException extends Exception {
 	
@@ -37,7 +38,7 @@ public class ConfigurationException extends Exception {
 	}
 	
 	public ConfigurationException(String errorname, Object[] params, Throwable e) {
-		super(LanguageHelper.getErrorString(errorname, params, null), e);
+		super(LanguageHelper.getErrorString(errorname, params), e);
 	}
 	
 	public ConfigurationException(Throwable e) {
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java
new file mode 100644
index 000000000..3c0827a62
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SchemaValidationException.java
@@ -0,0 +1,43 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SchemaValidationException extends FilterException {
+
+	/**
+	 * @param string
+	 */
+	public SchemaValidationException(String string) {
+		super(string);
+		
+	}
+
+	private static final long serialVersionUID = 1L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java
new file mode 100644
index 000000000..7c4c48e6b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/exception/SignatureValidationException.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.exception;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SignatureValidationException extends FilterException {
+
+	/**
+	 * @param string
+	 */
+	public SignatureValidationException(String string) {
+		super(string);
+		
+	}
+
+	/**
+	 * @param e
+	 */
+	public SignatureValidationException(Exception e) {
+		super(e);
+	}
+
+	/**
+	 * @param string
+	 * @param object
+	 */
+	public SignatureValidationException(String string, Exception e) {
+		super(string, e);
+	}
+
+	private static final long serialVersionUID = 1L;
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java
index a1cafe702..5fc5b86d2 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/MOAIDConfigurationValidator.java
@@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egiz.components.configuration.api.Configuration;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
 import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
@@ -48,7 +49,7 @@ import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTa
  */
 public class MOAIDConfigurationValidator {
 	private static final Logger logger = LoggerFactory.getLogger(MOAIDConfigurationValidator.class);
-	private static Configuration dbconfig;	
+	private static MOAIDConfiguration dbconfig;	
 
 	private static ServiceLoader<IModuleValidator> moduleLoader = 
 			ServiceLoader.load(IModuleValidator.class);
@@ -61,7 +62,7 @@ public class MOAIDConfigurationValidator {
 	private boolean isDataValidated = false;
 	
 	@Autowired
-	public void setDatabaseConfiguration(Configuration config) {
+	public void setDatabaseConfiguration(MOAIDConfiguration config) {
 		dbconfig = config;
 		
 	}
@@ -81,7 +82,7 @@ public class MOAIDConfigurationValidator {
 				
 			}
 
-			//load tasks
+			//load dynamic tasks
 			Iterator<IDynamicLoadableTaskValidator> taskLoaderInterator = taskLoader.iterator();
 			while (taskLoaderInterator.hasNext()) {
 				IDynamicLoadableTaskValidator task = taskLoaderInterator.next();
@@ -151,8 +152,13 @@ public class MOAIDConfigurationValidator {
 					if (moduleValidator.containsKey(moduleID)) {
 						logger.trace("Starting validation process of keyGroup: " + groupEl.getKey()
 								+ " with module: " + moduleValidator.get(moduleID).getName());
+						Map<String, String> servicekeys = KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey());
+						
+						//put service prefix to validation Map to check if service already stored
+						servicekeys.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES, groupEl.getKey());
+						
 						moduleValidator.get(moduleID)
-							.validate(KeyValueUtils.removePrefixFromKeys(groupEl.getValue(), groupEl.getKey()));
+							.validate(servicekeys);
 				
 					} else
 						logger.info("No ModulValidator for keygroup {} found.", moduleID);
@@ -268,6 +274,7 @@ public class MOAIDConfigurationValidator {
 			for (String key : validationModuleKeys) {
 				if (el.getKey().startsWith(key)) {
 					selectedModul = moduleValidator.get(key);
+					break;
 				}
 			}
 			
@@ -276,7 +283,7 @@ public class MOAIDConfigurationValidator {
 				String groupkey = null;
 				if (selectedModul.getKeyPrefix().startsWith(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES)) {
 					String oaIndex = KeyValueUtils.getFirstChildAfterPrefix(el.getKey(), selectedModul.getKeyPrefix());
-					groupkey = selectedModul + "." + oaIndex;
+					groupkey = selectedModul.getKeyPrefix() + "." + oaIndex;
 					
 				} else
 					groupkey = selectedModul.getKeyPrefix();
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java
index 22281c973..e7775beba 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/GatewayValidator.java
@@ -22,12 +22,10 @@
  */
 package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
 
-import java.util.Map;
-
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
 import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
-import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesPVPGatewayTask;
 
 /**
  * @author tlenz
@@ -35,17 +33,12 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
  */
 public class GatewayValidator extends AbstractModuleValidator {
 
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map)
-	 */
-	@Override
-	public void validate(Map<String, String> input)
-			throws ConfigurationModulValidationException {
-		// TODO Auto-generated method stub
-
+	public GatewayValidator() {
+		addTaskValidator(new ServicesGeneralInformationTask());
+		addTaskValidator(new ServicesPVPGatewayTask());
 	}
 	
-
+	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
 	 */
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java
index 2e9288415..5b9312e8e 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/InterfederationIDPValidator.java
@@ -24,6 +24,8 @@ package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
 
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesInterfederationIDPTask;
 
 /**
  * @author tlenz
@@ -31,6 +33,11 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleVal
  */
 public class InterfederationIDPValidator extends AbstractModuleValidator {
 
+	public InterfederationIDPValidator() {
+		addTaskValidator(new ServicesGeneralInformationTask());
+		addTaskValidator(new ServicesInterfederationIDPTask());
+		
+	}
 
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#getKeyPrefix()
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java
index a71d425f2..dbce8ec3a 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/OnlineApplicationValidator.java
@@ -22,13 +22,15 @@
  */
 package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
 
-import java.util.Map;
-
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
-import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
 import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
-import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSAML1Task;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesSSOAuthenticationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesbPKDecryptionTask;
 
 /**
  * @author tlenz
@@ -36,14 +38,18 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
  */
 public class OnlineApplicationValidator extends AbstractModuleValidator {
 
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map)
+	/**
+	 * 
 	 */
-	@Override
-	public void validate(Map<String, String> input)
-			throws ConfigurationModulValidationException {
-		// TODO Auto-generated method stub
-
+	public OnlineApplicationValidator() {
+		addTaskValidator(new ServicesGeneralInformationTask());
+		addTaskValidator(new ServicesTargetTask());
+		addTaskValidator(new ServicesAuthenticationInformationTask());
+		addTaskValidator(new ServicesSSOAuthenticationTask());
+		addTaskValidator(new ServicesbPKDecryptionTask());
+		addTaskValidator(new ServicesProtocolSAML1Task());
+		addTaskValidator(new ServicesBKUSelectionTask());
+		
 	}
 	
 	/* (non-Javadoc)
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java
index 17dc66550..ad3c15b16 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/modul/impl/VIDPValidator.java
@@ -22,13 +22,11 @@
  */
 package at.gv.egovernment.moa.id.config.webgui.validation.modul.impl;
 
-import java.util.Map;
-
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationModulValidationException;
-import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationValidationException;
 import at.gv.egovernment.moa.id.config.webgui.validation.modul.AbstractModuleValidator;
-import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesBKUSelectionTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesTargetTask;
 
 /**
  * @author tlenz
@@ -36,14 +34,12 @@ import at.gv.egovernment.moa.id.config.webgui.validation.modul.IModuleValidator;
  */
 public class VIDPValidator extends AbstractModuleValidator {
 
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.config.webgui.validation.IModuleValidator#validate(java.util.Map)
-	 */
-	@Override
-	public void validate(Map<String, String> input)
-			throws ConfigurationModulValidationException {
-		// TODO Auto-generated method stub
 
+	public VIDPValidator() {
+		addTaskValidator(new ServicesGeneralInformationTask());
+		addTaskValidator(new ServicesTargetTask());
+		addTaskValidator(new ServicesBKUSelectionTask());
+		
 	}
 	
 	/* (non-Javadoc)
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java
index 394bc4da7..a124949f1 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/AbstractTaskValidator.java
@@ -49,7 +49,7 @@ public abstract class AbstractTaskValidator implements ITaskValidator {
 			throws ConfigurationTaskValidationException {
 				
 		//start task specific validation
-		tastValidate(input);
+		taskValidate(input);
 
 	}
 
@@ -59,7 +59,7 @@ public abstract class AbstractTaskValidator implements ITaskValidator {
 	 * @param input Key/Value pairs of a module for validation
 	 * @throws ConfigurationModulValidationException
 	 */
-	abstract protected void tastValidate(Map<String, String> input)
+	abstract protected void taskValidate(Map<String, String> input)
 			throws ConfigurationTaskValidationException;
 	
 	/* (non-Javadoc)
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
index e4646bc04..b8836b90c 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralMOAIDConfigurationTask.java
@@ -94,7 +94,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
 	 */
 	@Override
-	protected void tastValidate(Map<String, String> input)
+	protected void taskValidate(Map<String, String> input)
 			throws ConfigurationTaskValidationException {
 		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
 		
@@ -451,7 +451,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
 		}
 		
 		check = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix()));
-		if (MiscUtil.isEmpty(check)) {
+		if (MiscUtil.isEmpty(check) || check.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
 			log.info("AuthBlock Transformation file is empty");
 			errors.add(new ValidationObjectIdentifier(
 					MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, 
@@ -537,6 +537,7 @@ public class GeneralMOAIDConfigurationTask extends AbstractTaskValidator impleme
 		
 		//TODO: add AuthBlock transformation filename
 		String authBlockTransformation = input.get(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64, getKeyPrefix()));
+		
 		String[] splittet = authBlockTransformation.split(",");
 		if (splittet.length > 1) {
 			newConfigValues.put(MOAIDConfigurationConstants.GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64,
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java
index 95f6c8349..35fed19a3 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralOpenIDConfigurationTask.java
@@ -54,7 +54,7 @@ public class GeneralOpenIDConfigurationTask extends AbstractTaskValidator {
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
 	 */
 	@Override
-	protected void tastValidate(Map<String, String> input)
+	protected void taskValidate(Map<String, String> input)
 			throws ConfigurationTaskValidationException {
 
 	}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
index 46dce77a0..a593b5461 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralPVP2XConfigurationTask.java
@@ -82,7 +82,7 @@ public class GeneralPVP2XConfigurationTask extends AbstractTaskValidator impleme
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
 	 */
 	@Override
-	protected void tastValidate(Map<String, String> input)
+	protected void taskValidate(Map<String, String> input)
 			throws ConfigurationTaskValidationException {
 
 		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
index a12c8f0cd..c6086583a 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/GeneralSTORKConfigurationTask.java
@@ -90,7 +90,7 @@ public static final List<String> KEYWHITELIST;
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
 	 */
 	@Override
-	public void tastValidate(Map<String, String> input)
+	public void taskValidate(Map<String, String> input)
 			throws ConfigurationTaskValidationException {
 		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
 		Map<String, String> validatedCPeps = new HashedMap<String, String>();
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
new file mode 100644
index 000000000..c39e857e4
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
@@ -0,0 +1,229 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesAuthenticationInformationTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationInformationTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - Authentication Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+			
+		//Check BKU URLs
+		String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY);
+		if (MiscUtil.isNotEmpty(check) && 
+				!ValidationHelper.validateURL(check)) {
+			log.info("Not valid Handy-BKU URL");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_AUTH_BKU_HANDY, 
+					"BKU - Handy",
+					LanguageHelper.getErrorString("validation.general.bku.handy.valid")));
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL);
+		if (MiscUtil.isNotEmpty(check) &&
+				!ValidationHelper.validateURL(check)) {
+			log.info("Not valid Online-BKU URL");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_AUTH_BKU_LOCAL, 
+					"BKU - Local",
+					LanguageHelper.getErrorString("validation.general.bku.local.valid")));
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE);
+		if (MiscUtil.isNotEmpty(check) &&
+				!ValidationHelper.validateURL(check)) {
+			log.info("Not valid Online-BKU URL");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, 
+					"BKU - Online",
+					LanguageHelper.getErrorString("validation.general.bku.online.valid")));
+		}
+		
+		//check KeyBoxIdentifier
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_KEYBOXIDENTIFIER);
+		if (MiscUtil.isEmpty(check)) {
+			log.info("Empty KeyBoxIdentifier");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, 
+					"BKU - KeyBoxIdentifier",
+					LanguageHelper.getErrorString("validation.general.keyboxidentifier.empty")));
+			
+		} else {
+			if (!MOAIDConfigurationConstants.ALLOWED_KEYBOXIDENTIFIER.contains(check)) {
+				log.info("Not valid KeyBoxIdentifier " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_BKU_ONLINE, 
+						"BKU - KeyBoxIdentifier",
+						LanguageHelper.getErrorString("validation.general.keyboxidentifier.valid")));
+			}
+		}
+		
+		//check LegacyMode SLTemplates
+		String isLegacyModeActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY);
+		if (MiscUtil.isNotEmpty(isLegacyModeActive) && Boolean.parseBoolean(isLegacyModeActive)) {
+			if (MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE)) &&
+				MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE)) &&
+				MiscUtil.isEmpty(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE)) ) {
+					log.info("Empty OA-specific SecurityLayer Templates");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_LEGACY, 
+							"BKU - SecurityLayer Templates",
+							LanguageHelper.getErrorString("validation.general.sltemplates.empty")));
+					
+			} else {
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE);
+				if (MiscUtil.isNotEmpty(check) &&
+					ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
+						log.info("First OA-specific SecurityLayer Templates is not valid");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE, 
+								"BKU - 1. SecurityLayer Templates",
+								LanguageHelper.getErrorString("validation.general.sltemplate1.valid")));
+				}
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE);
+				if (MiscUtil.isNotEmpty(check) &&
+					ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
+						log.info("Second OA-specific SecurityLayer Templates is not valid");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE, 
+								"BKU - 2. SecurityLayer Templates",
+								LanguageHelper.getErrorString("validation.general.sltemplate2.valid")));
+				}
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE);
+				if (MiscUtil.isNotEmpty(check) &&
+					ValidationHelper.isNotValidIdentityLinkSigner(check)	) {
+						log.info("Third OA-specific SecurityLayer Templates is not valid");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE, 
+								"BKU - 3. SecurityLayer Templates",
+								LanguageHelper.getErrorString("validation.general.sltemplate3.valid")));
+				}
+			}	
+		}
+
+		//check Mandate Profiles
+		String checkUseMandate = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_USE);
+		if (MiscUtil.isNotEmpty(checkUseMandate) && Boolean.parseBoolean(checkUseMandate)) {
+			check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES);
+			if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+				log.warn("MandateProfiles contains potentail XSS characters: " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_PROFILES, 
+						"Mandates - Profiles",
+						LanguageHelper.getErrorString("validation.general.mandate.profiles", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+			}
+			
+		}
+		
+		String isTestCredentialsActive = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_ENABLED);
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs);
+		if (MiscUtil.isNotEmpty(isTestCredentialsActive) && 
+				Boolean.parseBoolean(isTestCredentialsActive) &&
+				MiscUtil.isNotEmpty(check)) {
+			String[] oids = check.split(",");			
+			for (String el : oids) {
+				if (!el.startsWith(MOAIDConfigurationConstants.TESTCREDENTIALROOTOID)) {
+					log.warn("Test credential OID does not start with test credential root OID");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TESTCREDENTIALS_OIDs, 
+							"Test-Identities - allowed OIDs",
+							LanguageHelper.getErrorString("validation.general.testcredentials.oid.valid", 
+						new Object[] {el}) ));
+				}
+			}						
+		}
+									
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java
new file mode 100644
index 000000000..087334c4b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationSTORKTask.java
@@ -0,0 +1,301 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesAuthenticationSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesAuthenticationSTORKTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - General Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		Map<String, String> newConfigValues = new HashMap<String, String>();
+		
+		//C-PEPS
+		try {
+			//search all actually configured C-PEPS
+			String[] cPepsKeys = dbconfig.findConfigurationId(
+					MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST
+					+ ".%."
+					+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_CPEPS_LIST_COUNTRY);
+			List<String> cPepsCountries = new ArrayList<String>();
+			for (String el : cPepsKeys) {
+				String country = dbconfig.getStringValue(el);
+				if (MiscUtil.isNotEmpty(el))
+					cPepsCountries.add(country);
+				
+			}
+			
+			//check SERVICE STORK countries against C-PEPS configuration
+			Map<String, String> GUICountries = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST);
+			Iterator<Entry<String, String>> GUICountriesInterator = GUICountries.entrySet().iterator();
+			while (GUICountriesInterator.hasNext()) {
+				Entry<String, String> entry = GUICountriesInterator.next();
+				if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE)) {
+					
+					if (cPepsCountries.contains(entry.getValue())) {
+						//Service contains C-PEPS
+						log.trace("Service contains C-PEPS with countryCode: " + entry.getValue());
+						cPepsCountries.remove(entry.getValue());
+						
+					} else {
+						//Service contains countryCode which is not a C-PEPS --> remove country code from service
+						log.debug("No C-PEPS with service countryCode: " + entry.getValue() 
+								+ " Remove countryCode from service.");
+						String index = KeyValueUtils.getParentKey(entry.getKey());
+						if (MiscUtil.isNotEmpty(index)) {
+							keysToDelete.add(
+									MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+									+ "." + index + "*");
+							
+						} else
+							log.warn("Can not remove countryCode from service. Suspect key: "
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST 
+									+ "." + entry.getKey());
+						
+					}					
+				}				
+			}
+			
+			// add new C-PEPS to service
+			int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUICountries.keySet(), new String());
+			for (String el : cPepsCountries) {
+				log.debug("Add new C-PEPS: " + el + " to service with key: "
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+						+ "." + nextFreeIndex);
+				newConfigValues.put(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+						+ "." + nextFreeIndex + "."
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE,
+						el);
+				newConfigValues.put(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+						+ "." + nextFreeIndex + "."
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED,
+						String.valueOf(true));
+				nextFreeIndex++;
+			}
+			
+			
+		} catch (ConfigurationException e) {
+			log.error("Can not access configuration.", e);
+			
+		}
+		
+		
+		//STORK attributes
+		try {
+			//search all actually configured C-PEPS
+			String[] attributeKeys = dbconfig.findConfigurationId(
+					MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST
+					+ ".%."
+					+ MOAIDConfigurationConstants.GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME);
+			List<String> attributeNames = new ArrayList<String>();
+			for (String el : attributeKeys) {
+				String country = dbconfig.getStringValue(el);
+				if (MiscUtil.isNotEmpty(el))
+					attributeNames.add(country);
+				
+			}
+			
+			//check SERVICE STORK countries against C-PEPS configuration
+			Map<String, String> GUIAttributes = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST);
+			Iterator<Entry<String, String>> GUIAttributesInterator = GUIAttributes.entrySet().iterator();
+			while (GUIAttributesInterator.hasNext()) {
+				Entry<String, String> entry = GUIAttributesInterator.next();
+				if (entry.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME)) {
+					
+					if (attributeNames.contains(entry.getValue())) {
+						//Service contains C-PEPS
+						log.trace("Service contains STORK attribute with name: " + entry.getValue());
+						attributeNames.remove(entry.getValue());
+						
+					} else {
+						//Service contains countryCode which is not a C-PEPS --> remove country code from service
+						log.debug("No STORK attribute with service attributeName: " + entry.getValue() 
+								+ " Remove STORK attribte from service.");
+						String index = KeyValueUtils.getParentKey(entry.getKey());
+						if (MiscUtil.isNotEmpty(index)) {
+							keysToDelete.add(
+									MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+									+ "." + index + "*");
+							
+						} else
+							log.warn("Can not remove STORK attribute from service. Suspect key: "
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST 
+									+ "." + entry.getKey());
+						
+					}					
+				}				
+			}
+			
+			// add new C-PEPS to service
+			int nextFreeIndex = KeyValueUtils.findNextFreeListCounter(GUIAttributes.keySet(), new String());
+			for (String el : attributeNames) {
+				log.debug("Add new STORK attribute: " + el + " to service with key: "
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+						+ "." + nextFreeIndex);
+				newConfigValues.put(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+						+ "." + nextFreeIndex + "."
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME,
+						el);
+				
+				newConfigValues.put(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+						+ "." + nextFreeIndex + "."
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED,
+						String.valueOf(false));
+				
+				newConfigValues.put(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+						+ "." + nextFreeIndex + "."
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY,
+						String.valueOf(false));
+				
+				nextFreeIndex++;
+			}
+			
+			
+		} catch (ConfigurationException e) {
+			log.error("Can not access configuration.", e);
+			
+		}
+		
+		
+		
+		if (newConfigValues.isEmpty())
+			return null;
+		else
+			return newConfigValues;
+		
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		// check qaa
+		String qaaString = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL);
+		if (MiscUtil.isNotEmpty(qaaString)) {
+			try {
+				int qaa = Integer.parseInt(qaaString);
+				if(1 > qaa && 4 < qaa) {
+					log.warn("QAA is out of range : " + qaa);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, 
+							"STORK - minimal QAA level",
+							LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+									new Object[] {qaa})));
+				}
+				
+			} catch (NumberFormatException e) {
+				log.warn("QAA level is not a number: " + qaaString);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, 
+						"STORK - minimal QAA level",
+						LanguageHelper.getErrorString("validation.stork.qaa.outofrange",
+								new Object[] {qaaString})));
+			}
+		}
+							
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+	 */
+	@Override
+	public List<String> getModulValidatorPrefix() {
+		return Arrays.asList(
+				MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+				);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
new file mode 100644
index 000000000..7ed9751cb
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesBKUSelectionTask.java
@@ -0,0 +1,403 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.apache.commons.codec.binary.Base64;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesBKUSelectionTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesBKUSelectionTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "auth.templates";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - BKU-Selection Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		
+		Map<String, String> newConfigValues = new HashMap<String, String>();
+		
+		String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME);
+		if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) {
+			newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, bkuSelectTemplateUploadedFileName);
+			
+		}
+		
+		String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME);
+		if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) {
+			newConfigValues.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, sendAssertionTemplateUploadedFileName);
+			
+		}
+		
+		if (newConfigValues.isEmpty())
+			return null;
+		else
+			return newConfigValues;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		
+		//validate aditionalAuthBlockText
+		String check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("AditionalAuthBlockText contains potentail XSS characters: " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT, 
+						"AuthBlock - Addition AuthBlocktext",
+						LanguageHelper.getErrorString("validation.general.aditionalauthblocktext", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+			}
+		}
+		
+		//validate BKU selection template
+		String bkuSelectTemplate = null; 
+		String bkuSelectionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);
+		if (MiscUtil.isNotEmpty(bkuSelectionFileUpload) && 
+				!bkuSelectionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT) ) {
+			String bkuSelectTemplateFileName = "unknown";
+			try {				
+				String bkuSelectTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME);
+				if (MiscUtil.isNotEmpty(bkuSelectTemplateUploadedFileName)) {
+					if (ValidationHelper.containsPotentialCSSCharacter(bkuSelectTemplateUploadedFileName, false)) {
+						log.info("BKU Selection Filename is not valid");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, 
+								"Templates - BKU Selection Filename",
+								LanguageHelper.getErrorString("validation.general.bkuselection.filename.valid")));
+										
+					} else 
+						bkuSelectTemplateFileName = bkuSelectTemplateUploadedFileName;
+					
+				} else {
+					String bkuSelectTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW);
+					if (MiscUtil.isNotEmpty(bkuSelectTemplatePreView))
+						bkuSelectTemplateFileName = bkuSelectTemplatePreView;
+					
+				}
+				
+				String[] bkuSelectTemplateSplitted = bkuSelectionFileUpload.split(",");
+				if (bkuSelectTemplateSplitted.length > 1)
+					bkuSelectTemplate = bkuSelectTemplateSplitted[1];
+				else
+					bkuSelectTemplate = bkuSelectionFileUpload;
+			
+				if (!Base64.isBase64(bkuSelectTemplate)) {
+					log.info("BKU Selection Template is not decodeable.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, 
+							"Templates - BKU Selection",
+							LanguageHelper.getErrorString("validation.general.bkuselection.file.valid", 
+							new Object[] {bkuSelectTemplateFileName})));
+					
+				}
+				
+			} catch (Exception e) {
+				log.info("BKU Selection Template is not decodeable.");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, 
+						"Templates - BKU Selection",
+						LanguageHelper.getErrorString("validation.general.bkuselection.file.valid", 
+						new Object[] {bkuSelectTemplateFileName})));
+				
+			}
+			
+		}
+		
+        //validate send-assertion template
+		String sendAssertionTemplate = null; 
+		String sendAssertionFileUpload = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);
+		if (MiscUtil.isNotEmpty(sendAssertionFileUpload) &&
+				!sendAssertionFileUpload.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+			String sendAssertionTemplateFileName = "unknown";
+			try {				
+				String sendAssertionTemplateUploadedFileName = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME);
+				if (MiscUtil.isNotEmpty(sendAssertionTemplateUploadedFileName)) {
+					if (ValidationHelper.containsPotentialCSSCharacter(sendAssertionTemplateUploadedFileName, false)) {
+						log.info("Send Assertion Filename is not valid");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, 
+								"Templates - Send Assertion Filename",
+								LanguageHelper.getErrorString("validation.general.sendassertion.filename.valid")));
+										
+					} else 
+						sendAssertionTemplateFileName = sendAssertionTemplateUploadedFileName;
+					
+				} else {
+					String sendAssertionTemplatePreView = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW);
+					if (MiscUtil.isNotEmpty(sendAssertionTemplatePreView))
+						sendAssertionTemplateFileName = sendAssertionTemplatePreView;
+					
+				}
+				
+				String[] sendAssertionTemplateSplitted = sendAssertionFileUpload.split(",");
+				if (sendAssertionTemplateSplitted.length > 1)
+					sendAssertionTemplate = sendAssertionTemplateSplitted[1];
+				else
+					sendAssertionTemplate = sendAssertionFileUpload;
+			
+				if (!Base64.isBase64(sendAssertionTemplate)) {
+					log.info("Send Assertion Template is not decodeable.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, 
+							"Templates - Send Assertion",
+							LanguageHelper.getErrorString("validation.general.sendassertion.file.valid", 
+							new Object[] {sendAssertionTemplateFileName})));
+					
+				}
+				
+			} catch (Exception e) {
+				log.info("Send Assertion Template is not decodeable.");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, 
+						"Templates - Send Assertion",
+						LanguageHelper.getErrorString("validation.general.sendassertion.file.valid", 
+						new Object[] {sendAssertionTemplateFileName})));
+				
+			}
+			
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("BKUSelectionBackGroundColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BACKGROUNDCOLOR, 
+						"Templates - Background Color",
+						LanguageHelper.getErrorString("validation.general.form.color.background")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("BKUSelectionFrontColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FRONTCOLOR, 
+						"Templates - Front Color",
+						LanguageHelper.getErrorString("validation.general.form.color.front")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("HeaderBackGroundColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERBACKGROUNDCOLOR, 
+						"Templates - Header Background-Color",
+						LanguageHelper.getErrorString("validation.general.form.header.color.back")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("HeaderFrontColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERFRONTCOLOR, 
+						"Templates - Header Front-Color",
+						LanguageHelper.getErrorString("validation.general.form.header.color.front")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT);
+		if (MiscUtil.isNotEmpty(check)) {			
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("HeaderText contains potentail XSS characters: " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_HEADERTEXT, 
+						"Templates - Header Text",
+						LanguageHelper.getErrorString("validation.general.form.header.text", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+			}
+		}
+
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("ButtonBackGroundColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACKGROUNDCOLOR, 
+						"Templates - Button Background-Color",
+						LanguageHelper.getErrorString("validation.general.form.button.color.back")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("ButtonBackGroundColorFocus is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONBACLGROUNDCOLORFOCUS, 
+						"Templates - Button Background-Color on Focus",
+						LanguageHelper.getErrorString("validation.general.form.button.color.back.focus")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!check.startsWith("#"))
+				check = "#" + check;
+			
+			if (!ValidationHelper.isValidHexValue(check)) {
+				log.warn("ButtonFrontColor is not a valid hex value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_BUTTONFRONTCOLOR, 
+						"Templates - Button Front-Color",
+						LanguageHelper.getErrorString("validation.general.form.button.color.front")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!MOAIDConfigurationConstants.ALLOWED_REDIRECTTARGETNAMES.contains(check)) {
+				log.warn("AppletRedirectTarget has not valid value " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETREDIRECTTARGET, 
+						"Templates - Applet Redirect-Target",
+						LanguageHelper.getErrorString("validation.general.form.appletredirecttarget")));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE);
+		if (MiscUtil.isNotEmpty(check)) {			
+			if (ValidationHelper.containsPotentialCSSCharacter(check, true)) {
+				log.warn("FontType contains potentail XSS characters: " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE, 
+						"Templates - Font Type",
+						LanguageHelper.getErrorString("validation.general.form.fonttype", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+			}
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!ValidationHelper.validateNumber(check)) {
+				log.warn("Applet height "+ check + " is no valid number");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETHEIGHT, 
+						"Templates - Applet Height",
+						LanguageHelper.getErrorString("validation.general.form.applet.height", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+			}			
+		}
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!ValidationHelper.validateNumber(check)) {
+				log.warn("Applet width "+ check + " is no valid number");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_APPLETWIDTH, 
+						"Templates - Applet Width",
+						LanguageHelper.getErrorString("validation.general.form.applet.width", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(true)}) ));
+			}			
+		}
+							
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
index f27cb9ce7..86d047c74 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesGeneralInformationTask.java
@@ -28,47 +28,50 @@ import java.util.List;
 import java.util.Map;
 import java.util.regex.Pattern;
 
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.springframework.beans.factory.annotation.Autowired;
+
 import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
-import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
 import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
 import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
 import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
  *
  */
 public class ServicesGeneralInformationTask extends AbstractTaskValidator implements ITaskValidator {
-
+	private static final Logger log = LoggerFactory.getLogger(ServicesGeneralInformationTask.class);
 	private static final List<String> KEYWHITELIST;
 	
+	private static MOAIDConfiguration dbconfig;	
+	
 	static {
-		ArrayList<String> temp = new ArrayList<String>();
-		temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_ENABLED, MOAIDConfigurationConstants.PREFIX_GENERAL));		
-		temp.add(KeyValueUtils.removePrefixFromKey(MOAIDConfigurationConstants.GENERAL_PROTOCOLS_OPENID_LEGACY, MOAIDConfigurationConstants.PREFIX_GENERAL));		
-		
+		ArrayList<String> temp = new ArrayList<String>();		
 		KEYWHITELIST = Collections.unmodifiableList(temp);
 	}
 	
-	
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#validate(java.util.Map)
-	 */
-	@Override
-	public void validate(Map<String, String> input)
-			throws ConfigurationTaskValidationException {
-		// TODO Auto-generated method stub
 
+	@Autowired
+	public void setDatabaseConfiguration(MOAIDConfiguration config) {
+		dbconfig = config;
+		
 	}
-
+	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
 	 */
 	@Override
 	public String getKeyPrefix() {
-		// TODO Auto-generated method stub
-		return null;
+		return "";
 	}
 
 	/* (non-Javadoc)
@@ -76,8 +79,7 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem
 	 */
 	@Override
 	public String getName() {
-		// TODO Auto-generated method stub
-		return null;
+		return "Service - General Configuration Task";
 	}
 
 	/* (non-Javadoc)
@@ -86,7 +88,6 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem
 	@Override
 	public Map<String, String> postProcessing(Map<String, String> input,
 			List<String> keysToDelete, Configuration dbconfig) {
-		// TODO Auto-generated method stub
 		return null;
 	}
 
@@ -94,10 +95,113 @@ public class ServicesGeneralInformationTask extends AbstractTaskValidator implem
 	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
 	 */
 	@Override
-	protected void tastValidate(Map<String, String> input)
-			throws ConfigurationTaskValidationException {
-		// TODO Auto-generated method stub
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {		
+		if (dbconfig == null) {
+			throw new ConfigurationTaskValidationException(
+					new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!"));
+			
+		}
+		
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+				
+		String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, 
+						"FriendlyName",
+						LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+			}
+		} else {
+			log.info("OA friendlyName is empty");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, 
+					"FriendlyName",
+					LanguageHelper.getErrorString("validation.general.oafriendlyname.empty")));
+		}
+		
+		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+		if (MiscUtil.isEmpty(isBusinessService)) {
+			log.info("OA businessservice flag is empty");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, 
+					"BusinessService",
+					LanguageHelper.getErrorString("validation.general.businessservice.empty")));
+			
+		}
+		
+		String servicePrefixId = input.get(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES);
+		if (MiscUtil.isNotEmpty(servicePrefixId)) {
+	        String uniqueServiceID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+	        if (MiscUtil.isEmpty(uniqueServiceID)) {
+	        	log.info("Empty unique service identifier");
+	        	errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, 
+						"Unique Identifier",
+						LanguageHelper.getErrorString("validation.general.oaidentifier.empty")));	        	
+	        	
+	        } else {	
+	            if (!ValidationHelper.validateURL(uniqueServiceID)) {
+	            	log.warn("Unique serice identifier is not a valid URL: " + uniqueServiceID);
+	            	errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, 
+							"Unique Identifier",
+							LanguageHelper.getErrorString("validation.general.oaidentifier.valid")));
+	            		                
+	            } else {
+	            	//check uniqueness of service identifier
+	            	try {
+		            	String[] allServiceKeys = dbconfig.findConfigurationId(
+		            			MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES
+		            			+".%."
+		            			+ MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+		            	if (allServiceKeys != null) {
+			            	List<String> foundKeys = new ArrayList<String>();
+			            	for (String elKey : allServiceKeys) {
+			            		String elValue = dbconfig.getStringValue(elKey);
+			            		if (uniqueServiceID.startsWith(elValue) || 
+			            				(elValue != null && elValue.startsWith(uniqueServiceID))) {
+			            			log.debug("Found service with key: " + elKey
+			            					+ " and uniqueID: " + elValue
+			            					+ " which maches to edited service with uniqueID:"
+			            					+ uniqueServiceID);
+			            			foundKeys.add(elKey);
+			            			
+			            		}
+			            		
+			            	}
+			            	if ((foundKeys.size() > 1) || 
+			            			((foundKeys.size() == 1) && !foundKeys.get(0).startsWith(servicePrefixId) )) {
+			            		log.info("The service identifier is not unique");
+			            		errors.add(new ValidationObjectIdentifier(
+										MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER, 
+										"Unique Identifier",
+										LanguageHelper.getErrorString("validation.general.oaidentifier.notunique")));
+			            		
+			            	}
+		            	}
+		            	
+	            	} catch (ConfigurationException e) {
+	            		log.error("Configuration not readable!", e);
+	            		new ValidationObjectIdentifier("internal", "Internal Error", "Configuration is not readable!");
+	            		
+	            	}
+	            }
+	        }			
+			
+		} else {
+			throw new ConfigurationTaskValidationException(
+					new ValidationObjectIdentifier("internal", "Internal Error", "No MOA-ID service prefix! Can not check uniqueness of service configuration."));
+			
+		}
+		
 		
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
 	}
 
 	/* (non-Javadoc)
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java
new file mode 100644
index 000000000..8c3475d8b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesInterfederationIDPTask.java
@@ -0,0 +1,116 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesInterfederationIDPTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesInterfederationIDPTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "interfederation";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - Interfederation IDP";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		String queryURL = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL);
+		if (MiscUtil.isNotEmpty(queryURL)) {
+			if (!ValidationHelper.validateURL(queryURL)) {
+				log.info("AttributeQuery URL is not valid");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, 
+						"Attribute Querry URL",
+						LanguageHelper.getErrorString("validation.interfederation.moaidp.queryurl.valid")));
+				
+			}			
+		}
+						
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java
new file mode 100644
index 000000000..2e9dd1c30
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesPVPGatewayTask.java
@@ -0,0 +1,121 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesPVPGatewayTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesPVPGatewayTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "interfederation";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - PVP Gateway Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		String entityID = input.get(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER);
+		if (MiscUtil.isNotEmpty(entityID)) {
+			if (!ValidationHelper.validateURL(entityID)) {
+				log.info("PVP gateway EntityID is not valid");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, 
+						"EntityID of PVP Portal ",
+						LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.valid")));
+				
+			}
+			
+		} else
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, 
+					"EntityID of PVP Portal ",
+					LanguageHelper.getErrorString("validation.interfederation.gateway.entityID.empty")));
+							
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java
new file mode 100644
index 000000000..e8cdbba90
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolOpenIDTask.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.UUID;
+import java.util.regex.Pattern;
+
+import org.apache.commons.lang.StringUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolOpenIDTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesProtocolOpenIDTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - General Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		Map<String, String> newConfigValues = new HashMap<String, String>();
+		
+		//TODO: check secret 
+		String guiClientID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID);
+		String guiClientSecret = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET);
+		
+		if (MiscUtil.isEmpty(guiClientSecret)) {
+			log.info("OpenID Connect client-secret is empty --> generate a new secrete.");
+			guiClientSecret = UUID.randomUUID().toString();
+			newConfigValues.put(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTSECRET, 
+					guiClientSecret);
+			
+		}
+		
+		if (MiscUtil.isEmpty(guiClientID)) {
+			log.info("OpenID Connect ClientID is empty --> Set ClientID to unique identifier.");
+			newConfigValues.put(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_CLIENTID, 
+					input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER));
+			
+		}
+		
+		if (newConfigValues.isEmpty())
+			return null;
+		else
+			return newConfigValues;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+		
+		String redirectURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL);
+		// validate redirectUri
+		if (StringUtils.isNotEmpty(redirectURL) && !ValidationHelper.validateURL(redirectURL)) {
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_OPENID_REDIRECTURL, 
+					"OpenID - Redirect URL",
+					LanguageHelper.getErrorString("error.oa.oauth.redirecturi")));
+		}
+		
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+	 */
+	@Override
+	public List<String> getModulValidatorPrefix() {
+		return Arrays.asList(
+				MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA
+				);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java
new file mode 100644
index 000000000..6da1bc389
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolPVP2XTask.java
@@ -0,0 +1,336 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import iaik.x509.X509Certificate;
+
+import java.io.IOException;
+import java.security.cert.CertificateException;
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Timer;
+import java.util.regex.Pattern;
+
+import javax.net.ssl.SSLHandshakeException;
+
+import org.apache.commons.httpclient.MOAHttpClient;
+import org.opensaml.saml2.metadata.provider.HTTPMetadataProvider;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.saml2.metadata.provider.MetadataFilterChain;
+import org.opensaml.saml2.metadata.provider.MetadataProviderException;
+import org.opensaml.xml.parse.BasicParserPool;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.ex.MOAHttpProtocolSocketFactoryException;
+import at.gv.egovernment.moa.id.commons.utils.MOAHttpProtocolSocketFactory;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.MOAIDWebGUIConfiguration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.MetaDataVerificationFilter;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.SchemaValidationFilter;
+import at.gv.egovernment.moa.util.Base64Utils;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolPVP2XTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesProtocolPVP2XTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - General Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+
+		Map<String, String> newConfigValues = new HashMap<String, String>();
+		String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+		
+		String[] splittet = certBase64.split(",");
+		if (splittet.length > 1) {
+			newConfigValues.put(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE,
+					splittet[1]);
+			log.debug("Extract PVP2X metadata validation certificate from GUI upload and add it to key: {}", MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+				
+			try {
+				byte[] certSerialized = null;			
+				if (MiscUtil.isNotEmpty(certBase64)) {
+					certSerialized = Base64Utils.decode(certBase64, true);
+					X509Certificate cert = new X509Certificate(certSerialized);
+					newConfigValues.put(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT, 
+							cert.getSubjectDN().getName());
+				
+				}
+			
+			} catch (IOException | CertificateException e) {
+				log.error("PVP2X metadata signing certificate is not parseable.", e);
+						
+			}
+		}
+				
+		if (newConfigValues.isEmpty())
+			return null;
+		else
+			return newConfigValues;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		Timer timer = null;
+		MOAHttpClient httpClient = null;
+		HTTPMetadataProvider httpProvider = null;
+	
+		String certBase64 = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
+		
+		try {
+			byte[] certSerialized = null;
+			if (MiscUtil.isNotEmpty(certBase64) &&
+					!certBase64.equals(MOAIDConfigurationConstants.WEBGUI_EMPTY_ELEMENT)) {
+				String[] splittet = certBase64.split(",");
+				if (splittet.length > 1)
+					certSerialized = Base64Utils.decode(splittet[1], true);
+				else
+					certSerialized = Base64Utils.decode(certBase64, true);
+			}
+				
+								
+			String metadataURL = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL);
+			if (MiscUtil.isNotEmpty(metadataURL)) {
+								
+				if (!ValidationHelper.validateURL(metadataURL)) {
+					log.info("MetaDataURL has no valid form.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+							"PVP2x - Metadata URL",
+							LanguageHelper.getErrorString("validation.pvp2.metadataurl.valid")));
+				
+				} else {
+					
+					if (certSerialized == null) {
+						log.info("No certificate for metadata validation");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE, 
+								"PVP2x - Metadata Certificate",
+								LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")));
+						
+					} else {
+						
+						X509Certificate cert = new X509Certificate(certSerialized);
+						BasicX509Credential credential = new BasicX509Credential();
+						credential.setEntityCertificate(cert);
+						
+						timer = new Timer();
+						httpClient = new MOAHttpClient();
+						
+						if (metadataURL.startsWith("https:"))
+							try {
+								MOAHttpProtocolSocketFactory protoSocketFactory = new MOAHttpProtocolSocketFactory(
+										"MOAMetaDataProvider",
+										MOAIDWebGUIConfiguration.getInstance().getCertStoreDirectory(), 
+										MOAIDWebGUIConfiguration.getInstance().getTrustStoreDirectory(),
+										null,
+										"pkix", 
+										true);
+								
+									httpClient.setCustomSSLTrustStore(
+											metadataURL, 
+											protoSocketFactory);
+	
+							} catch (MOAHttpProtocolSocketFactoryException e) {
+								log.warn("MOA SSL-TrustStore can not initialized. Use default Java TrustStore.", e);
+								
+							} catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+								log.info("No MOA specific SSL-TrustStore configured. Use default Java TrustStore.", e);
+								
+							} 
+
+						List<MetadataFilter> filterList = new ArrayList<MetadataFilter>();
+						filterList.add(new MetaDataVerificationFilter(credential));
+						
+						try {
+							filterList.add(new SchemaValidationFilter(
+									MOAIDWebGUIConfiguration.getInstance().isPVPMetadataSchemaValidationActive()));
+							
+						} catch (at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationException e) {
+							log.warn("Configuration access FAILED!", e);
+							
+						}
+						
+						MetadataFilterChain filter = new MetadataFilterChain();
+						filter.setFilters(filterList);
+						
+						httpProvider = 
+								new HTTPMetadataProvider(timer, httpClient, metadataURL);
+						httpProvider.setParserPool(new BasicParserPool());
+						httpProvider.setRequireValidMetadata(true); 
+						httpProvider.setMetadataFilter(filter);
+						httpProvider.setMinRefreshDelay(1000*60*15); //15 minutes
+						httpProvider.setMaxRefreshDelay(1000*60*60*24); //24 hours						
+						httpProvider.setRequireValidMetadata(true);						
+						httpProvider.initialize();
+					
+						if (httpProvider.getMetadata() == null) {
+							log.info("Metadata could be received but validation FAILED.");
+							errors.add(new ValidationObjectIdentifier(
+									MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+									"PVP2x - Metadata",
+									LanguageHelper.getErrorString("validation.pvp2.metadata.validation")));
+						}						
+					}
+				}
+			}
+									
+		} catch (CertificateException e) {
+			log.info("Uploaded Certificate can not be found", e);
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+					"PVP2x - Metadata",
+					LanguageHelper.getErrorString("validation.pvp2.certificate.notfound")));
+			
+		} catch (IOException e) {
+			log.info("Metadata can not be loaded from URL", e);
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+					"PVP2x - Metadata",
+					LanguageHelper.getErrorString("validation.pvp2.metadataurl.read")));
+			
+		} catch (MetadataProviderException e) {
+			
+			try {
+				if (e.getCause() != null && e.getCause().getCause() instanceof SSLHandshakeException) {
+					log.info("SSL Server certificate not trusted.", e);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+							"PVP2x - Metadata",
+							LanguageHelper.getErrorString("validation.pvp2.metadata.ssl")));
+
+				} else if (e.getCause() != null && e.getCause().getCause() instanceof SignatureValidationException) {				
+					log.info("MetaDate verification failed", e);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+							"PVP2x - Metadata",
+							LanguageHelper.getErrorString("validation.pvp2.metadata.verify.sig")));
+				
+				} else if (e.getCause() != null && e.getCause().getCause() instanceof SchemaValidationException) {
+					log.info("MetaDate verification failed", e);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+							"PVP2x - Metadata",
+							LanguageHelper.getErrorString("validation.pvp2.metadata.verify.schema")));
+								
+				} else {			
+					log.info("MetaDate verification failed", e);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+							"PVP2x - Metadata",
+							LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general")));
+				}
+				
+			} catch (Exception e1) {
+				log.info("MetaDate verification failed", e1);
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL, 
+						"PVP2x - Metadata",
+						LanguageHelper.getErrorString("validation.pvp2.metadata.verify.general")));
+				
+			}
+			
+		} finally {			
+			if (httpProvider != null)
+				httpProvider.destroy();
+			
+			if (timer != null)
+				timer.cancel();
+			
+		}
+					
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+	 */
+	@Override
+	public List<String> getModulValidatorPrefix() {
+		return Arrays.asList(
+				MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_OA, 
+				MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_IIDP
+				);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java
new file mode 100644
index 000000000..fe3a791e7
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSAML1Task.java
@@ -0,0 +1,114 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolSAML1Task extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSAML1Task.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "protocols.saml1";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - SAML1 Protocol Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+        String isProvideBaseID = input.get(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID);
+		
+        if (Boolean.parseBoolean(isBusinessService) && 
+        		MiscUtil.isNotEmpty(isProvideBaseID) && Boolean.parseBoolean(isProvideBaseID)) {
+			log.info("ProvideStammZahl can not be used with BusinessService applications");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_PROTOCOLS_SAML1_BASEID, 
+					"Protocols - SAML1 BaseID",
+					LanguageHelper.getErrorString("validation.saml1.providestammzahl")));
+		}
+							
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java
new file mode 100644
index 000000000..d4e80bed9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesProtocolSTORKTask.java
@@ -0,0 +1,273 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Map.Entry;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesProtocolSTORKTask extends AbstractTaskValidator implements IDynamicLoadableTaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesProtocolSTORKTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - General Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		Map<String, String> newConfigValues = new HashMap<String, String>();
+		
+		try {
+			//search actually stored service configurations
+			List<String> storedServices = new ArrayList<String>();
+			for (String prefix : getModulValidatorPrefix()) {
+				String[] storedService = dbconfig.findConfigurationId(prefix + ".%." + MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+				if (storedService != null && storedService.length > 0)
+					storedServices.addAll(Arrays.asList(storedService));
+			}
+		
+			String GUIServiceUniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+			String selectedServiceKey = null;
+			for (String serviceKey : storedServices) {
+				String storedUniqueId = dbconfig.getStringValue(serviceKey);
+				if (storedUniqueId.equals(GUIServiceUniqueID)) {
+					selectedServiceKey = KeyValueUtils.getPrefixFromKey(serviceKey, MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+					log.debug("Find service with key: " + selectedServiceKey + " --> Start STORK attribute provider postProcessing.");
+					break;
+				}
+				
+			}
+
+			//load actually stored attribute provider names for service
+			Map<String, String> storedAttributeProviders = new HashMap<String, String>();
+			if (MiscUtil.isNotEmpty(selectedServiceKey)) {
+				String[] storedAttribteProviderNames = dbconfig.findConfigurationId(
+						selectedServiceKey + "." 
+						+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+						+ ".%." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME);
+				if (storedAttribteProviderNames != null) {
+					for (String el : storedAttribteProviderNames) {
+						String attrProviderName = dbconfig.getStringValue(el);
+						storedAttributeProviders.put(attrProviderName, el);
+						
+					}					
+				}				
+			}
+			
+			Map<String, String> storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST);
+			Iterator<Entry<String, String>> interator = storkAttrProviders.entrySet().iterator();
+			while (interator.hasNext()) {
+				Entry<String, String> current = interator.next();
+				if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) {
+					String guiAttrProviderName = current.getValue();
+					if (storedAttributeProviders.containsKey(guiAttrProviderName)) {
+						log.trace("STORK attribute provider: " + guiAttrProviderName
+								+ " is already stored");
+						storedAttributeProviders.remove(guiAttrProviderName);
+						
+					} else {
+						log.trace("Add new STORK attribute provider: " + guiAttrProviderName
+								+ " to service");
+						
+					}
+				}
+			}
+			
+			if (!storedAttributeProviders.isEmpty()) {
+				log.trace("Remove STORK attribute providers from configuration.");
+				for (String el : storedAttributeProviders.values()) {
+					String removeString = KeyValueUtils.getPrefixFromKey(el, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME);
+					keysToDelete.add(removeString + "*");
+					log.debug("Remove STORK attribute provider with key:" + removeString + "*");
+					
+				}
+				
+			}
+		
+		} catch (ConfigurationException e) {
+			log.error("Configuration access FAILED.", e);
+			
+		}
+		
+		
+		if (newConfigValues.isEmpty())
+			return null;
+		else
+			return newConfigValues;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		//check V-IDP specific Target configurations
+		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+		if (!Boolean.parseBoolean(isBusinessService)) {
+			log.info("STORK V-IDP only allowed as business Service.");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, 
+					"BusinessService",
+					"STORK V-IDP only allowed as business Service."));
+		}
+		
+		String identificationType = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+		if (MiscUtil.isEmpty(identificationType) || 
+				!MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(identificationType)) {
+			log.info("STORK V-IDP only allowes identification numbers with STORK prefix.");
+			errors.add(new ValidationObjectIdentifier(
+					MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, 
+					"BusinessService - IdentificationType",
+					"STORK V-IDP only allowes identification numbers with STORK prefix"));
+			
+		}
+		
+		
+		Map<String, String> storkAttrProviders = KeyValueUtils.getSubSetWithPrefix(input, MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST);		
+		Iterator<Entry<String, String>> interator = storkAttrProviders.entrySet().iterator();
+		while (interator.hasNext()) {
+			Entry<String, String> current = interator.next();
+			if (current.getKey().endsWith(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME)) {
+				log.trace("Validate STORK attribute provider with key: " + current.getKey() + " value: " + current.getValue());
+				String index = KeyValueUtils.getParentKey(current.getKey());
+				
+				//validate attribute provider name
+				String attrProviderName = current.getValue();
+				if (MiscUtil.isEmpty(attrProviderName)) {
+					log.info("AttributeProviderPlugin Name is empty.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+							+ "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME, 
+							"STORK - Attribute Provider",
+							LanguageHelper.getErrorString("validation.stork.ap.name.empty")));
+					
+				} else {
+					if (!MOAIDConfigurationConstants.ALLOWED_STORKATTRIBUTEPROVIDERS.contains(attrProviderName)) {
+						log.info("AttributeProviderPlugin Name is not supported.");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+								+ "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_NAME, 
+								"STORK - Attribute Provider",
+								LanguageHelper.getErrorString("validation.stork.ap.name.valid")));
+					}				
+				}
+				
+				String attrProviderURL = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL); 
+				String attrProviderAttr = storkAttrProviders.get(index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES);
+				
+				if (MiscUtil.isEmpty(attrProviderURL) || !ValidationHelper.validateURL(attrProviderURL)) {
+					log.info("AttributeProviderPlugin URL has no valid form.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+							+ "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_URL, 
+							"STORK - Attribute Provider",
+							LanguageHelper.getErrorString("validation.stork.ap.url.valid")));
+				}
+
+				
+				if (MiscUtil.isEmpty(attrProviderAttr) || !attrProviderAttr.matches("[a-zA-Z]+(, ?[a-zA-Z]+)*")) {
+					log.info("AttributeProviderPlugin attributes are empty or do not match csv format.");
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST
+							+ "." + index + "." + MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTPROVIDER_LIST_ATTRIBUTES, 
+							"STORK - Attribute Provider",
+							LanguageHelper.getErrorString("validation.stork.ap.attributes.valid")));
+				}
+					
+			}
+		}
+			
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator#getModulValidatorPrefix()
+	 */
+	@Override
+	public List<String> getModulValidatorPrefix() {
+		return Arrays.asList(
+				MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES_VIDP
+				);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java
new file mode 100644
index 000000000..bf2a38cd9
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesSSOAuthenticationTask.java
@@ -0,0 +1,101 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesSSOAuthenticationTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesSSOAuthenticationTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "auth.sso";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - SSO Authentication Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		//Actually, there is nothing to validate.
+							
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
new file mode 100644
index 000000000..766032f1f
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesTargetTask.java
@@ -0,0 +1,221 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.utils.CompanyNumberValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesTargetTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesTargetTask.class);
+	private static final List<String> KEYWHITELIST;
+	
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - Target Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+        String check;
+		if (Boolean.parseBoolean(isBusinessService)) {
+			
+			//check identification type
+			check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
+			if (!MOAIDConfigurationConstants.BUSINESSSERVICENAMES.keySet().contains(check)) {
+				log.info("IdentificationType is not known.");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, 
+						"BusinessService - Type",
+						LanguageHelper.getErrorString("validation.general.stork.sptarget")));
+			}
+			
+			//check identification number
+			check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
+			if (MiscUtil.isEmpty(check)) {
+				log.info("Empty IdentificationNumber");
+				errors.add(new ValidationObjectIdentifier(
+						MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+						"BusinessService - Value",
+						LanguageHelper.getErrorString("validation.general.identificationnumber.empty")));
+				
+			} else {
+				if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+					log.warn("IdentificationNumber contains potentail XSS characters: " + check);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+							"BusinessService - Value",
+							LanguageHelper.getErrorString("validation.general.identificationnumber.valid", 
+							new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+				}
+				
+				if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE)
+						.equals(MOAIDConfigurationConstants.IDENIFICATIONTYPE_FN)) {
+					CompanyNumberValidator val = new CompanyNumberValidator();
+					if (!val.validate(check)) {
+						log.info("Not valid CompanyNumber");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+								"BusinessService - Value",
+								LanguageHelper.getErrorString("validation.general.identificationnumber.fn.valid")));
+					}
+				}
+			}
+						
+		} else {
+			
+			//check own target
+			String useOwnTarget = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_OWN);
+			if (MiscUtil.isNotEmpty(useOwnTarget) && Boolean.parseBoolean(useOwnTarget)) {
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+						log.warn("TargetFriendlyName contains potentail XSS characters: " + check);
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME, 
+								"Own Target - FriendlyName",
+								LanguageHelper.getErrorString("validation.general.targetfriendlyname", 
+								new Object[] {ValidationHelper.getPotentialCSSCharacter(false)}) ));
+					}
+				}
+				
+				//check Own Target
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (!ValidationHelper.isValidAdminTarget(check)) {
+						log.info("Not valid Target");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET, 
+								"Own Target - Target",
+								LanguageHelper.getErrorString("validation.general.target.admin.valid")));
+					}
+				}
+								
+			} else {
+				
+				//check PublicURL Prefix allows PublicService
+				String uniqueID = input.get(MOAIDConfigurationConstants.SERVICE_UNIQUEIDENTIFIER);
+				if (!ValidationHelper.isPublicServiceAllowed(input.get(uniqueID))) {
+					log.warn("PublicURLPrefix does not allow PublicService: " + uniqueID);
+					errors.add(new ValidationObjectIdentifier(
+							MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, 
+							"PublicService - Target",
+							LanguageHelper.getErrorString("validation.general.target.publicserviceurl", 
+							new Object[] {uniqueID}) ));
+					
+				}
+				
+				//check Target
+				check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET);
+				if (MiscUtil.isNotEmpty(check)) {
+					if (!ValidationHelper.isValidTarget(check)) {
+						log.info("Not valid Target");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET, 
+								"PublicService - Target",
+								LanguageHelper.getErrorString("validation.general.target.valid")));
+					}
+				}
+				
+				String isSubTargetUsed = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_USE_SUB);
+				if (MiscUtil.isNotEmpty(isSubTargetUsed) && Boolean.parseBoolean(isSubTargetUsed)) {
+					check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB);
+					if (!ValidationHelper.isValidAdminTarget(check)) {
+						log.info("Not valid Target-Subsector");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB, 
+								"PublicService - Target SubSector",
+								LanguageHelper.getErrorString("validation.general.target.subsector.valid")));
+
+					}
+				}												
+			}
+		}
+				
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java
new file mode 100644
index 000000000..96088b6eb
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesbPKDecryptionTask.java
@@ -0,0 +1,137 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.task.impl;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+import java.util.Map;
+import java.util.regex.Pattern;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.components.configuration.api.Configuration;
+import at.gv.egiz.components.configuration.api.ConfigurationException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
+import at.gv.egovernment.moa.id.config.webgui.exception.ConfigurationTaskValidationException;
+import at.gv.egovernment.moa.id.config.webgui.exception.ValidationObjectIdentifier;
+import at.gv.egovernment.moa.id.config.webgui.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator;
+import at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+/**
+ * @author tlenz
+ *
+ */
+public class ServicesbPKDecryptionTask extends AbstractTaskValidator implements ITaskValidator {
+	private static final Logger log = LoggerFactory.getLogger(ServicesbPKDecryptionTask.class);
+	private static final List<String> KEYWHITELIST;
+		
+	static {
+		ArrayList<String> temp = new ArrayList<String>();		
+		KEYWHITELIST = Collections.unmodifiableList(temp);
+	}
+	
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getKeyPrefix()
+	 */
+	@Override
+	public String getKeyPrefix() {
+		return "";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Service - bPK-Decryption Configuration Task";
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.ITaskValidator#postProcessing(java.util.Map, java.util.List, at.gv.egiz.components.configuration.api.Configuration)
+	 */
+	@Override
+	public Map<String, String> postProcessing(Map<String, String> input,
+			List<String> keysToDelete, Configuration dbconfig) {
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#tastValidate(java.util.Map)
+	 */
+	@Override
+	protected void taskValidate(Map<String, String> input)
+			throws ConfigurationTaskValidationException {				
+		List<ValidationObjectIdentifier> errors = new ArrayList<ValidationObjectIdentifier>();
+
+		
+		//TODO:
+		
+		
+//		String check = input.get(MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME);
+//		if (MiscUtil.isNotEmpty(check)) {
+//			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+//				log.warn("OAFriendlyName contains potentail XSS characters: " + check);
+//				errors.add(new ValidationObjectIdentifier(
+//						MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, 
+//						"FriendlyName",
+//						LanguageHelper.getErrorString("validation.general.oafriendlyname.valid", 
+//						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)})));
+//			}
+//		} else {
+//			log.info("OA friendlyName is empty");
+//			errors.add(new ValidationObjectIdentifier(
+//					MOAIDConfigurationConstants.SERVICE_FRIENDLYNAME, 
+//					"FriendlyName",
+//					LanguageHelper.getErrorString("validation.general.oafriendlyname.empty")));
+//		}
+//		
+//		String isBusinessService = input.get(MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE);
+//		if (MiscUtil.isEmpty(isBusinessService)) {
+//			log.info("OA businessservice flag is empty");
+//			errors.add(new ValidationObjectIdentifier(
+//					MOAIDConfigurationConstants.SERVICE_BUSINESSSERVICE, 
+//					"BusinessService",
+//					LanguageHelper.getErrorString("validation.general.businessservice.empty")));
+//			
+//		}
+		
+					
+		if (!errors.isEmpty())
+			throw new ConfigurationTaskValidationException(errors);
+				
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egovernment.moa.id.config.webgui.validation.task.AbstractTaskValidator#getAllAllowedKeys()
+	 */
+	@Override
+	public List<Pattern> getAllAllowedPatterns() {
+		return generatePatternsFromKeys(KEYWHITELIST);
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java
new file mode 100644
index 000000000..6ec48fa43
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/MetaDataVerificationFilter.java
@@ -0,0 +1,122 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+import java.util.Iterator;
+
+import org.opensaml.common.SignableSAMLObject;
+import org.opensaml.saml2.metadata.EntitiesDescriptor;
+import org.opensaml.saml2.metadata.EntityDescriptor;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.security.SAMLSignatureProfileValidator;
+import org.opensaml.xml.XMLObject;
+import org.opensaml.xml.security.credential.Credential;
+import org.opensaml.xml.security.x509.BasicX509Credential;
+import org.opensaml.xml.signature.SignatureValidator;
+import org.opensaml.xml.validation.ValidationException;
+
+import at.gv.egovernment.moa.id.config.webgui.exception.SignatureValidationException;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class MetaDataVerificationFilter implements MetadataFilter {
+
+	BasicX509Credential credential;
+	
+	public MetaDataVerificationFilter(BasicX509Credential credential) {
+		this.credential = credential;
+	}
+	
+	
+	public void doFilter(XMLObject metadata) throws SignatureValidationException {
+		
+		if (metadata instanceof EntitiesDescriptor) {
+			EntitiesDescriptor entitiesDescriptor = (EntitiesDescriptor) metadata;
+			if(entitiesDescriptor.getSignature() == null) {
+				throw new SignatureValidationException("Root element of metadata file has to be signed");
+			}
+			try {
+				processEntitiesDescriptor(entitiesDescriptor);
+				
+			} catch (SignatureValidationException e) {
+				throw new SignatureValidationException("Invalid signature element in EntitiesDescriptor");
+			}
+			
+		} if (metadata instanceof EntityDescriptor) {									
+			try {
+				EntityDescriptor entity = (EntityDescriptor) metadata;
+				if (entity.getSignature() != null)
+					verify(entity, this.credential);
+				
+				else
+					throw new SignatureValidationException("Root element of metadata file has to be signed", null);
+				
+			} catch (SignatureValidationException e) {
+				throw new SignatureValidationException("Invalid signature element in EntityDescriptor", null);
+			}				
+		}
+	}
+	
+	private void processEntitiesDescriptor(EntitiesDescriptor desc) throws SignatureValidationException {
+		Iterator<EntitiesDescriptor> entID = desc.getEntitiesDescriptors().iterator();
+		
+		if(desc.getSignature() != null) {
+			verify(desc, this.credential);
+		}
+		
+		while(entID.hasNext()) {
+			processEntitiesDescriptor(entID.next());
+		}
+		
+		Iterator<EntityDescriptor> entIT = desc.getEntityDescriptors().iterator();
+		
+		while(entIT.hasNext()) {
+			EntityDescriptor entity = entIT.next();
+			if (entity.getSignature() != null)
+				verify(entity, this.credential);
+		}
+	}
+	
+	private void verify(SignableSAMLObject entityDescriptor, Credential cred)
+			throws SignatureValidationException {
+		if (entityDescriptor.getSignature() == null) {
+			throw new SignatureValidationException("PVP2X Metadata not signed");
+		}
+
+		try {
+			SAMLSignatureProfileValidator sigValidator = new SAMLSignatureProfileValidator();
+			sigValidator.validate(entityDescriptor.getSignature());
+		} catch (ValidationException e) {
+			Logger.error("Failed to validate Signature", e);
+			throw new SignatureValidationException("Failed to validate Signature", e);
+		}
+
+		SignatureValidator sigValidator = new SignatureValidator(cred);
+		try {
+			sigValidator.validate(entityDescriptor.getSignature());
+		} catch (ValidationException e) {
+			Logger.error("Failed to verfiy Signature", e);
+			throw new SignatureValidationException("Failed to verfiy Signature", e);
+			
+		}
+	}
+}
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java
new file mode 100644
index 000000000..587afe381
--- /dev/null
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/utils/SchemaValidationFilter.java
@@ -0,0 +1,98 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.config.webgui.validation.utils;
+
+import org.opensaml.saml2.metadata.provider.FilterException;
+import org.opensaml.saml2.metadata.provider.MetadataFilter;
+import org.opensaml.xml.XMLObject;
+
+import javax.xml.transform.dom.DOMSource;
+import javax.xml.validation.Schema;
+import javax.xml.validation.Validator;
+
+import org.opensaml.common.xml.SAMLSchemaBuilder;
+
+import org.xml.sax.SAXException;
+
+import at.gv.egovernment.moa.id.config.webgui.exception.SchemaValidationException;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class SchemaValidationFilter implements MetadataFilter {
+
+	private boolean isActive = true;
+	
+	/**
+	 * 
+	 */
+	public SchemaValidationFilter(boolean useSchemaValidation) {
+		this.isActive = useSchemaValidation;
+	}
+	
+	
+	/* (non-Javadoc)
+	 * @see org.opensaml.saml2.metadata.provider.MetadataFilter#doFilter(org.opensaml.xml.XMLObject)
+	 */
+	@Override
+	public void doFilter(XMLObject arg0) throws SchemaValidationException {
+		
+		String errString = null;
+		
+		if (isActive) {
+			try {
+				Schema test = SAMLSchemaBuilder.getSAML11Schema();
+				Validator val = test.newValidator();
+				DOMSource source = new DOMSource(arg0.getDOM());		
+				val.validate(source);
+				Logger.info("Metadata Schema validation check done OK");
+				return;
+			
+			} catch (SAXException e) {
+				if (Logger.isDebugEnabled() || Logger.isTraceEnabled())
+					Logger.warn("Metadata Schema validation FAILED with exception:", e);
+				else
+					Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
+
+				errString = e.getMessage();
+				
+			} catch (Exception e) {
+				if (Logger.isDebugEnabled() || Logger.isTraceEnabled())
+					Logger.warn("Metadata Schema validation FAILED with exception:", e);
+				else
+					Logger.warn("Metadata Schema validation FAILED with message: "+ e.getMessage());
+				
+				errString = e.getMessage();
+				
+			}
+			
+			throw new SchemaValidationException("Metadata Schema validation FAILED with message: "+ errString);
+			
+		} else		
+			Logger.info("Metadata Schema validation check is DEACTIVATED!");
+		
+	}
+
+}
diff --git a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator
index 42bc23c95..8faf16843 100644
--- a/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator
+++ b/id/moa-id-webgui/src/main/resources/META-INF/services/at.gv.egovernment.moa.id.config.webgui.validation.task.IDynamicLoadableTaskValidator
@@ -1 +1,5 @@
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolOpenIDTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolPVP2XTask
 at.gv.egovernment.moa.id.config.webgui.validation.task.impl.GeneralSTORKConfigurationTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesAuthenticationSTORKTask
+at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesProtocolSTORKTask
+\ No newline at end of file
diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties
index 2f36ab125..bb0499020 100644
--- a/id/moa-id-webgui/src/main/resources/applicationResources_de.properties
+++ b/id/moa-id-webgui/src/main/resources/applicationResources_de.properties
@@ -6,6 +6,7 @@ config.02=Configfile is not readable. ({0})
 config.03=Hibernate Database connector can not be initialized
 config.04=OpenSAML (PVP2 Login) can not be initialized
 config.05=Configuration file not defined
+config.06=Configfile {1} does not start with {0} prefix.
 
 error.title=Fehler:
 error.login.internal=W\u00E4hrend der Verarbeitung ist ein interner Fehler aufgetreten. Bitte Versuchen Sie es nocheinmal oder kontaktieren Sie den Administrator.
@@ -372,7 +373,8 @@ validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folge
 
 validation.general.SAML1SourceID=Die SAML1SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
 validation.general.publicURLprefix.empty=Public URL Prefix Feld ist leer.
-validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00F6ltiges Format.
+validation.general.publicURLprefix.valid=Public URL Prefix hat kein g\u00FCltiges Format.
+validation.general.businessservice.empty=Die Application ist weder dem \u00F6ffentlichen noch dem privaten Sektor zugeordnet.
 validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
 validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
 validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
diff --git a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties
index 154f380ae..420ac27ec 100644
--- a/id/moa-id-webgui/src/main/resources/applicationResources_en.properties
+++ b/id/moa-id-webgui/src/main/resources/applicationResources_en.properties
@@ -6,6 +6,7 @@ config.02=Configfile is not readable. ({0})
 config.03=Hibernate Database connector can not be initialized
 config.04=OpenSAML (PVP2 Login) can not be initialized
 config.05=Configuration file is not defined
+config.06=Configfile {1} does not start with {0} prefix.
 
 error.title=Error:
 error.login.internal=The error occurred during the processing. Please try again or contact Administrator.
@@ -371,6 +372,7 @@ validation.edituser.bpk.valid=BPK contains forbidden characters. The following c
 validation.general.SAML1SourceID=SAML1SourceID contains forbidden characters. The following characters are not allowed\: {0}
 validation.general.publicURLprefix.empty=Public URL Prefix is blank.
 validation.general.publicURLprefix.valid=Public URL Prefix has invalid format.
+validation.general.businessservice.empty=Online application is no public or private application.
 validation.general.certStoreDirectory.empty=CertStoreDirectory is blank.
 validation.general.certStoreDirectory.valid=CertStoreDirectory Feld contains forbidden characters. The following characters are not allowed\: {0}
 validation.general.Defaultchainigmode.empty=There is no DefaultChainingMode selected.
diff --git a/id/moa-id-webgui/src/main/resources/gui/meta.properties b/id/moa-id-webgui/src/main/resources/gui/meta.properties
index 177dff6f1..0abf358d9 100644
--- a/id/moa-id-webgui/src/main/resources/gui/meta.properties
+++ b/id/moa-id-webgui/src/main/resources/gui/meta.properties
@@ -1,28 +1,76 @@
-__BASE__.moaid.0=moa.id.general
-
-#__BASE__.all.1=moa.id.gateway
+__BASE__.moaidgeneral.0=moa.id.general
+__BASE__.moaidoa.0=moa.id.services.oa
+__BASE__.moaidinterfederation.0=moa.id.services
 
 moa.id.general.__TY=general
 moa.id.general.__CA=General Configuration
 moa.id.general.__DE=General MOA-ID Configuration
 
-#moa.id.oa.__GR=moa.id
-#moa.id.oa.__TY=ARRAY
-#moa.id.oa.__ADD=true
-#moa.id.oa.__DEL=true
-#moa.id.oa.__CA=List of online Applications
-#moa.id.oa.__DE=Long description of the list of online Applications...
-#moa.id.oa.__CTY=OA
-#moa.id.oa.__CCA=Name;Online Applications URL
-#moa.id.oa.__CIDS=name;url
-#moa.id.oa.__CDE=An online Application
-
-
-#moa.id.oa.__TE.name=Online Application Template
-#moa.id.oa.__TE.url=http://sampleonline.application.com/
-#moa.id.oa.__TE.attributes.0.name=Vorname
-#moa.id.oa.__TE.attributes.0.type=FIRSTNAME
-#moa.id.oa.__TE.attributes.0.required=true
-#moa.id.oa.__TE.__CA=A Template for an online Application
-#moa.id.oa.__TE.__DE=Long description of the list of online Applications...
+moa.id.services.__TY=GROUP
+moa.id.services.__CA=MOA-ID Interfederation Services
+moa.id.services.__DE=Interfederation Services
+
+##Online application##
+moa.id.services.oa.__TY=ARRAY
+moa.id.services.oa.__ADD=true
+moa.id.services.oa.__DEL=true
+moa.id.services.oa.__CA=List of online Applications
+moa.id.services.oa.__DE=All actually configured online application
+moa.id.services.oa.__CTY=moaidoa
+moa.id.services.oa.__CCA=Unique ID;Friendlyname
+moa.id.services.oa.__CIDS=uniqueID;friendlyName
+moa.id.services.oa.__CDE=Online Application
+
+moa.id.services.oa.__TE.friendlyName=Sample Name
+moa.id.services.oa.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.oa.__TE.isActive=false
+
+##V-IDP##
+moa.id.services.vidp.__GR=moa.id.services
+moa.id.services.vidp.__TY=ARRAY
+moa.id.services.vidp.__ADD=true
+moa.id.services.vidp.__DEL=true
+moa.id.services.vidp.__CA=List of V-IDPs
+moa.id.services.vidp.__DE=All actually configured V-IDP instances
+moa.id.services.vidp.__CTY=moaidvidp
+moa.id.services.vidp.__CCA=Unique ID;Friendlyname
+moa.id.services.vidp.__CIDS=uniqueID;friendlyName
+moa.id.services.vidp.__CDE=V-IDP
+
+moa.id.services.vidp.__TE.friendlyName=Sample V-IDP
+moa.id.services.vidp.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.vidp.__TE.isActive=false
+
+##I-IDP##
+moa.id.services.iidp.__GR=moa.id.services
+moa.id.services.iidp.__TY=ARRAY
+moa.id.services.iidp.__ADD=true
+moa.id.services.iidp.__DEL=true
+moa.id.services.iidp.__CA=List of Interfederation IDPs
+moa.id.services.iidp.__DE=All actually configured I-IDP instances
+moa.id.services.iidp.__CTY=moaidiidp
+moa.id.services.iidp.__CCA=Unique ID;Friendlyname
+moa.id.services.iidp.__CIDS=uniqueID;friendlyName
+moa.id.services.iidp.__CDE=I-IDP
+
+moa.id.services.iidp.__TE.friendlyName=Sample I-IDP
+moa.id.services.iidp.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.iidp.__TE.isActive=false
+
+##Gateway##
+moa.id.services.gateway.__GR=moa.id.services
+moa.id.services.gateway.__TY=ARRAY
+moa.id.services.gateway.__ADD=true
+moa.id.services.gateway.__DEL=true
+moa.id.services.gateway.__CA=List of STORK<->PVP Gateways
+moa.id.services.gateway.__DE=All actually configured Gateway instances
+moa.id.services.gateway.__CTY=moaidgateway
+moa.id.services.gateway.__CCA=Unique ID;Friendlyname
+moa.id.services.gateway.__CIDS=uniqueID;friendlyName
+moa.id.services.gateway.__CDE=V-IDP
+
+moa.id.services.gateway.__TE.friendlyName=Sample Gateway
+moa.id.services.gateway.__TE.uniqueID=http://sampleonline.application.com/
+moa.id.services.gateway.__TE.isActive=false
+
 
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/gateway.json b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json
new file mode 100644
index 000000000..50ccd200c
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/gateway.json
@@ -0,0 +1,50 @@
+{
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "id": "http://www.egiz.gv.at/dynUI/OA",
+    "typeName": "moaidgateway",
+    "type": "object",
+    "title": "STORK<->PVP Gateway",
+    "format": "tabs",
+    "properties": {
+        "isActive" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "is Active"
+        },
+        "uniqueID": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+            "type": "string",
+            "format": "url",
+            "title": "Unique Identifier (PublicURLPrefix)"
+        },
+        "friendlyName": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+            "type": "string",
+            "title": "Friendlyname"
+        },
+        "businessservice" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/type",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "Private Sector application"
+        },
+        "interfederation": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/interfederation",
+            "type": "object",
+            "title": "PVP Gateway",
+            "description": "STORK<->PVP Gateway configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                "forward.IDP": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/forward/entityID",
+                    "type": "string",
+                    "title": "PVP portal EntityID"
+                }
+            }
+        }                                        
+    },
+    "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/general.json b/id/moa-id-webgui/src/main/resources/gui/types/general.json
index a4addb5f8..f7861332d 100644
--- a/id/moa-id-webgui/src/main/resources/gui/types/general.json
+++ b/id/moa-id-webgui/src/main/resources/gui/types/general.json
@@ -24,16 +24,19 @@
             	"onlineBKU" : {
             		"id": "http://www.egiz.gv.at/dynUI/general/bkuurls/online",
             		"type": "string",
+            		"format": "url",
             		"title": "Online BKU"
             	},
             	"handyBKU" : {
             		"id": "http://www.egiz.gv.at/dynUI/general/bkuurls/handy",
             		"type": "string",
+            		"format": "url",
             		"title": "Handy BKU"
             	},
             	"localBKU" : {
             		"id": "http://www.egiz.gv.at/dynUI/general/bkuurls/local",
             		"type": "string",
+            		"format": "url",
             		"title": "Local BKU"
             	}
             }
@@ -87,6 +90,10 @@
             	         "preview" : {
             		          "id": "http://www.egiz.gv.at/dynUI/general/auth/authblock/transform/preview",
             		          "type": "string"
+            	        },
+            	        "filename" : {
+            		      		"id": "http://www.egiz.gv.at/dynUIOA/general/auth/authblock/transform/filename",
+            		          "type": "string"
             	        }
                     }
                 },
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/iidp.json b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json
new file mode 100644
index 000000000..a42254c36
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/iidp.json
@@ -0,0 +1,124 @@
+{
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "id": "http://www.egiz.gv.at/dynUI/OA",
+    "typeName": "moaidiidp",
+    "type": "object",
+    "title": "Interfederation IDP",
+    "format": "tabs",
+    "properties": {
+        "isActive" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "is Active"
+        },
+        "uniqueID": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+            "type": "string",
+            "format": "url",
+            "title": "Unique Identifier (PublicURLPrefix)"
+        },
+        "friendlyName": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+            "type": "string",
+            "title": "Friendlyname"
+        },
+        "businessservice" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/type",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "Private Sector application"
+        },
+        "interfederation": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/interfederation",
+            "type": "object",
+            "title": "PVP Gateway",
+            "description": "STORK<->PVP Gateway configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                "SSO.inbound": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/inbound",
+                    "type": "boolean",
+                    "format" : "checkbox",
+                    "title": "Allow inbound SSO"
+                },
+                "SSO.outbound": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/outbound",
+                    "type": "boolean",
+                    "format" : "checkbox",
+                    "title": "Allow outbound SSO"
+                },
+                "SSO.store": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/store",
+                    "type": "boolean",
+                    "format" : "checkbox",
+                    "title": "Store SSO session"
+                },
+                "passiveReqeust": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/passiveReqeust",
+                    "type": "boolean",
+                    "format" : "checkbox",
+                    "title": "Use SAML2 isPassive attribute"
+                },
+                "localAuthOnError": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/sso/localAuthOnError",
+                    "type": "boolean",
+                    "format" : "checkbox",
+                    "title": "Local authentication in case of an error"
+                },
+                "attributequery.url": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/interfederation/attributequery/url",
+                    "type": "string",
+                    "title": "AttributeQuery service URL"
+                }
+            }
+        },
+        "protocols": {
+            "id": "http://www.egiz.gv.at/dynUI/oa/protocols",
+            "type": "object",
+            "title": "Protocols",
+            "description": "Authentication protocol configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                "pvp2x": {
+            				"id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x",
+            				"type": "object",
+            				"title": "PVP Configuration",
+            				"description": "PVP 2.x authentication protocol",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"URL" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url",
+            								"type": "string",
+            								"title": "Metadata URL"
+            						},
+                        "certificate": {
+                            "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate",
+                            "type": "object",
+                            "format": "file",
+                            "title": "Metadata certificate",
+                            "description": "Certificate for metadata signature validation",
+                            "properties": {
+            	                  "data" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data",
+            		                    "type": "string"
+            	                  },
+            	                  "preview" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview",
+            		                    "type": "string"
+            	                  }
+                            }
+                        }
+                    }
+                }
+            }
+        }                            
+    },
+    "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/oa.json b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
index eee0e97aa..aafc63b2e 100644
--- a/id/moa-id-webgui/src/main/resources/gui/types/oa.json
+++ b/id/moa-id-webgui/src/main/resources/gui/types/oa.json
@@ -1,7 +1,7 @@
 {
     "$schema": "http://json-schema.org/draft-04/schema#",
     "id": "http://www.egiz.gv.at/dynUI/OA",
-    "typeName": "oa",
+    "typeName": "moaidoa",
     "type": "object",
     "title": "Online Application Configuration",
     "format": "tabs",
@@ -29,7 +29,7 @@
             "format" : "checkbox",
             "title": "Private Sector application"
         },
-        "target": {
+        "auth.target": {
             "id": "http://www.egiz.gv.at/dynUI/OA/target",
             "type": "object",
             "title": "Target definition",
@@ -96,25 +96,36 @@
             		              "type": "string",
             		              "title": "Sub-Target"
             	           },
-                         "use.own" : {
-                              "id": "http://www.egiz.gv.at/dynUI/OA/target/public/useowntarget",
-                              "type": "boolean",
-                              "format" : "checkbox",
-                              "title": "Use own-target"
-                         },
-                         "own.target" : {
-            		              "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget",
-            		              "type": "string",
-            		              "title": "Own target"
-            	           },
-                         "own.name" : {
-            		              "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget/friendlyname",
-            		              "type": "string",
-            		              "title": "Own target - friendlyname"
-            	           }
+                         "own" : {
+                            "id": "http://www.egiz.gv.at/dynUI/OA/target/public/own",
+                            "type": "object",
+                            "title": "Own Target",
+                            "description": "Own Target definition",
+                            "options": {
+    						                "collapsed": true
+    				                },
+                            "properties": {
+                                "use" : {
+                                  "id": "http://www.egiz.gv.at/dynUI/OA/target/public/useowntarget",
+                                  "type": "boolean",
+                                  "format" : "checkbox",
+                                  "title": "Use own-target"
+                                },
+                                "target" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget",
+            		                    "type": "string",
+            		                    "title": "Own target"
+            	                  },
+                                "name" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/OA/target/public/owntarget/friendlyname",
+            		                    "type": "string",
+            		                    "title": "Own target - friendlyname"
+            	                 }
+                            }                        
+                        }
                     }
                 },
-                "private": {
+                "business": {
                     "id": "http://www.egiz.gv.at/dynUI/OA/target/private",
                     "type": "object",
                     "title": "Private Sector definition",
@@ -138,11 +149,515 @@
             		              "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value",
             		              "type": "string",
             		              "title": "Identifier"
-            	           },
+            	           }
                     }
                 }
             }
-        }
+        },
+        "auth": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/auth",
+            "type": "object",
+            "title": "Authentication",
+            "description": "Authentication configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                 "bku": {
+            				"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku",
+            				"type": "object",
+            				"title": "BKU configuration",
+            				"description": "Online application specific BKU communikation",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"onlineBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online",
+            								"type": "string",
+            								"title": "Online BKU"
+            						},
+            						"handyBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/handy",
+            								"type": "string",
+            								"title": "Handy BKU"
+            						},
+            						"localBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local",
+            								"type": "string",
+            								"title": "Local BKU"
+            						},
+                        "keyBoxIdentifier" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier",
+            								"type": "string",
+            								"title": "KeyBoxIdentifier",
+                            "enum": [
+                                        "SecureSignatureKeypair",
+                                        "CertifiedKeypair"
+                                        ] 
+            						},
+                        "template": {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template",
+            				        "type": "object",
+            				        "title": "SecurityLayer Templates",
+            				        "description": "Online application specific SecurityLayer templates",
+            				        "options": {
+    										        "collapsed": true
+    								        },
+            				        "properties": {
+            						        "legacy" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy",
+            								        "type": "boolean",
+                                    "format" : "checkbox",
+            								        "title": "Activate Legacy Mode"
+            						        },
+            						        "first.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url",
+            								        "type": "string",
+            								        "title": "First SL-Template"
+                                },
+                                "second.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url",
+            								        "type": "string",
+            								        "title": "Second SL-Template"
+                                },
+                                "third.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url",
+            								        "type": "string",
+            								        "title": "Third SL-Template"
+                                }
+                            }
+                        }                                                
+                    }
+            		},
+                "templates": {
+            				"id": "http://www.egiz.gv.at/dynUI/OA/auth/templates",
+            				"type": "object",
+            				"title": "BKU selection customization",
+            				"description": "Customization of the BKU selection form",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+                        "customize": {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize",
+            				        "type": "object",
+            				        "title": "Customize default template",
+            				        "description": "Customization of the default template",
+            				        "options": {
+    										        "collapsed": true
+    								        },
+            				        "properties": {
+            						        "fonttype" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "color.back" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back",
+            								        "type": "string",
+            								        "title": "Backcolor"
+            						        },
+                                "color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front",
+            								        "type": "string",
+            								        "title": "Frontcolor"
+            						        },
+                                "header.color.back" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back",
+            								        "type": "string",
+            								        "title": "Header Backcolor"
+            						        },
+                                "header.color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front",
+            								        "type": "string",
+            								        "title": "Header Frontcolor"
+            						        },
+                                "header.text" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text",
+            								        "type": "string",
+            								        "title": "Header Text"
+            						        },
+                                "button.color.back.focus" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "button.color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "applet.redirecttarget" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget",
+            								        "type": "string",
+            								        "title": "Applet - Redirect Target",
+                                    "enum": [
+                                        "_blank",
+                                        "_self",
+                                        "_parent",
+                                        "_top"
+                                        ] 
+            						        },
+                                "applet.hight" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight",
+            								        "type": "string",
+            								        "title": "Applet - Hight"
+            						        },
+                                "applet.width" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width",
+            								        "type": "string",
+            								        "title": "Applet - Width"
+            						        }
+                            }
+                        },
+            						"bkuselection": {
+                            "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection",
+                            "type": "object",
+                            "format": "file",
+                            "title": "BKU selection template",
+                            "description": "Applicatio specific BKU selection template",
+                            "properties": {
+            	                   "data" : {
+            		                      "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data",
+            		                      "type": "string"
+            	                   },
+            	                   "preview" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview",
+            		                      "type": "string"
+            	                   },
+            	                   "filename" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename",
+            		                      "type": "string"
+            	                   }
+                            }
+                        },
+                        "sendAssertion": {
+                            "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion",
+                            "type": "object",
+                            "format": "file",
+                            "title": "SendAssertion selection template",
+                            "description": "Applicatio specific SendAssertion template",
+                            "properties": {
+            	                   "data" : {
+            		                      "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data",
+            		                      "type": "string"
+            	                   },
+            	                   "preview" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview",
+            		                      "type": "string"
+            	                   },
+            	                   "filename" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename",
+            		                      "type": "string"
+            	                   }
+                            }
+                        }
+                    }
+                },
+                "authblock": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock",
+            			  "type": "object",            			   
+                    "title": "AuthBlock configuration",
+            			  "description": "Online application specific AuthBlock configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "removebPK" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Remove bPK/wbPK"
+            				    },
+            				    "additionaltext" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text",
+            						    "type": "string",
+                            "format": "textarea",
+            						    "title": "Additional AuthBlock Text"
+                        }
+                    }
+                },
+                "testcredentials": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials",
+            			  "type": "object",            			   
+                    "title": "Test identities",
+            			  "description": "Test identities configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "enabled" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Enable test identities"
+            				    },
+            				    "oids" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids",
+            						    "type": "string",
+            						    "title": "Allowed test-identity OIDs"
+                        }
+                    }
+                },
+                "mandates": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates",
+            			  "type": "object",            			   
+                    "title": "Mandates",
+            			  "description": "Online mandate configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "use" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/use",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Mandates (yes/no)"
+            				    },
+                        "only" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/only",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Only mandates allowed"
+            				    },
+            				    "profiles" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/mandates/profiles",
+            						    "type": "string",
+            						    "title": "Allowed mandated profiles"
+                        }
+                    }
+                },
+                "sso": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso",
+            			  "type": "object",            			   
+                    "title": "Single Sign-On (SSO)",
+            			  "description": "Single Sign-On configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "enabled" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/enabled",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Single Sign-On (yes/no)"
+            				    },
+                        "userRequest" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/sso/sendassertionrequest",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Additional Userrequest"
+            				    }
+                    }
+                },
+                "stork": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork",
+            			  "type": "object",            			   
+                    "title": "STORK",
+            			  "description": "STORK configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "enabled" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/enabled",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Enable STORK logon"
+            				    },
+                        "minqaalevel" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/minqaa",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Minimum QAA Level"
+            				    },
+                        "countries" : {
+                            "type": "array",
+                            "title": "Countries",
+                            "format": "table",
+                            "options": {
+    											     "collapsed": true,
+                               "disable_array_add": true,
+                               "disable_array_delete": true,
+                               "disable_array_reorder": true
+    									      },
+                            "items": {
+                                "type": "object",
+                                "properties": {
+                                    "countrycode": {
+                                        "type": "string",
+                                        "readOnly": true,
+                                        "title": "CountryCode"
+                                    },
+                                    "enabled": {
+                                        "type": "boolean",
+                                        "format": "checkbox",
+                                        "title": "Enabled"
+                                    }
+                                }
+                            }
+                        },
+                        "attributes" : {
+                            "type": "array",
+                            "title": "Attributes",
+                            "format": "table",
+                            "options": {
+    											     "collapsed": true,
+                               "disable_array_add": true,
+                               "disable_array_delete": true,
+                               "disable_array_reorder": true
+    									      },
+                            "items": {
+                                "type": "object",
+                                "properties": {
+                                    "name": {
+                                        "type": "string",
+                                        "readOnly": true,
+                                        "title": "CountryCode"
+                                    },
+                                    "requested": {
+                                        "type": "boolean",
+                                        "format": "checkbox",
+                                        "title": "Requested"
+                                    },
+                                    "mandatory": {
+                                        "type": "boolean",
+                                        "format": "checkbox",
+                                        "title": "Mandatory"
+                                    }
+                                }
+                            }
+                        }                        
+                    }
+                }
+            }
+        },
+        "protocols": {
+            "id": "http://www.egiz.gv.at/dynUI/oa/protocols",
+            "type": "object",
+            "title": "Protocols",
+            "description": "Authentication protocol configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+            		"saml1": {
+            				"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1",
+            				"type": "object",
+            				"title": "SAML1 Configuration",
+            				"description": "SAML1 authentication protocol",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"enabled" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/enabled",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "Enabled"
+            						},
+                        "idl" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/idl",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "IdentityLink"                            
+            						},
+                        "baseid" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/baseid",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "BaseID"
+            						},
+                        "authblock" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/authblock",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "AuthBlock"
+            						},
+                        "certificate" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/certificate",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "Signer Certificate"
+            						},
+                        "mandate" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/mandate",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "Full mandate"
+            						},
+                        "returnError" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/saml1/returnError",
+            								"type": "boolean",
+                            "format" : "checkbox",
+            								"title": "Return Errors to Application"
+            						}
+                    }
+                },
+                "pvp2x": {
+            				"id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x",
+            				"type": "object",
+            				"title": "PVP Configuration",
+            				"description": "PVP 2.x authentication protocol",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"URL" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/url",
+            								"type": "string",
+            								"title": "Metadata URL"
+            						},
+                        "certificate": {
+                            "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate",
+                            "type": "object",
+                            "format": "file",
+                            "title": "Metadata certificate",
+                            "description": "Certificate for metadata signature validation",
+                            "properties": {
+            	                  "data" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/data",
+            		                    "type": "string"
+            	                  },
+            	                  "preview" : {
+            		                    "id": "http://www.egiz.gv.at/dynUI/oa/protocols/pvp2x/metadata/certificate/preview",
+            		                    "type": "string"
+            	                  }
+                            }
+                        }
+                    }
+                },
+                "openID" : {
+            				"id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid",
+            				"type": "object",
+            				"title": "OpenID Connect Configuration",
+            				"description": "OpenID Connect authentication protocol",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"clientID" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientid",
+            								"type": "string",
+                            "readOnly" : true,
+            								"title": "Client-ID"
+            						},
+                        "secret" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/clientsecret",
+            								"type": "string",
+                            "readOnly" : true,
+            								"title": "Client-Secret"
+            						},
+                        "redirectURL" : {
+            								"id": "http://www.egiz.gv.at/dynUI/oa/protocols/openid/redirectURL",
+            								"type": "string",
+            								"title": "Client-Secret"
+            						}                      
+                    }
+            		}
+            }
+        }                                        
     },
     "required": ["uniqueID", "friendlyName"]
 }
diff --git a/id/moa-id-webgui/src/main/resources/gui/types/vidp.json b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json
new file mode 100644
index 000000000..3e6e4fb7b
--- /dev/null
+++ b/id/moa-id-webgui/src/main/resources/gui/types/vidp.json
@@ -0,0 +1,371 @@
+{
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "id": "http://www.egiz.gv.at/dynUI/OA",
+    "typeName": "moaidvidp",
+    "type": "object",
+    "title": "STORK V-IDP",
+    "format": "tabs",
+    "properties": {
+        "isActive" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/isactive",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "is Active"
+        },
+        "uniqueID": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/uniqueId",
+            "type": "string",
+            "format": "url",
+            "title": "Unique Identifier (PublicURLPrefix)"
+        },
+        "friendlyName": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/friendlyname",
+            "type": "string",
+            "title": "Friendlyname"
+        },
+        "businessservice" : {
+            "id": "http://www.egiz.gv.at/dynUI/OA/type",
+            "type": "boolean",
+            "format" : "checkbox",
+            "title": "Private Sector application"
+        },
+        "auth.target": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/target",
+            "type": "object",
+            "title": "Target definition",
+            "description": "bPK or wbPK target definitions",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                "business": {
+                    "id": "http://www.egiz.gv.at/dynUI/OA/target/private",
+                    "type": "object",
+                    "title": "Private Sector definition",
+                    "description": "wbPK target definitions",
+                    "options": {
+    						        "collapsed": true
+    				        },
+                    "properties": {  
+            	           "type" : {
+            		              "id": "http://www.egiz.gv.at/dynUI/OA/target/private/type",
+            		              "type": "string",
+            		              "title": "Sector Type",
+                              "enum": [
+                                      "FN",
+                                      "ZVR",
+                                      "ERSB",
+                                      "STORK"
+                                      ]
+            	           },
+            	           "value" : {
+            		              "id": "http://www.egiz.gv.at/dynUI/OA/target/private/value",
+            		              "type": "string",
+            		              "title": "Identifier"
+            	           }
+                    }
+                }
+            }
+        },
+        "auth": {
+            "id": "http://www.egiz.gv.at/dynUI/OA/auth",
+            "type": "object",
+            "title": "Authentication",
+            "description": "Authentication configuration",
+            "options": {
+    						"collapsed": true
+    				},
+            "properties": {
+                 "bku": {
+            				"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku",
+            				"type": "object",
+            				"title": "BKU configuration",
+            				"description": "Online application specific BKU communikation",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+            						"onlineBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/online",
+            								"type": "string",
+            								"title": "Online BKU"
+            						},
+            						"handyBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/handy",
+            								"type": "string",
+            								"title": "Handy BKU"
+            						},
+            						"localBKU" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/local",
+            								"type": "string",
+            								"title": "Local BKU"
+            						},
+                        "keyBoxIdentifier" : {
+            								"id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/keyBoxIdentifier",
+            								"type": "string",
+            								"title": "KeyBoxIdentifier",
+                            "enum": [
+                                        "SecureSignatureKeypair",
+                                        "CertifiedKeypair"
+                                        ] 
+            						},
+                        "template": {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template",
+            				        "type": "object",
+            				        "title": "SecurityLayer Templates",
+            				        "description": "Online application specific SecurityLayer templates",
+            				        "options": {
+    										        "collapsed": true
+    								        },
+            				        "properties": {
+            						        "legacy" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/bku/template/legacy",
+            								        "type": "boolean",
+                                    "format" : "checkbox",
+            								        "title": "Activate Legacy Mode"
+            						        },
+            						        "first.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/first/url",
+            								        "type": "string",
+            								        "title": "First SL-Template"
+                                },
+                                "second.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/second/url",
+            								        "type": "string",
+            								        "title": "Second SL-Template"
+                                },
+                                "third.url" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/third/url",
+            								        "type": "string",
+            								        "title": "Third SL-Template"
+                                }
+                            }
+                        }                                                
+                    }
+            		},
+                "templates": {
+            				"id": "http://www.egiz.gv.at/dynUI/OA/auth/templates",
+            				"type": "object",
+            				"title": "BKU selection customization",
+            				"description": "Customization of the BKU selection form",
+            				"options": {
+    										"collapsed": true
+    								},
+            				"properties": {
+                        "customize": {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize",
+            				        "type": "object",
+            				        "title": "Customize default template",
+            				        "description": "Customization of the default template",
+            				        "options": {
+    										        "collapsed": true
+    								        },
+            				        "properties": {
+            						        "fonttype" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/fonttype",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "color.back" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/back",
+            								        "type": "string",
+            								        "title": "Backcolor"
+            						        },
+                                "color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/color/front",
+            								        "type": "string",
+            								        "title": "Frontcolor"
+            						        },
+                                "header.color.back" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/back",
+            								        "type": "string",
+            								        "title": "Header Backcolor"
+            						        },
+                                "header.color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/color/front",
+            								        "type": "string",
+            								        "title": "Header Frontcolor"
+            						        },
+                                "header.text" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/header/text",
+            								        "type": "string",
+            								        "title": "Header Text"
+            						        },
+                                "button.color.back.focus" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/back/focus",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "button.color.front" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/button/color/front",
+            								        "type": "string",
+            								        "title": "Font Type"
+            						        },
+                                "applet.redirecttarget" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/redirecttarget",
+            								        "type": "string",
+            								        "title": "Applet - Redirect Target",
+                                    "enum": [
+                                        "_blank",
+                                        "_self",
+                                        "_parent",
+                                        "_top"
+                                        ] 
+            						        },
+                                "applet.hight" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/hight",
+            								        "type": "string",
+            								        "title": "Applet - Hight"
+            						        },
+                                "applet.width" : {
+            								        "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/customize/applet/width",
+            								        "type": "string",
+            								        "title": "Applet - Width"
+            						        }
+                            }
+                        },
+            						"bkuselection": {
+                            "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection",
+                            "type": "object",
+                            "format": "file",
+                            "title": "BKU selection template",
+                            "description": "Applicatio specific BKU selection template",
+                            "properties": {
+            	                   "data" : {
+            		                      "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/bkuselection/data",
+            		                      "type": "string"
+            	                   },
+            	                   "preview" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/preview",
+            		                      "type": "string"
+            	                   },
+            	                   "filename" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/bkuselection/filename",
+            		                      "type": "string"
+            	                   }
+                            }
+                        },
+                        "sendAssertion": {
+                            "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion",
+                            "type": "object",
+                            "format": "file",
+                            "title": "SendAssertion selection template",
+                            "description": "Applicatio specific SendAssertion template",
+                            "properties": {
+            	                   "data" : {
+            		                      "id": "http://www.egiz.gv.at/dynUI/OA/auth/template/sendAssertion/data",
+            		                      "type": "string"
+            	                   },
+            	                   "preview" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/preview",
+            		                      "type": "string"
+            	                   },
+            	                   "filename" : {
+            		                      "id": "http://www.egiz.gv.at/dynUIOA/auth/template/sendAssertion/filename",
+            		                      "type": "string"
+            	                   }
+                            }
+                        }
+                    }
+                },
+                "authblock": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock",
+            			  "type": "object",            			   
+                    "title": "AuthBlock configuration",
+            			  "description": "Online application specific AuthBlock configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "removebPK" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/removebpk",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Remove bPK/wbPK"
+            				    },
+            				    "additionaltext" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/authblock/text",
+            						    "type": "string",
+                            "format": "textarea",
+            						    "title": "Additional AuthBlock Text"
+                        }
+                    }
+                },
+                "testcredentials": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials",
+            			  "type": "object",            			   
+                    "title": "Test identities",
+            			  "description": "Test identities configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "enabled" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/enabled",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Enable test identities"
+            				    },
+            				    "oids" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/testcredentials/oids",
+            						    "type": "string",
+            						    "title": "Allowed test-identity OIDs"
+                        }
+                    }
+                },
+                "stork": {
+            		    "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork",
+            			  "type": "object",            			   
+                    "title": "STORK",
+            			  "description": "STORK configuration",
+            			  "options": {
+    							     "collapsed": true
+    						    },
+            		    "properties": {
+            		        "requireConsent" : {
+            				        "id": "http://www.egiz.gv.at/dynUI/OA/auth/stork/requireConsent",
+            						    "type": "boolean",
+                            "format" : "checkbox",
+            						    "title": "Ask the user for attributes transfer consent"
+            				    },
+                        "attributeprovider" : {
+                            "type": "array",
+                            "title": "Attribute-Provider Plug-ins",
+                            "format": "table",
+                            "options": {
+    											     "collapsed": true
+    									      },
+                            "items": {
+                                "type": "object",
+                                "properties": {
+                                    "name": {
+                                        "type": "string",
+                                        "title": "Attribute Plug-in",
+                                        "enum": [
+                                            "StorkAttributeRequestProvider",
+                                            "EHvdAttributeProvider_deprecated",
+                                            "EHvdAttributeProvider",
+                                            "SignedDocAttributeRequestProvider",
+                                            "MandateAttributeRequestProvider",
+                                            "PVPAuthenticationProvider"
+                                        ]
+                                    },
+                                    "url": {
+                                        "type": "string",
+                                        "format": "url",
+                                        "title": "URL"                                        
+                                    },
+                                    "attributes": {
+                                        "type": "string",
+                                        "title": "Attribute (CSV)"
+                                    }
+                                }
+                            }
+                        }                       
+                    }
+                }
+            }
+        }                                        
+    },
+    "required": ["uniqueID", "friendlyName"]
+}
diff --git a/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml
index 3d1528fdf..0ee7ac89c 100644
--- a/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml
+++ b/id/moa-id-webgui/src/main/resources/moaid.webgui.beans.xml
@@ -9,14 +9,16 @@
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
 		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
 
-
 	<bean id="moaidconfigurationmodul" class="at.gv.egovernment.moa.id.config.webgui.MOAIDConfigurationModul">
-		<property name="databaseConfiguration" ref="configPropertyDao"/>
+		<!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
 	</bean>
 
 	<bean id="moaidConfigurationValidiation" class="at.gv.egovernment.moa.id.config.webgui.validation.MOAIDConfigurationValidator">
-		<property name="databaseConfiguration" ref="configPropertyDao"/>
+		<!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
 	</bean>
-	
-		
+
+	<bean id="moaidServiceGeneralInfoTask" class="at.gv.egovernment.moa.id.config.webgui.validation.task.impl.ServicesGeneralInformationTask">
+		<!-- <property name="databaseConfiguration" ref="moaidconfig"/> -->
+	</bean>	
+			
 </beans>
 \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index f62c21ed9..54484a854 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -99,7 +99,7 @@ import at.gv.util.xsd.srzgw.MISType.Filters;
  * @version $Id: AuthenticationServer.java 1273 2012-02-27 14:50:18Z kstranacher
  *          $
  */
-public class AuthenticationServer implements MOAIDAuthConstants {
+public class AuthenticationServer extends MOAIDAuthConstants {
 
 	/**
 	 * single instance
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
index 5223a181d..3d12bae61 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthConstants.java
@@ -9,6 +9,9 @@ import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
 
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
+import at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration;
+
 import iaik.asn1.ObjectID;
 
 
@@ -18,7 +21,7 @@ import iaik.asn1.ObjectID;
  * @author Paul Ivancsics
  * @version $Id$
  */
-public interface MOAIDAuthConstants {
+public class MOAIDAuthConstants extends MOAIDConstants{
 
   /** servlet parameter &quot;Target&quot; */
   public static final String PARAM_TARGET = "Target";
@@ -113,9 +116,7 @@ public interface MOAIDAuthConstants {
   
 //  /** the number of the certifcate extension for party organ representatives */
 //  public static final String PARTY_ORGAN_REPRESENTATION_OID_NUMBER = PARTY_REPRESENTATION_OID_NUMBER + ".10";
-  
-  public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
-  
+    
   /** OW */
   public static final String OW_ORGANWALTER = PARTY_REPRESENTATION_OID_NUMBER + ".4";
   
@@ -143,8 +144,6 @@ public interface MOAIDAuthConstants {
   public static final String PARAM_APPLET_HEIGTH = "heigth";
   public static final String PARAM_APPLET_WIDTH = "width";
   
-  public static final String TESTCREDENTIALROOTOID = "1.2.40.0.10.2.4.1"; 
-  
   public static final Map<String, String> COUNTRYCODE_XX_TO_NAME = 
 			Collections.unmodifiableMap(new HashMap<String, String>() {
 				private static final long serialVersionUID = 1L;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index ffadc2631..573f2e09f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -116,7 +116,7 @@ import at.gv.util.xsd.szr.PersonInfoType;
  * @author tlenz
  *
  */
-public class AuthenticationDataBuilder implements MOAIDAuthConstants {
+public class AuthenticationDataBuilder extends MOAIDAuthConstants {
 
 	public static IAuthData buildAuthenticationData(IRequest protocolRequest, 
             AuthenticationSession session, List<Attribute> reqAttributes) throws ConfigurationException, BuildException, WrongParametersException, DynamicOABuildException {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
index 924051e2a..899b0fd15 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/DataURLBuilder.java
@@ -46,6 +46,7 @@
 
 package at.gv.egovernment.moa.id.auth.builder;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
 
 /**
@@ -96,7 +97,7 @@ public class DataURLBuilder {
 		
 		dataURL = authBaseURL + authServletName;
 
-    dataURL = addParameter(dataURL, AuthServlet.PARAM_SESSIONID, sessionID);
+    dataURL = addParameter(dataURL, MOAIDAuthConstants.PARAM_SESSIONID, sessionID);
   	return dataURL;
   }
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index a26dec969..3b903009c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -44,7 +44,7 @@ import at.gv.egovernment.moa.util.FileUtils;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
 
-public class StartAuthentificationParameterParser implements MOAIDAuthConstants{
+public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 
 	public static void parse(AuthenticationSession moasession, 
 			String target,
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
index c4c4b2691..43f4f90ff 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/AuthServlet.java
@@ -96,7 +96,7 @@ import at.gv.egovernment.moa.util.URLDecoder;
  * @author Paul Ivancsics
  * @version $Id$
  */
-public class AuthServlet extends HttpServlet implements MOAIDAuthConstants {
+public class AuthServlet extends HttpServlet {
 
 	/**
 	 * 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index 5802ce3b9..7b55564c4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletResponse;
 
 import org.apache.commons.lang.StringEscapeUtils;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -64,10 +65,10 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
     	String pendingRequestID = null;
 		
 	    try {
-	    	String bkuid = req.getParameter(PARAM_BKU);
-	    	String useMandate = req.getParameter(PARAM_USEMANDATE);
-	    	String ccc = req.getParameter(PARAM_CCC);
-	    	String moasessionid = req.getParameter(PARAM_SESSIONID);
+	    	String bkuid = req.getParameter(MOAIDAuthConstants.PARAM_BKU);
+	    	String useMandate = req.getParameter(MOAIDAuthConstants.PARAM_USEMANDATE);
+	    	String ccc = req.getParameter(MOAIDAuthConstants.PARAM_CCC);
+	    	String moasessionid = req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);
 	    		    	
 	    	moasessionid = StringEscapeUtils.escapeHtml(moasessionid);
 	    	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
index 626c95b19..0a6d30be7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/IDPSingleLogOutServlet.java
@@ -32,6 +32,7 @@ import org.apache.velocity.VelocityContext;
 import org.opensaml.saml2.core.LogoutResponse;
 import org.opensaml.saml2.metadata.SingleLogoutService;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -64,9 +65,9 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 		SSOManager ssomanager = SSOManager.getInstance();		
 		String ssoid = ssomanager.getSSOSessionID(req);
 		
-		Object restartProcessObj = req.getParameter(PARAM_SLORESTART);
+		Object restartProcessObj = req.getParameter(MOAIDAuthConstants.PARAM_SLORESTART);
 		
-		Object tokkenObj = req.getParameter(PARAM_SLOSTATUS);
+		Object tokkenObj = req.getParameter(MOAIDAuthConstants.PARAM_SLOSTATUS);
 		String tokken = null;
 		String status = null;
 		if (tokkenObj != null && tokkenObj instanceof String) {
@@ -78,7 +79,7 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 					
 				}
 				VelocityContext context = new VelocityContext();
-				if (SLOSTATUS_SUCCESS.equals(status))
+				if (MOAIDAuthConstants.SLOSTATUS_SUCCESS.equals(status))
 					context.put("successMsg",
 							MOAIDMessageProvider.getInstance().getMessage("slo.00", null));
 				else
@@ -148,12 +149,12 @@ public class IDPSingleLogOutServlet extends AuthServlet {
 					        String statusCode = null;
 							if (sloContainer.getSloFailedOAs() == null || 
 					        		sloContainer.getSloFailedOAs().size() == 0)							       							   							        	
-					        	statusCode  = SLOSTATUS_SUCCESS;
+					        	statusCode  = MOAIDAuthConstants.SLOSTATUS_SUCCESS;
 					        else
-					        	statusCode  = SLOSTATUS_ERROR;
+					        	statusCode  = MOAIDAuthConstants.SLOSTATUS_ERROR;
 
 							AssertionStorage.getInstance().put(artifact, statusCode);
-					        redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact);
+					        redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
 					        
 						}								
 						//redirect to Redirect Servlet
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
index 43b6c03d4..0b6180d0f 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/ProcessEngineSignalServlet.java
@@ -33,10 +33,10 @@ public class ProcessEngineSignalServlet extends AuthServlet {
 	 *            The HttpServletResponse.
 	 */
 	private void setNoCachingHeaders(HttpServletResponse resp) {
-		resp.setHeader(HEADER_EXPIRES, HEADER_VALUE_EXPIRES);
-		resp.setHeader(HEADER_PRAGMA, HEADER_VALUE_PRAGMA);
-		resp.setHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL);
-		resp.addHeader(HEADER_CACHE_CONTROL, HEADER_VALUE_CACHE_CONTROL_IE);
+		resp.setHeader(MOAIDAuthConstants.HEADER_EXPIRES, MOAIDAuthConstants.HEADER_VALUE_EXPIRES);
+		resp.setHeader(MOAIDAuthConstants.HEADER_PRAGMA, MOAIDAuthConstants.HEADER_VALUE_PRAGMA);
+		resp.setHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL);
+		resp.addHeader(MOAIDAuthConstants.HEADER_CACHE_CONTROL, MOAIDAuthConstants.HEADER_VALUE_CACHE_CONTROL_IE);
 	}
 
 	/**
@@ -95,7 +95,7 @@ public class ProcessEngineSignalServlet extends AuthServlet {
 	 * @return The current MOA session id.
 	 */
 	public String getMoaSessionId(HttpServletRequest request) {
-		return StringEscapeUtils.escapeHtml(request.getParameter(PARAM_SESSIONID));
+		return StringEscapeUtils.escapeHtml(request.getParameter(MOAIDAuthConstants.PARAM_SESSIONID));
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
index 7266a3302..431a7e0f7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/RedirectServlet.java
@@ -29,6 +29,7 @@ import javax.servlet.ServletException;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.builder.RedirectFormBuilder;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
@@ -55,9 +56,9 @@ public class RedirectServlet extends AuthServlet{
 		Logger.debug("Receive " + RedirectServlet.class + " Request");
 		
 		String url = req.getParameter(REDIRCT_PARAM_URL);
-		String target = req.getParameter(PARAM_TARGET);
-		String artifact = req.getParameter(PARAM_SAMLARTIFACT);
-		String interIDP = req.getParameter(INTERFEDERATION_IDP);
+		String target = req.getParameter(MOAIDAuthConstants.PARAM_TARGET);
+		String artifact = req.getParameter(MOAIDAuthConstants.PARAM_SAMLARTIFACT);
+		String interIDP = req.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP);
 				
 		Logger.debug("Check URL against online-applications");
 		OAAuthParameter oa = null;
@@ -85,12 +86,12 @@ public class RedirectServlet extends AuthServlet{
 					if (MiscUtil.isNotEmpty(target)) {
 //						redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
 //								URLEncoder.encode(session.getTarget(), "UTF-8"));
-						url = addURLParameter(url, PARAM_TARGET,
+						url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET,
 								URLEncoder.encode(target, "UTF-8"));
 
 
 					}
-					url = addURLParameter(url, PARAM_SAMLARTIFACT,
+					url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT,
 							URLEncoder.encode(artifact, "UTF-8"));
 					url = resp.encodeRedirectURL(url);
 					
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java
index d4cb909d9..d36a4318a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/ConfigurationUtils.java
@@ -27,7 +27,6 @@ import java.io.UnsupportedEncodingException;
 import java.util.ArrayList;
 import java.util.List;
 
-import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java
index 8fad1bc83..38135b028 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProviderFactory.java
@@ -22,6 +22,10 @@
  */
 package at.gv.egovernment.moa.id.config.auth;
 
+import java.net.URI;
+import java.net.URISyntaxException;
+
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
 import at.gv.egovernment.moa.id.config.ConfigurationProvider;
 import at.gv.egovernment.moa.logging.Logger;
@@ -50,13 +54,21 @@ public class AuthConfigurationProviderFactory {
 	 * @throws ConfigurationException 
 	 */
 	public static AuthConfiguration reload() throws ConfigurationException {
-	    String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);
+	    String fileName = System.getProperty(ConfigurationProvider.CONFIG_PROPERTY_NAME);	    
 	    if (fileName == null) {
 	      throw new ConfigurationException("config.01", null);
 	    }
 	    Logger.info("Loading MOA-ID-AUTH configuration " + fileName);
-
-	    instance = new PropertyBasedAuthConfigurationProvider(fileName);
+	    
+	    try {
+	    	URI fileURI = new URI(fileName);	    
+	    	instance = new PropertyBasedAuthConfigurationProvider(fileURI);
+	    	
+	    } catch (URISyntaxException e){
+	    	Logger.error("MOA-ID-Auth configuration file does not starts with file:/ as prefix.");
+	    	throw new ConfigurationException("config24", new Object[]{MOAIDAuthConstants.FILE_URI_PREFIX, fileName});
+	    	
+	    }
 	    return instance;
 	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 3bf631108..4587f0bc3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -59,6 +59,7 @@ import java.util.Set;
 import org.apache.commons.lang.SerializationUtils;
 
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.commons.validation.TargetValidator;
@@ -113,11 +114,11 @@ public String getIdentityLinkDomainIdentifier() {
 	String type = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE);
 	String value = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE);
 	if (MiscUtil.isNotEmpty(type) && MiscUtil.isNotEmpty(value)) {
-		if (MOAIDConfigurationConstants.IDENIFICATIONTYPE_STORK.equals(type)) {
-			return MOAIDConfigurationConstants.PREFIX_STORK + "AT" + "+" + value;
+		if (MOAIDConstants.IDENIFICATIONTYPE_STORK.equals(type)) {
+			return MOAIDConstants.PREFIX_STORK + "AT" + "+" + value;
 			
 		} else {
-			return MOAIDConfigurationConstants.PREFIX_WPBK + type + "+" + value;
+			return MOAIDConstants.PREFIX_WPBK + type + "+" + value;
 			
 		}		
 	}
@@ -567,7 +568,7 @@ public Collection<StorkAttributeProviderPlugin> getStorkAPs() {
 @Override
 public byte[] getBKUSelectionTemplate() {
 	try {
-		String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION);	
+		String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA);	
 		if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) {
 			return  Base64Utils.decode(bkuSelectionTemplateBase64, false);
 			
@@ -587,7 +588,7 @@ public byte[] getBKUSelectionTemplate() {
 @Override
 public byte[] getSendAssertionTemplate() {
 	try {
-		String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION);	
+		String bkuSelectionTemplateBase64 = oaConfiguration.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA);	
 		if (MiscUtil.isNotEmpty(bkuSelectionTemplateBase64)) {
 			return  Base64Utils.decode(bkuSelectionTemplateBase64, false);
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
index 9535c9aa3..9fc03e2df 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/PropertyBasedAuthConfigurationProvider.java
@@ -62,7 +62,7 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 	 * @param fileName the path to the properties file
 	 * @throws ConfigurationException if an error occurs during loading the properties file.
 	 */
-	public PropertyBasedAuthConfigurationProvider(String fileName) throws ConfigurationException {
+	public PropertyBasedAuthConfigurationProvider(URI fileName) throws ConfigurationException {
 		File propertiesFile = new File(fileName);
 		rootConfigFileDir = propertiesFile.getParent();
 		try {
@@ -72,14 +72,6 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 			throw new ConfigurationException("config.03", null, t);
 			
 		}
-				
-		System.getProperties().setProperty("location", "file:" + fileName);
-		context = new ClassPathXmlApplicationContext(
-				new String[] {  "moaid.configuration.beans.xml",
-								"configuration.beans.xml"
-								});
-		AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory();
-		acbFactory.autowireBean(this);
 		
 		FileInputStream in = null;
 		try {
@@ -87,6 +79,15 @@ public class PropertyBasedAuthConfigurationProvider extends ConfigurationProvide
 			properties.load(in);			
 			super.initial(properties);
 			
+//			JPAPropertiesWithJavaConfig.setLocalProperties(configProp);		
+//			System.getProperties().setProperty("location", "file:" + fileName);
+			context = new ClassPathXmlApplicationContext(
+					new String[] {  "moaid.configuration.beans.xml",
+									"configuration.beans.xml"
+									});
+			AutowireCapableBeanFactory acbFactory = context.getAutowireCapableBeanFactory();
+			acbFactory.autowireBean(this);
+			
 		} catch (FileNotFoundException e) {
 			throw new ConfigurationException("config.03", null, e);
 		
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
index 2e0aa5486..15dbf818d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/entrypoints/DispatcherServlet.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import at.gv.egovernment.moa.id.advancedlogging.StatisticLogger;
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.MOAIDAuthInitializer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
@@ -279,7 +280,7 @@ public class DispatcherServlet extends AuthServlet{
 							//create interfederated MOASession
 							String sessionID = 
 									AuthenticationSessionStoreage.createInterfederatedSession(protocolRequest, true, ssoId);
-							req.getParameterMap().put(PARAM_SESSIONID, new String[]{ sessionID });
+							req.getParameterMap().put(MOAIDAuthConstants.PARAM_SESSIONID, new String[]{ sessionID });
 														
 							Logger.info("PreProcessing of SSO interfederation response complete. ");
 
@@ -459,7 +460,7 @@ public class DispatcherServlet extends AuthServlet{
 							}
 							
 						} else {							
-							moasessionID = (String) req.getParameter(PARAM_SESSIONID);														
+							moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);														
 							moasession = AuthenticationSessionStoreage.getSession(moasessionID);
 							
 						}						
@@ -475,7 +476,7 @@ public class DispatcherServlet extends AuthServlet{
 						}
 						
 					} else {						
-						moasessionID = (String) req.getParameter(PARAM_SESSIONID);						
+						moasessionID = (String) req.getParameter(MOAIDAuthConstants.PARAM_SESSIONID);						
 						moasession = AuthenticationSessionStoreage.getSession(moasessionID);
 						moasessionID = AuthenticationSessionStoreage.changeSessionID(moasession);
 						
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index e4a358cdb..25aaf4310 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -103,7 +103,7 @@ import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
-public class AuthenticationManager implements MOAIDAuthConstants {
+public class AuthenticationManager extends MOAIDAuthConstants {
 
 	private static final AuthenticationManager INSTANCE = new AuthenticationManager();
 	
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
index 529e2ab81..fda92d71a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/IAction.java
@@ -31,7 +31,7 @@ import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationInterface;
 
-public interface IAction extends MOAIDAuthConstants {
+public interface IAction {
 	public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp, IAuthData authData) 
 			throws MOAIDException;
 	public boolean needAuthentication(IRequest req, HttpServletRequest httpReq, HttpServletResponse httpResp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 6b5e6a0f3..e9b18348c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -99,7 +99,7 @@ import at.gv.egovernment.moa.id.util.VelocityLogAdapter;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
-public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
+public class PVP2XProtocol extends MOAIDAuthConstants implements IModulInfo  {
 
 	public static final String NAME = PVP2XProtocol.class.getName();
 	public static final String PATH = "id_pvp2x";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index 9884d2a8a..b567798fa 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -60,6 +60,7 @@ import org.opensaml.xml.XMLObject;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.x509.X509Credential;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.exception.MOAIDException;
@@ -265,12 +266,12 @@ public class SingleLogOutAction implements IAction {
 							        String statusCode = null;
 									if (sloContainer.getSloFailedOAs() == null || 
 							        		sloContainer.getSloFailedOAs().size() == 0)							       							   							        	
-							        	statusCode  = SLOSTATUS_SUCCESS;
+							        	statusCode  = MOAIDAuthConstants.SLOSTATUS_SUCCESS;
 							        else
-							        	statusCode  = SLOSTATUS_ERROR;
+							        	statusCode  = MOAIDAuthConstants.SLOSTATUS_ERROR;
 
 									AssertionStorage.getInstance().put(artifact, statusCode);
-							        redirectURL = addURLParameter(redirectURL, PARAM_SLOSTATUS, artifact);
+							        redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SLOSTATUS, artifact);
 							        
 								}								
 								//redirect to Redirect Servlet
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java
index 8adf5cad9..72775ec02 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/attributes/IPVPAttributeBuilder.java
@@ -22,9 +22,8 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.pvp2x.builder.attributes;
 
-import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 
-interface IPVPAttributeBuilder extends PVPConstants, MOAIDAuthConstants, IAttributeBuilder {
+interface IPVPAttributeBuilder extends PVPConstants, IAttributeBuilder {
 	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 5b1f49411..2019b0d20 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -27,6 +27,7 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
@@ -83,8 +84,8 @@ public class GetArtifactAction implements IAction {
 				String url = AuthConfigurationProviderFactory.getInstance().getPublicURLPrefix() + "/RedirectServlet";
 				url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
 				if (!oaParam.getBusinessService())
-					url = addURLParameter(url, PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
-				url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+					url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, URLEncoder.encode(req.getTarget(), "UTF-8"));
+				url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 				url = httpResp.encodeRedirectURL(url);
 				
 				httpResp.setContentType("text/html");
@@ -94,12 +95,12 @@ public class GetArtifactAction implements IAction {
 			} else {
 				String redirectURL = oaURL;		
 				if (!oaParam.getBusinessService()) {
-					redirectURL = addURLParameter(redirectURL, PARAM_TARGET,
+					redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET,
 					URLEncoder.encode(req.getTarget(), "UTF-8"));
 
 				}
 				
-				redirectURL = addURLParameter(redirectURL, PARAM_SAMLARTIFACT,
+				redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_SAMLARTIFACT,
 						URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 				redirectURL = httpResp.encodeRedirectURL(redirectURL);
 				httpResp.setContentType("text/html");
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index bc38735ac..cdc50d8a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -49,7 +49,7 @@ import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
 
-public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
+public class SAML1Protocol extends MOAIDAuthConstants implements IModulInfo {
 
 	public static final String NAME = SAML1Protocol.class.getName();
 	public static final String PATH = "id_saml1";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
index f0b0f58de..de1924ba1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/AttributeProviderFactory.java
@@ -22,6 +22,7 @@
  *******************************************************************************/
 package at.gv.egovernment.moa.id.protocols.stork2;
 
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
 import at.gv.egovernment.moa.id.commons.db.dao.config.AttributeProviderPlugin;
 import at.gv.egovernment.moa.id.config.stork.StorkAttributeProviderPlugin;
 import at.gv.egovernment.moa.id.protocols.stork2.attributeproviders.AttributeProvider;
@@ -50,14 +51,7 @@ public class AttributeProviderFactory {
      * @return the available plugins
      */
     public static List<String> getAvailablePlugins() {
-        List<String> result = new ArrayList<String>();
-        result.add("StorkAttributeRequestProvider");
-        result.add("EHvdAttributeProvider_deprecated");
-        result.add("EHvdAttributeProvider");
-        result.add("SignedDocAttributeRequestProvider");
-        result.add("MandateAttributeRequestProvider");
-        result.add("PVPAuthenticationProvider");
-        return result;
+        return MOAIDConstants.ALLOWED_STORKATTRIBUTEPROVIDERS;
     }
 
     /**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
index 9eab99c52..42cf04877 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/stork2/STORKProtocol.java
@@ -45,7 +45,7 @@ import java.util.HashMap;
  *
  * @author bsuzic
  */
-public class STORKProtocol implements IModulInfo, MOAIDAuthConstants {
+public class STORKProtocol extends MOAIDAuthConstants implements IModulInfo {
 
     public static final String NAME = STORKProtocol.class.getName();
     public static final String PATH = "id_stork2";
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
index 64ae95093..47010a735 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/ParamValidatorUtils.java
@@ -72,7 +72,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.StringUtils;
 
 
-public class ParamValidatorUtils implements MOAIDAuthConstants{
+public class ParamValidatorUtils extends MOAIDAuthConstants{
    
    /**
     * Checks if the given target is valid
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java
index 9ce44fe15..dd4e67bcd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/legacy/LegacyHelper.java
@@ -30,7 +30,7 @@ import at.gv.egovernment.moa.id.auth.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 
-public class LegacyHelper implements MOAIDAuthConstants{
+public class LegacyHelper extends MOAIDAuthConstants{
 
 	public static boolean isUseMandateRequested(HttpServletRequest req) throws WrongParametersException {
 		
diff --git a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
index cdfde11b1..e9e4eb23d 100644
--- a/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
+++ b/id/server/idserverlib/src/main/resources/moaid.configuration.beans.xml
@@ -9,6 +9,30 @@
 		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
 		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
 
+	<context:property-placeholder location="${moa.id.configuration}"/> 
+
 	<bean id="moaidauthconfig" class="at.gv.egovernment.moa.id.config.auth.PropertyBasedAuthConfigurationProvider"/>
 	
+	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close">
+		<aop:scoped-proxy/>
+		<property name="driverClassName" value="${configuration.hibernate.connection.driver_class}" />
+		<property name="url" value="${configuration.hibernate.connection.url}"/>
+		<property name="username" value="${configuration.hibernate.connection.username}" />
+		<property name="password" value="${configuration.hibernate.connection.password}" />
+		<property name="testOnBorrow" value="true" />
+		<property name="validationQuery" value="SELECT 1" />
+	</bean>
+	
+	<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
+		<property name="showSql" value="true" />
+		<property name="generateDdl" value="${jpaVendorAdapter.generateDdl}" />
+<!-- 		<property name="generateDdl">
+			<bean class="java.lang.Boolean">
+				<constructor-arg value="${jpaVendorAdapter.generateDdl}"/>
+			</bean>
+		</property> --> 
+		<property name="databasePlatform" value="${configuration.hibernate.dialect}" />
+	</bean>
+	
+	
 </beans>
 \ No newline at end of file
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index fc1aa714e..827eeec8d 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -75,7 +75,8 @@ config.19=Kein Schl\u00FCssel f\u00FCr die Resignierung der Personenbindung gefu
 config.20=Umgebungsvariable "moa.id.proxy.configuration" nicht gesetzt
 config.21=F\u00FCr diese Online Applikation sind keine Vollmachtsprofile hinterlegt.
 config.22=F\u00FCr den Interfederation-Gateway mit der ID {0} ist kein Endpunkt zur Weiterleitung konfiguriert.
-config.23=Fehler beim initialisieren von OpenSAML 
+config.23=Fehler beim initialisieren von OpenSAML
+config.24=MOA-ID-Auth Configfile {1} does not start with {0} prefix.
 
 parser.00=Leichter Fehler beim Parsen: {0}
 parser.01=Fehler beim Parsen: {0}
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
index faafa6fd2..59a29d9bd 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
@@ -55,6 +55,7 @@ config.20=9199
 config.21=9006
 config.22=9008
 config.23=9199
+config.24=9199
 
 parser.00=1101
 parser.01=1101
diff --git a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java
index 6e1f612c8..fd1473b1f 100644
--- a/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java
+++ b/id/server/idserverlib/src/test/java/test/tlenz/simpletest.java
@@ -1,10 +1,19 @@
 package test.tlenz;
 
+import java.io.FileInputStream;
+import java.io.InputStream;
+
+import org.w3c.dom.Element;
+
 import iaik.asn1.structures.Name;
 import iaik.utils.RFC2253NameParser;
 import iaik.utils.RFC2253NameParserException;
+import at.gv.egovernment.moa.id.auth.data.IdentityLink;
+import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.data.AuthenticationRole;
 import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+import at.gv.egovernment.moa.id.util.IdentityLinkReSigner;
+import at.gv.egovernment.moa.util.DOMUtils;
 
 /*******************************************************************************
  * Copyright 2014 Federal Chancellery Austria
@@ -49,6 +58,19 @@ import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
 public class simpletest {
 //
 	public static void main(String[] args) {
+		try {
+		InputStream s = new FileInputStream("D:/idl_test/identity_link.xml");
+		Element idlTemplate = DOMUtils.parseXmlValidating(s);
+		
+        //resign IDL
+		IdentityLinkReSigner identitylinkresigner = IdentityLinkReSigner.getInstance();
+		Element resignedilAssertion = identitylinkresigner.resignIdentityLink(idlTemplate, "IDLSigning");
+		IdentityLink identityLink = new IdentityLinkAssertionParser(resignedilAssertion).parseIdentityLink();
+		
+		} catch (Exception e) {
+			System.out.println(e.getMessage());
+			
+		}
 		
 		String subjectName = "serialNumber=896929130327, givenName=OCSP, SN=Responder 03-1, CN=OCSP Responder 03-1, C=AT";
 		
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java
new file mode 100644
index 000000000..e084c07e5
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDConstants.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.commons;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Hashtable;
+import java.util.List;
+import java.util.Map;
+
+/**
+ * @author tlenz
+ *
+ */
+public class MOAIDConstants {
+
+	//general configuration constants
+	
+	public static final String FILE_URI_PREFIX = "file:/";
+	
+	public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
+    public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+";
+	
+	public static final String IDENIFICATIONTYPE_FN = "FN";
+	public static final String IDENIFICATIONTYPE_ERSB = "ERSB";
+	public static final String IDENIFICATIONTYPE_ZVR = "ZVR";
+    public static final String IDENIFICATIONTYPE_STORK = "STORK";
+	
+    public static final String KEYBOXIDENTIFIER_SECURE = "SecureSignatureKeypair";
+    public static final String KEYBOXIDENTIFIER_CERTIFIED = "CertifiedKeypair";
+    
+    public static final String TESTCREDENTIALROOTOID = "1.2.40.0.10.2.4.1";
+    
+    public static final String REDIRECTTARGET_TOP = "_top";
+    public static final String REDIRECTTARGET_SELF = "_self";
+    public static final String REDIRECTTARGET_PARENT = "_parent";
+    public static final String REDIRECTTARGET_BLANK = "_blank";
+    
+    public static final Map<String, String> BUSINESSSERVICENAMES;
+    public static final List<String> ALLOWED_WBPK_PREFIXES;    
+    public static final List<String> ALLOWED_KEYBOXIDENTIFIER;
+    public static final List<String> ALLOWED_REDIRECTTARGETNAMES;
+    public static final List<String> ALLOWED_STORKATTRIBUTEPROVIDERS;
+    
+    
+	static {
+		Hashtable<String, String> tmp = new Hashtable<String, String>();
+		tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer");
+		tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer");
+		tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl");
+        tmp.put(IDENIFICATIONTYPE_STORK, "STORK");
+        BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp);
+        
+        List<String> awbpk = new ArrayList<String>();
+        awbpk.add(IDENIFICATIONTYPE_FN);
+        awbpk.add(IDENIFICATIONTYPE_ERSB);
+        awbpk.add(IDENIFICATIONTYPE_ZVR);
+        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_FN);
+        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ERSB);
+        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ZVR);        
+        ALLOWED_WBPK_PREFIXES = Collections.unmodifiableList(awbpk);
+        
+        List<String> keyboxIDs = new ArrayList<String>();
+        awbpk.add(KEYBOXIDENTIFIER_SECURE);
+        awbpk.add(KEYBOXIDENTIFIER_CERTIFIED);        
+        ALLOWED_KEYBOXIDENTIFIER = Collections.unmodifiableList(keyboxIDs);
+        
+        List<String> redirectTargets = new ArrayList<String>();
+        redirectTargets.add(REDIRECTTARGET_BLANK);
+        redirectTargets.add(REDIRECTTARGET_PARENT);
+        redirectTargets.add(REDIRECTTARGET_SELF);
+        redirectTargets.add(REDIRECTTARGET_TOP);
+        ALLOWED_REDIRECTTARGETNAMES = Collections.unmodifiableList(redirectTargets);
+        
+	}
+	
+	static {
+		List<String> storkAttrProvider = new ArrayList<String>();
+		storkAttrProvider.add("StorkAttributeRequestProvider");
+		storkAttrProvider.add("EHvdAttributeProvider_deprecated");
+		storkAttrProvider.add("EHvdAttributeProvider");
+		storkAttrProvider.add("SignedDocAttributeRequestProvider");
+		storkAttrProvider.add("MandateAttributeRequestProvider");
+		storkAttrProvider.add("PVPAuthenticationProvider");
+		ALLOWED_STORKATTRIBUTEPROVIDERS = Collections.unmodifiableList(storkAttrProvider);
+		
+	}
+	
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
index 694ff0720..4f47efb78 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
@@ -30,6 +30,7 @@ import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.HashMap;
+import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 
@@ -110,12 +111,10 @@ public class ConfigurationMigrationUtils {
 	 * but no MOA-ID configuration prefix  
 	 * 
 	 * @param oa MOA-ID 2.x OnlineApplication configuration
+	 * @param storkConfig 
 	 * @return MOA-ID 3.x OnlineApplication configuration without prefix but never Null 
 	 */
-	public static Map<String, String> convertHyberJaxBOnlineApplicationToKeyValue(OnlineApplication oa) {
-		//TODO: add C-PEPS countries and STORK attributes from general config!!!!
-		//TODO: add correct list identifiers for metadata handling
-		
+	public static Map<String, String> convertHyberJaxBOnlineApplicationToKeyValue(OnlineApplication oa, STORK storkConfig) {
 		Map<String, String> result = new HashMap<String, String>();
 		if (oa != null) {
 			//convert oaID and friendlyname
@@ -296,6 +295,34 @@ public class ConfigurationMigrationUtils {
 						result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SSO_USERREQUEST, Boolean.TRUE.toString());
 				}	
 				
+				//convert interfederation configuration
+				InterfederationIDPType moaIDP = oa.getInterfederationIDP();
+				if (moaIDP != null) {
+					result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_IIDP);				
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, 
+							moaIDP.getAttributeQueryURL());				
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND, 
+							String.valueOf(moaIDP.isInboundSSO()));
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND, 
+							String.valueOf(moaIDP.isOutboundSSO()));
+
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE, 
+							String.valueOf(moaIDP.isStoreSSOSession()));
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR, 
+							String.valueOf(moaIDP.isPerformLocalAuthenticationOnError()));
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST, 
+							String.valueOf(moaIDP.isPerformPassivRequest()));
+				}
+
+				//convert STORK <-> PVP2X gateway configuration
+				InterfederationGatewayType gateway = oa.getInterfederationGateway();
+				if (gateway != null) {
+					result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_GATEWAY);
+					result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, 
+							gateway.getForwardIDPIdentifier());
+					
+				}
+								
 				//convert STORK config
 				OASTORK config = oaauth.getOASTORK();
 				if(config != null) {
@@ -309,46 +336,6 @@ public class ConfigurationMigrationUtils {
 					else
 						result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_MINQAALEVEL, "4");
 
-					if (config.getCPEPS() != null) {
-						for (int i=0; i<config.getCPEPS().size(); i++) {
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
-									+ "." + String.valueOf(i) + "."
-									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, 
-									Boolean.TRUE.toString());	
-						
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
-									+ "." + String.valueOf(i) + "."
-									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, 
-									config.getCPEPS().get(i).getCountryCode());
-							
-						}
-					}
-					
-					if (config.getOAAttributes() != null) {
-						for (int i=0; i<config.getOAAttributes().size(); i++) {
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
-									+ "." + String.valueOf(i) + "."
-									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, 
-									config.getOAAttributes().get(i).getName());
-							
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
-									+ "." + String.valueOf(i) + "."
-									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, 
-									Boolean.TRUE.toString());
-
-							
-							if (config.getOAAttributes().get(i).isMandatory() != null)
-								result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
-										+ "." + String.valueOf(i) + "."
-										+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, 
-										config.getOAAttributes().get(i).isMandatory().toString());
-							else
-								result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
-										+ "." + String.valueOf(i) + "."
-										+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, 
-										Boolean.FALSE.toString());
-						}						
-					}
 					
 					// fetch vidp config					
 					if (config.isRequireConsent() != null)
@@ -380,6 +367,120 @@ public class ConfigurationMigrationUtils {
 							
 						}												
 					}
+					
+					//only fetch C-PEPS and attributes if service is an OA
+					if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES)) {
+						//fetch C-PEPS config
+						List<String> configuredCPEPs = new ArrayList<String>();
+						if (storkConfig != null && storkConfig.getCPEPS() != null) {
+							for (CPEPS el : storkConfig.getCPEPS()) {
+								if (MiscUtil.isNotEmpty(el.getCountryCode()))
+									configuredCPEPs.add(el.getCountryCode());
+							
+							}						
+						}					
+						int listCounter = 0;
+						if (config.getCPEPS() != null) {
+							Iterator<CPEPS> oaCPEPSInterator = config.getCPEPS().iterator();
+							while(oaCPEPSInterator.hasNext()) {
+								CPEPS oaCpeps = oaCPEPSInterator.next();
+								String oaCountryCode = oaCpeps.getCountryCode();
+								if (MiscUtil.isNotEmpty(oaCountryCode)) {
+									if (configuredCPEPs.contains(oaCountryCode))
+										configuredCPEPs.remove(oaCountryCode);
+								
+									result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+											+ "." + String.valueOf(listCounter) + "."
+											+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, 
+											Boolean.TRUE.toString());	
+						
+									result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+											+ "." + String.valueOf(listCounter) + "."
+											+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, 
+											oaCountryCode);
+								
+									listCounter++;
+								}							
+							}
+						}					
+						Iterator<String> confCPEPS = configuredCPEPs.iterator();
+						while (confCPEPS.hasNext()) {
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+									+ "." + String.valueOf(listCounter) + "."
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_ENABLED, 
+									Boolean.TRUE.toString());	
+				
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST
+									+ "." + String.valueOf(listCounter) + "."
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_COUNTRIES_LIST_COUNTRYCODE, 
+									confCPEPS.next());						
+							listCounter++;
+						
+						}
+					
+						//fetch STORK attributes
+						List<String> configuredAttributs = new ArrayList<String>();
+						if (storkConfig != null && storkConfig.getAttributes() != null) {
+							for (StorkAttribute el : storkConfig.getAttributes()) {
+								if (MiscUtil.isNotEmpty(el.getName()))
+									configuredAttributs.add(el.getName());
+							
+							}						
+						}					
+						listCounter = 0;
+						if (config.getOAAttributes() != null) {
+							Iterator<OAStorkAttribute> oaAttributeInterator = config.getOAAttributes().iterator();
+							while (oaAttributeInterator.hasNext()) {
+								OAStorkAttribute oaAttr = oaAttributeInterator.next();
+								if (MiscUtil.isNotEmpty(oaAttr.getName())) {
+									if (configuredAttributs.contains(oaAttr.getName()))
+										configuredAttributs.remove(oaAttr.getName());
+								
+									result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+											+ "." + String.valueOf(listCounter) + "."
+											+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, 
+											oaAttr.getName());
+							
+									result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+											+ "." + String.valueOf(listCounter) + "."
+											+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, 
+											Boolean.TRUE.toString());
+
+							
+									if (oaAttr.isMandatory() != null)
+										result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+												+ "." + String.valueOf(listCounter) + "."
+												+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, 
+												oaAttr.isMandatory().toString());
+									else
+										result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+												+ "." + String.valueOf(listCounter) + "."
+												+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, 
+												Boolean.FALSE.toString());
+									listCounter++;
+								}
+							}						
+						}
+						Iterator<String> configuredAttributsInterator = configuredAttributs.iterator();
+						while (configuredAttributsInterator.hasNext()) {
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+									+ "." + String.valueOf(listCounter) + "."
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_NAME, 
+									configuredAttributsInterator.next());
+					
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+									+ "." + String.valueOf(listCounter) + "."
+									+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_REQUESTED, 
+									Boolean.TRUE.toString());
+
+								result.put(MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST
+										+ "." + String.valueOf(listCounter) + "."
+										+ MOAIDConfigurationConstants.SERVICE_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY, 
+										Boolean.FALSE.toString());
+								listCounter++;
+						
+						}
+					}
 				}
 				
 				//convert protocols SAML1
@@ -479,9 +580,9 @@ public class ConfigurationMigrationUtils {
 					TransformsInfoType bkuSelectTemplate = templates.getBKUSelectionTemplate();
 					if (bkuSelectTemplate != null && MiscUtil.isNotEmpty(bkuSelectTemplate.getFilename())) {
 						try {
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION, 
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA, 
 									Base64Utils.encode(bkuSelectTemplate.getTransformation()));
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME, 
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW, 
 									bkuSelectTemplate.getFilename());
 							
 						} catch (Exception e) {
@@ -495,9 +596,9 @@ public class ConfigurationMigrationUtils {
 					TransformsInfoType sendAssertionTemplate = templates.getSendAssertionTemplate();
 					if (sendAssertionTemplate != null && MiscUtil.isNotEmpty(sendAssertionTemplate.getFilename())) {
 						try {
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION, 
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA, 
 									Base64Utils.encode(sendAssertionTemplate.getTransformation()));
-							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME, 
+							result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW, 
 									sendAssertionTemplate.getFilename());
 							
 						} catch (Exception e) {
@@ -577,38 +678,11 @@ public class ConfigurationMigrationUtils {
 					}
 				}										
 			}
-			
-			//convert interfederation configuration
-			InterfederationIDPType moaIDP = oa.getInterfederationIDP();
-			if (moaIDP != null) {
-				result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_IIDP);				
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_ATTRIBUTQUERY_URL, 
-						moaIDP.getAttributeQueryURL());				
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_INBOUND, 
-						String.valueOf(moaIDP.isInboundSSO()));
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_OUTBOUND, 
-						String.valueOf(moaIDP.isOutboundSSO()));
-
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_SSO_STORE, 
-						String.valueOf(moaIDP.isStoreSSOSession()));
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_LOCALAUTHONERROR, 
-						String.valueOf(moaIDP.isPerformLocalAuthenticationOnError()));
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_PASSIVEREQUEST, 
-						String.valueOf(moaIDP.isPerformPassivRequest()));
-			}
-
-			//convert STORK <-> PVP2X gateway configuration
-			InterfederationGatewayType gateway = oa.getInterfederationGateway();
-			if (gateway != null) {
-				result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_GATEWAY);
-				result.put(MOAIDConfigurationConstants.SERVICE_INTERFEDERATION_FORWARD_IDPIDENTIFIER, 
-						gateway.getForwardIDPIdentifier());
-				
-			}
-			
+						
 			//set onlineapplication identifier if nothing is set 
-			if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES))
+			if (!result.containsKey(MOAIDConfigurationConstants.PREFIX_SERVICES)) {
 				result.put(MOAIDConfigurationConstants.PREFIX_SERVICES, MOAIDConfigurationConstants.PREFIX_OA);
+			}
 		}
 		
 		return result;
@@ -922,11 +996,11 @@ public class ConfigurationMigrationUtils {
             templates.setAditionalAuthBlockText(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_BKU_AUTHBLOCKTEXT));
             
             //store BKU-selection and send-assertion templates
-            if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION))) {
+            if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA))) {
                 TransformsInfoType el1 = new TransformsInfoType();
                 try {
-                	el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION), false));
-                	el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME));
+                	el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA), false));
+                	el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW));
                 	templates.setBKUSelectionTemplate(el1);
                 	
                 } catch (IOException e) {
@@ -934,11 +1008,11 @@ public class ConfigurationMigrationUtils {
                 }
             }
 
-            if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION))) {
+            if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA))) {
                 TransformsInfoType el1 = new TransformsInfoType();
                 try {
-                	el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION), false));
-                	el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME));
+                	el1.setTransformation(Base64Utils.decode(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA), false));
+                	el1.setFilename(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW));
                 	templates.setSendAssertionTemplate(el1);
                 	
                 } catch (IOException e) {
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java
index bac2d0011..399533d3f 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationUtil.java
@@ -23,6 +23,7 @@ import at.gv.egiz.components.configuration.api.Configuration;
 import at.gv.egiz.components.configuration.api.ConfigurationException;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.dao.config.STORK;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -86,11 +87,24 @@ public class ConfigurationUtil {
 
 		Properties result = new Properties();
 
+		if (config == null) {
+			return null;
+			
+		}
+		STORK storkConfig = null;
+		try {
+			storkConfig = config.getAuthComponentGeneral().getForeignIdentities().getSTORK();
+		
+		} catch (Exception e) {
+			Logger.debug("No general STORK configuration found.");
+			
+		}
+		
 		//convert all online applications
 		List<OnlineApplication> oaList = config.getOnlineApplication();
 		for (int i=0; i<oaList.size(); i++) {
 			OnlineApplication oa = oaList.get(i);
-			Map<String, String> keyValueOA = ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa);
+			Map<String, String> keyValueOA = ConfigurationMigrationUtils.convertHyberJaxBOnlineApplicationToKeyValue(oa, storkConfig);
 			
 			String serviceIdentifier = keyValueOA.get(MOAIDConfigurationConstants.PREFIX_SERVICES);
 			if (MiscUtil.isEmpty(serviceIdentifier)) {
@@ -106,7 +120,13 @@ public class ConfigurationUtil {
 							+ key, 
 							keyValueOA.get(key));
 				
-			}						
+			}
+			//set correct metadata list identifier
+			result.put(MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES 
+					+ "." + serviceIdentifier + "." + String.valueOf(i) + "."
+					+ MOAIDConfigurationConstants.METADATA_LIST +".0", 
+					MOAIDConfigurationConstants.PREFIX_MOAID_SERVICES 
+					+ "." + serviceIdentifier);
 		}
 		
 		Map<String, String> keyValueGeneral = ConfigurationMigrationUtils.convertHyberJaxBMOAIDConfigToKeyValue(config);
@@ -189,8 +209,12 @@ public class ConfigurationUtil {
 		Properties inProperties = new Properties();
 		inProperties.load(inStream);
 
-		System.getProperties().setProperty("location", "file:" + outputDBConfigFilePath);
-		ApplicationContext context = new ClassPathXmlApplicationContext("configuration.beans.xml");
+		System.getProperties().setProperty("moa.id.webconfig", "file:" + outputDBConfigFilePath);
+		ApplicationContext context = new ClassPathXmlApplicationContext(
+				new String[]{
+						"configuration.beans.xml", 
+						"moaid.migration.beans.xml"
+						});
 		Configuration dbConfiguration = (Configuration) context.getBean("moaidconfig");
 
 		List<String> keys = null;
@@ -217,7 +241,7 @@ public class ConfigurationUtil {
 			// remove existing entries
 			for (String key : keys) {
 				try {
-					dbConfiguration.setStringValue(key, null);
+					dbConfiguration.deleteIds(key);
 				} catch (ConfigurationException e) {
 					System.out.println("Could NOT persist the configuration file's information in the database.");
 					
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index 34e3f3c7e..fab5b437f 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -1,54 +1,20 @@
 package at.gv.egovernment.moa.id.commons.config;
 
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Hashtable;
-import java.util.List;
-import java.util.Map;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
 
 /**
  * 
  *
  */
-public final class MOAIDConfigurationConstants {
+public final class MOAIDConfigurationConstants extends MOAIDConstants {
 
 	private MOAIDConfigurationConstants() {
 		// restrict instantiation
 	}
-
-	//general configuration constants
-	
-	public static final String PREFIX_WPBK = "urn:publicid:gv.at:wbpk+";
-    public static final String PREFIX_STORK = "urn:publicid:gv.at:storkid+";
+	public static final String METADATA_LIST = "__LI";
 	
-	public static final String IDENIFICATIONTYPE_FN = "FN";
-	public static final String IDENIFICATIONTYPE_ERSB = "ERSB";
-	public static final String IDENIFICATIONTYPE_ZVR = "ZVR";
-    public static final String IDENIFICATIONTYPE_STORK = "STORK";
+	public static final String WEBGUI_EMPTY_ELEMENT = "null";
 	
-    public static final Map<String, String> BUSINESSSERVICENAMES;
-
-    public static final List<String> ALLOWED_WBPK_PREFIXES;
-    
-	static {
-		Hashtable<String, String> tmp = new Hashtable<String, String>();
-		tmp.put(IDENIFICATIONTYPE_FN, "Firmenbuchnummer");
-		tmp.put(IDENIFICATIONTYPE_ZVR, "Vereinsnummer");
-		tmp.put(IDENIFICATIONTYPE_ERSB, "ERsB Kennzahl");
-        tmp.put(IDENIFICATIONTYPE_STORK, "STORK");
-        BUSINESSSERVICENAMES = Collections.unmodifiableMap(tmp);
-        
-        List<String> awbpk = new ArrayList<String>();
-        awbpk.add(IDENIFICATIONTYPE_FN);
-        awbpk.add(IDENIFICATIONTYPE_ERSB);
-        awbpk.add(IDENIFICATIONTYPE_ZVR);
-        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_FN);
-        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ERSB);
-        awbpk.add(PREFIX_WPBK + IDENIFICATIONTYPE_ZVR);        
-        ALLOWED_WBPK_PREFIXES = Collections.unmodifiableList(awbpk);
-	}
-    
-    
 	//Basic key namespaces
 	public static final String PREFIX_MOAID = "moa.id";
 	public static final String PREFIX_GENERAL = "general";
@@ -97,7 +63,7 @@ public final class MOAIDConfigurationConstants {
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".target"; 
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_TARGET_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".target.sub";
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_SUB = SERVICE_AUTH_TARGET_PUBLIC + ".use.sub";
-	public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_OWN = SERVICE_AUTH_TARGET_PUBLIC + ".use.own";
+	public static final String SERVICE_AUTH_TARGET_PUBLIC_USE_OWN = SERVICE_AUTH_TARGET_PUBLIC + ".own.use";
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_TARGET = SERVICE_AUTH_TARGET_PUBLIC + ".own.target";
 	public static final String SERVICE_AUTH_TARGET_PUBLIC_OWN_NAME = SERVICE_AUTH_TARGET_PUBLIC + ".own.name";
 	
@@ -111,13 +77,15 @@ public final class MOAIDConfigurationConstants {
 	public static final String SERVICE_AUTH_BKU_TEMPLATE_FIRST_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".first.url";
 	public static final String SERVICE_AUTH_BKU_TEMPLATE_SECOND_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".second.url";
 	public static final String SERVICE_AUTH_BKU_TEMPLATE_THIRD_VALUE = SERVICE_AUTH_BKU_TEMPLATE + ".third.url";
-	public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = SERVICE_AUTH_BKU + "authblock.additionaltext";
-	public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = SERVICE_AUTH_BKU + "authblock.removebPK";
+	public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext";
+	public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK";
 
 	private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES;
-	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION = SERVICE_AUTH_TEMPLATES + ".bkuselection";
+	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data";
+	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview";
 	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".bkuselection.filename";
-	public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION = SERVICE_AUTH_TEMPLATES + ".sendAssertion";
+	public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_DATA = SERVICE_AUTH_TEMPLATES + ".sendAssertion.data";
+	public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".sendAssertion.preview";
 	public static final String SERVICE_AUTH_TEMPLATES_SENDASSERTION_FILENAME = SERVICE_AUTH_TEMPLATES + ".sendAssertion.filename";
 	private static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION = SERVICE_AUTH_TEMPLATES + ".customize";
 	public static final String SERVICE_AUTH_TEMPLATES_CUSTOMIZATION_FONTTYPE = SERVICE_AUTH_TEMPLATES_CUSTOMIZATION + ".fonttype";
@@ -184,8 +152,8 @@ public final class MOAIDConfigurationConstants {
 	private static final String SERVICE_PROTOCOLS_PVP2X = PROTOCOLS + "." + PVP2X;
 	public static final String SERVICE_PROTOCOLS_PVP2X_RELOAD = SERVICE_PROTOCOLS_PVP2X + ".reload";
 	public static final String SERVICE_PROTOCOLS_PVP2X_URL = SERVICE_PROTOCOLS_PVP2X + ".URL";
-	public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate";
-	public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT = SERVICE_PROTOCOLS_PVP2X + ".certificate.subject";
+	public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE = SERVICE_PROTOCOLS_PVP2X + ".certificate.data";
+	public static final String SERVICE_PROTOCOLS_PVP2X_CERTIFICATE_SUBJECT = SERVICE_PROTOCOLS_PVP2X + ".certificate.preview";
 	
 	private static final String SERVICE_PROTOCOLS_OPENID = PROTOCOLS + "." + OPENID;
 	public static final String SERVICE_PROTOCOLS_OPENID_CLIENTID = SERVICE_PROTOCOLS_OPENID + ".clientID";
@@ -270,6 +238,7 @@ public final class MOAIDConfigurationConstants {
 	public static final String GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT_TYPE = GENERAL_PROTOCOLS_PVP2X_METADATA_CONTACT + ".type";
 					
 	public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_NAME = GENERAL_AUTH + ".authblock.transformation.preview";
+	public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_FILENAME = GENERAL_AUTH + ".authblock.transformation.filename";
 	public static final String GENERAL_AUTH_AUTHBLOCK_TRANSFORMATION_BASE64 = GENERAL_AUTH + ".authblock.transformation.data";
 	
 	public static final String GENERAL_AUTH_STORK = GENERAL_AUTH + "." + STORK;
@@ -282,35 +251,4 @@ public final class MOAIDConfigurationConstants {
 	public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST = GENERAL_AUTH_STORK + ".attributes";
 	public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_NAME = "friendlyname"; 
 	public static final String GENERAL_AUTH_STORK_ATTRIBUTES_LIST_MANDATORY = "mandatory";
-		
-//	//  old!!!!!!!!!!! //
-//	// keys for the object in the key-value database
-//	public static final String ONLINE_APPLICATIONS_KEY = "OnlineApplications";
-//	public static final String AUTH_COMPONENT_GENERAL_KEY = "AuthComponentGeneral";
-//	public static final String CHAINING_MODES_KEY = "ChainingModes";
-//	public static final String TRUSTED_CERTIFICATES_KEY = "TruestedCertificates";
-//	public static final String DEFAULT_BKUS_KEY = "DefaultBKUs";
-//	public static final String SLREQUEST_TEMPLATES_KEY = "SLRequestTemplates";
-//	public static final String TIMESTAMP_ITEM_KEY = "TimestampItem";
-//	public static final String PVP2REFRESH_ITEM_KEY = "Pvp2RefreshItem";
-//	public static final String GENERIC_CONFIGURATION_KEY = "GenericConfiguration";
-//
-//	/**
-//	 * Returns all relevant (database-) keys that {@link MOAIDConfiguration} contains.
-//	 * @return the keys as {@code String[]}
-//	 */
-//	public static final String[] getMOAIDConfigurationKeys() {
-//		return new String[] { AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY, TRUSTED_CERTIFICATES_KEY,
-//				DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY, PVP2REFRESH_ITEM_KEY };
-//	}
-//
-//	/**
-//	 * Returns all (database-) keys that {@link MOAIDConfiguration} contains.
-//	 * @return the keys as {@code String[]}
-//	 */
-//	public static final String[] getAllMOAIDConfigurationKeys() {
-//		return new String[] { ONLINE_APPLICATIONS_KEY, AUTH_COMPONENT_GENERAL_KEY, CHAINING_MODES_KEY,
-//				TRUSTED_CERTIFICATES_KEY, DEFAULT_BKUS_KEY, SLREQUEST_TEMPLATES_KEY, TIMESTAMP_ITEM_KEY,
-//				PVP2REFRESH_ITEM_KEY };
-//	}
 }
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java
index 7dbbac5b4..c472299b9 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MigrationTest.java
@@ -40,7 +40,7 @@ public class MigrationTest {
 		String inputFile = "D:/Projekte/svn/moa-id/MOAID-2.0_config_labda_12.05.2015.xml";
 		String outputFile = "D:/Projekte/svn/moa-id/MOAID-3.0_config.propery";
 		
-		String moaidconfig = "D:/Projekte/svn/moa-id/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id/moa-id.properties";
+		String moaidconfig = "D:/Projekte/svn/moa-id/.metadata/.plugins/org.eclipse.wst.server.core/tmp0/conf/moa-id-configuration/moa-id.properties";
 		try {
 			FileInputStream input = new FileInputStream(inputFile);
 			File out = new File(outputFile);
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java
index 832c82e78..805bcb33e 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/persistence/MOAIDConfigurationImpl.java
@@ -38,6 +38,16 @@ public class MOAIDConfigurationImpl extends DatabaseConfigPropertyImpl implement
 //		this.configPropertyDao = configPropertyDao;
 //	}
 	
+	public void setStringValue(String id, String value) throws ConfigurationException {
+		super.setStringValue(id, value);
+		
+	}
+	
+	public void deleteIds(String idSearch) throws ConfigurationException {
+		super.deleteIds(idSearch);
+		
+	}
+	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.commons.config.persistence.MOAIDConfiguration#getPropertySubset(java.lang.String)
 	 */
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java
index 00c191228..f47b0c9e2 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/DatabaseConfigPropertyImpl.java
@@ -82,7 +82,7 @@ public class DatabaseConfigPropertyImpl extends AbstractConfigurationImpl {
 	 * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#storeKey(java.lang.String, java.lang.String)
 	 */
 	@Override
-	@Transactional(value="transactionManager")
+	@Transactional("transactionManager")
 	protected void storeKey(String key, String value) throws ConfigurationException {
 		if (null == em) {
 			log.error("No EntityManager set!");
@@ -176,6 +176,7 @@ public class DatabaseConfigPropertyImpl extends AbstractConfigurationImpl {
 	 * @see at.gv.egiz.components.configuration.api.AbstractConfigurationImpl#deleteIds(java.lang.String)
 	 */
 	@Override
+	@Transactional("transactionManager")
 	public void deleteIds(String idSearch) throws ConfigurationException {
 		String[] keyList = findConfigurationId(idSearch);
 		for (String el : keyList) {
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
index 0e4616825..f20647fb0 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
@@ -29,6 +29,7 @@ import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
 import java.util.Map.Entry;
+import java.util.Set;
 
 import at.gv.egovernment.moa.util.MiscUtil;
 
@@ -213,5 +214,17 @@ public class KeyValueUtils {
 			return counters.get(counters.size()-1) + 1;
 		}
 	}
+
+	/**
+	 * Find the highest free list counter
+	 * 
+	 * @param keySet {Set<String>} of list keys
+	 * @param listPrefix {String} prefix of the list
+	 * @return {int} highest free list counter
+	 */
+	public static int findNextFreeListCounter(Set<String> keySet,
+			String listPrefix) {
+		return findNextFreeListCounter((String[]) keySet.toArray(), listPrefix);
+	}
 	
 }
diff --git a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml
index ea0e7c78d..775d02d05 100644
--- a/id/server/moa-id-commons/src/main/resources/configuration.beans.xml
+++ b/id/server/moa-id-commons/src/main/resources/configuration.beans.xml
@@ -11,7 +11,10 @@
 
 	<context:annotation-config />
 	
-	<context:property-placeholder location="${location}"/>  
+	<!-- context:property-placeholder location="${location}"/-->  
+	
+<!-- 	<bean class="at.gv.egovernment.moa.id.commons.config.persistence.JPAPropertiesWithJavaConfig">
+	</bean> -->
 
 	<bean id="configPropertyDao" 
 				class="at.gv.egovernment.moa.id.commons.db.dao.config.DatabaseConfigPropertyImpl"/>
@@ -24,22 +27,27 @@
 <!--  	<bean id="configRead" class="at.gv.egovernment.moa.id.commons.db.NewConfigurationDBRead"/> -->
 <!-- <bean id="configWrite" class="at.gv.egovernment.moa.id.commons.db.NewConfigurationDBWrite"/> -->
 
-	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close">
+<!-- 	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close">
 		<aop:scoped-proxy/>
-		<property name="driverClassName" value="${configuration.hibernate.connection.driver_class}" />
-		<property name="url" value="${configuration.hibernate.connection.url}"/>
-		<property name="username" value="${configuration.hibernate.connection.username}" />
-		<property name="password" value="${configuration.hibernate.connection.password}" />
+		<property name="driverClassName" value="${hibernate.connection.driver_class}" />
+		<property name="url" value="${hibernate.connection.url}"/>
+		<property name="username" value="${hibernate.connection.username}" />
+		<property name="password" value="${hibernate.connection.password}" />
 		<property name="testOnBorrow" value="true" />
 		<property name="validationQuery" value="SELECT 1" />
-	</bean>
+	</bean> -->
 	
 
-	<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
+<!-- 	<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
 		<property name="showSql" value="true" />
 		<property name="generateDdl" value="${jpaVendorAdapter.generateDdl}" />
-		<property name="databasePlatform" value="${configuration.hibernate.dialect}" />
-	</bean>
+		<property name="generateDdl">
+			<bean class="java.lang.Boolean">
+				<constructor-arg value="${jpaVendorAdapter.generateDdl}"/>
+			</bean>
+		</property> 
+		<property name="databasePlatform" value="${hibernate.dialect}" />
+	</bean> -->
 
 
 	<bean name="config" id="entityManagerFactory" class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
diff --git a/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml
new file mode 100644
index 000000000..a2961b0f6
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/resources/moaid.migration.beans.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	
+<!-- 	<bean id="localPropertyBean" class="at.gv.egovernment.moa.id.config.webgui.MOAIDWebGUIConfiguration"
+	 	scope="singleton" factory-method="getInstance"/> -->
+
+	<context:property-placeholder location="${moa.id.webconfig}"/> 
+
+	<bean id="dataSource" class="org.apache.commons.dbcp.BasicDataSource" lazy-init="true" destroy-method="close">
+		<aop:scoped-proxy/>
+		<property name="driverClassName" value="${hibernate.connection.driver_class}" />
+		<property name="url" value="${hibernate.connection.url}"/>
+		<property name="username" value="${hibernate.connection.username}" />
+		<property name="password" value="${hibernate.connection.password}" />
+		<property name="testOnBorrow" value="true" />
+		<property name="validationQuery" value="SELECT 1" />
+	</bean>
+	
+
+	<bean id="jpaVendorAdapter" class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
+		<property name="showSql" value="true" />
+		<property name="generateDdl" value="${jpaVendorAdapter.generateDdl}" />
+<!-- 		<property name="generateDdl">
+			<bean class="java.lang.Boolean">
+				<constructor-arg value="${jpaVendorAdapter.generateDdl}"/>
+			</bean>
+		</property> --> 
+		<property name="databasePlatform" value="${hibernate.dialect}" />
+	</bean>
+		
+</beans>
+\ No newline at end of file
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-17 09:18:28 +0200
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2015-07-17 09:18:28 +0200
commit	98dbb23fa5dcd9518beb56fd2410667b385b5524 (patch)
tree	b95ad14a2401f553d72d6dc911814980689866b5
parent	d774a81910498c9ee1277c1611d57b07bf069fbd (diff)
download	moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.gz moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.tar.bz2 moa-id-spss-98dbb23fa5dcd9518beb56fd2410667b385b5524.zip