add code for SEMPER eIDAS extensions

author: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-12-13 08:54:02 +0100
committer: Thomas Lenz <tlenz@iaik.tugraz.at> 2019-12-13 08:54:02 +0100
commit: 38f60c2385cd47c320942fdc7c9eb158f0e320e0 (patch)
tree: 3269a16ff008242f214a3d1ded556392d6214324
parent: 31e23d3cedeecf980e39b9637237cb8f3d01ad9f (diff)
download: moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.tar.gz
moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.tar.bz2
moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.zip
22 files changed, 2038 insertions, 929 deletions
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java
index 19f865325..5ed237948 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/validation/AuthnRequestValidator.java
@@ -13,7 +13,7 @@ import org.springframework.stereotype.Service;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
-import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestValidator;
+import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor;
 import at.gv.egiz.eaaf.modules.pvp2.exception.NameIDFormatNotSupportedException;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.MandateAttributesNotHandleAbleException;
@@ -26,9 +26,9 @@ import at.gv.egovernment.moa.logging.Logger;
  *
  */
 @Service("MOAAuthnRequestValidator")
-public class AuthnRequestValidator implements IAuthnRequestValidator {
+public class AuthnRequestValidator implements IAuthnRequestPostProcessor {
 	
-	public void validate(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{
+	public void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authnReq, SPSSODescriptor spSSODescriptor) throws AuthnRequestValidatorException{
 
 		//validate NameIDPolicy
 		NameIDPolicy nameIDPolicy = authnReq.getNameIDPolicy();
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 748b6a247..2ba496dd7 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -58,5 +58,23 @@
       	<artifactId>junit</artifactId>
       	<scope>test</scope>
     </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf_core_utils</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>at.gv.egiz.eaaf</groupId>
+      <artifactId>eaaf-core</artifactId>
+      <scope>test</scope>
+      <type>test-jar</type>
+    </dependency>
+    <dependency>
+      <groupId>org.hamcrest</groupId>
+      <artifactId>hamcrest-library</artifactId>
+      <version>1.3</version>
+      <scope>test</scope>
+    </dependency>
   </dependencies>
 </project>
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java
index 19950a078..96c78abb4 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthConstants.java
@@ -27,6 +27,7 @@ import java.util.Collections;
 import java.util.List;
 
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.data.Trible;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 
@@ -60,6 +61,8 @@ public class EidasCentralAuthConstants {
 	public static final String CONFIG_PROPS_NODE_METADATAURL = CONFIG_PROPS_PREFIX + "node.metadataUrl";
 	public static final String CONFIG_PROPS_NODE_TRUSTPROFILEID = CONFIG_PROPS_PREFIX + "node.trustprofileID";	
 	
+	public static final String CONFIG_PROPS_SEMPER_MANDATES_ACTIVE = CONFIG_PROPS_PREFIX + "semper.mandates.active";
+	public static final String CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST = CONFIG_PROPS_PREFIX + "semper.msproxy.list";
 	
 	public static final String CONFIG_DEFAULT_LOA_EIDAS_LEVEL = EAAFConstants.EIDAS_LOA_HIGH;	
 	public static final List<Trible<String, String, Boolean>> DEFAULT_REQUIRED_PVP_ATTRIBUTES = 
@@ -81,6 +84,22 @@ public class EidasCentralAuthConstants {
 				}
 			});
 	
+	public static final List<Pair<String, Boolean>> DEFAULT_SEMPER_MANDATE_PVP_ATTRIBUTES = 
+      Collections.unmodifiableList(new ArrayList<Pair<String, Boolean>>() {
+        private static final long serialVersionUID = 1L;
+        {           
+          //request entity information
+          add(Pair.newInstance(PVPConstants.MANDATE_TYPE_NAME, false));
+          add(Pair.newInstance(PVPConstants.MANDATE_TYPE_OID_NAME, false));
+          
+          add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME, false));
+          add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME, false));
+          add(Pair.newInstance(PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME, false));
+          
+                    
+        }
+      });
+	
 	public static final List<String> DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES = 
 			Collections.unmodifiableList(new ArrayList<String>() {
 				private static final long serialVersionUID = 1L;
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java
index aad1244f1..2bb384c74 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/config/EidasCentralAuthMetadataConfiguration.java
@@ -334,7 +334,7 @@ public class EidasCentralAuthMetadataConfiguration implements IPVPMetadataBuilde
 	 * @param additionalAttr List of PVP attribute name and isRequired flag 
 	 */
 	public void setAdditionalRequiredAttributes(List<Pair<String, Boolean>> additionalAttr) {
-		if (additionalAttr != null) {
+		if (additionalAttr != null && !additionalAttr.isEmpty()) {
 			additionalAttributes = new ArrayList<RequestedAttribute>();
 			for (Pair<String, Boolean> el : additionalAttr) {
 				Attribute attributBuilder = PVPAttributeBuilder.buildEmptyAttribute(el.getFirst());
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
index a6a7084f5..a0c1fa30b 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/controller/EidasCentralAuthMetadataController.java
@@ -109,9 +109,17 @@ public class EidasCentralAuthMetadataController extends AbstractController {
 	}
 
 	private List<Pair<String, Boolean>> getAdditonalRequiredAttributes() {
-		Map<String, String> addReqAttributes = authConfig.getBasicConfigurationWithPrefix(EidasCentralAuthConstants.CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST);
-		if (addReqAttributes != null) {
-			List<Pair<String, Boolean>> result = new ArrayList<Pair<String, Boolean>>();
+	  List<Pair<String, Boolean>> result = new ArrayList<Pair<String, Boolean>>();
+	  
+	  //load SEMPER attributes if required
+	  if (authConfig.getBasicConfigurationBoolean(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) {
+	    result.addAll(EidasCentralAuthConstants.DEFAULT_SEMPER_MANDATE_PVP_ATTRIBUTES);
+	      
+	  }
+	  
+	  //load attributes from configuration
+	  Map<String, String> addReqAttributes = authConfig.getBasicConfigurationWithPrefix(EidasCentralAuthConstants.CONFIG_PROPS_REQUIRED_PVP_ATTRIBUTES_LIST);		
+		if (addReqAttributes != null) {			
 			for (String el : addReqAttributes.values()) {
 				if (MiscUtil.isNotEmpty(el)) {
 					Logger.trace("Parse additional attr. definition: " + el);
@@ -123,12 +131,12 @@ public class EidasCentralAuthMetadataController extends AbstractController {
 						Logger.info("IGNORE additional attr. definition: " + el
 								+ " Reason: Format not valid");
 				}				
-			}
-			
-			return result;
+			}			
 		}
 				
-		return null;
+		return result;
+				
+
 	}
 		
 }
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java
new file mode 100644
index 000000000..222ba812c
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessor.java
@@ -0,0 +1,151 @@
+package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper;
+
+import java.util.List;
+import java.util.Map;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.saml2.metadata.SPSSODescriptor;
+import org.opensaml.xml.XMLObject;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.ExtendedPVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
+import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttributes;
+import at.gv.egiz.eaaf.modules.pvp2.api.validation.IAuthnRequestPostProcessor;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
+import at.gv.egovernment.moa.id.commons.MOAIDConstants;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class AuthnRequestSemperProcessor implements IAuthnRequestPostProcessor {
+    
+  @Autowired IConfiguration authConfig;
+  
+  @Override
+  public void process(HttpServletRequest httpReq, IRequest pendingReq, AuthnRequest authReq,
+      SPSSODescriptor spSsoDescriptor) throws AuthnRequestValidatorException {    
+    if (authConfig.getBasicConfigurationBoolean(
+        EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false) 
+        && isSpAllowed(authReq)) { 
+      
+      Logger.debug("SEMPER mode detected. Starting SP-Info extraction from requested attributes ...");
+      extractRequestedAttributeInformation(authReq, pendingReq);
+                       
+    } else {
+      Logger.trace("Skip: " + AuthnRequestSemperProcessor.class.getSimpleName() + " because is's not active or not allowed");
+      
+    }
+
+  }
+  
+  private boolean isSpAllowed(AuthnRequest authReq) {
+    String csvOfAllowedProxies = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST);
+    List<String> allowedProxies = KeyValueUtils.getListOfCSVValues(csvOfAllowedProxies);
+    Logger.trace("Validate SP-EntityId: " + authReq.getIssuer().getValue() 
+        + " with allowed MS-Proxies: [" + StringUtils.join(allowedProxies, ", ") + "]");    
+    return allowedProxies.contains(authReq.getIssuer().getValue());
+       
+  }
+
+
+  private void extractRequestedAttributeInformation(AuthnRequest authnReq, IRequest pendingReq) throws AuthnRequestValidatorException {
+    // validate and process requested attributes
+    boolean hasValidBpkTarget = false;
+    if (authnReq.getExtensions() != null) {
+      final List<XMLObject> requestedAttributes = authnReq.getExtensions().getUnknownXMLObjects();
+      for (final XMLObject reqAttrObj : requestedAttributes) {
+        if (reqAttrObj instanceof EAAFRequestedAttributes) {
+          final EAAFRequestedAttributes reqAttr = (EAAFRequestedAttributes) reqAttrObj;
+          if (reqAttr.getAttributes() != null && reqAttr.getAttributes().size() != 0) {
+            for (final EAAFRequestedAttribute el : reqAttr.getAttributes()) {
+              Logger.trace("Processing req. attribute '" + el.getName() + "' ... ");           
+              if (el.getName().equals(PVPAttributeDefinitions.EID_SECTOR_FOR_IDENTIFIER_NAME)) {
+                hasValidBpkTarget = extractBpkTarget(el, pendingReq);
+              
+              } else if (el.getName().equals(ExtendedPVPAttributeDefinitions.SP_USESMANDATES_NAME )) {
+                extractMandateProfiles(el, pendingReq);
+                              
+              } else {
+                Logger.debug("Ignore req. attribute: " + el.getName());
+              }
+  
+            }
+  
+          } else {
+            Logger.debug("No requested Attributes in Authn. Request");
+          }
+  
+        } else {
+          Logger.info("Ignore unknown requested attribute: " + reqAttrObj.getElementQName().toString());
+        }
+  
+      }
+    }
+
+    if (!hasValidBpkTarget) {
+      Logger.info("Authn.Req validation FAILED. Reason: Contains NO or NO VALID target-sector information.");
+      throw new AuthnRequestValidatorException("pvp2.22", new Object[] {
+          "NO or NO VALID target-sector information" });
+
+    }
+    
+  }
+  
+  private void extractMandateProfiles(EAAFRequestedAttribute el, IRequest pendingReq) {
+    if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
+      final String profiles = el.getAttributeValues().get(0).getDOM().getTextContent();
+      Map<String, String> configProps = pendingReq.getServiceProviderConfiguration().getFullConfiguration();     
+      Logger.debug("Set MandateProfiles to: " + profiles);
+      configProps.put(
+          MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_USE,
+          String.valueOf(true));
+      configProps.put(
+          MOAIDConfigurationConstants.SERVICE_AUTH_MANDATES_OVS_PROFILES,
+          profiles);        
+                  
+    } else {
+      Logger.info("Req. attribute '" + el.getName()
+          + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
+    }
+        
+  }
+
+
+  private boolean extractBpkTarget(final EAAFRequestedAttribute el, IRequest pendingReq) {
+    if (el.getAttributeValues() != null && el.getAttributeValues().size() == 1) {
+      final String sectorId = el.getAttributeValues().get(0).getDOM().getTextContent();                
+      Map<String, String> configProps = pendingReq.getServiceProviderConfiguration().getFullConfiguration();                 
+      if (sectorId.startsWith(EAAFConstants.URN_PREFIX_EIDAS)) {
+        Logger.debug("Set eIDAS target to: " + sectorId);
+        configProps.put(
+            MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_TYPE, 
+            MOAIDConstants.IDENIFICATIONTYPE_EIDAS);
+        configProps.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_BUSINESS_VALUE, 
+            sectorId.substring(EAAFConstants.URN_PREFIX_EIDAS.length()));                  
+        return true;  
+          
+      } else {
+        Logger.info("Requested sector: " + sectorId + " DOES NOT match to allowed sectors for SP: "
+            + pendingReq.getServiceProviderConfiguration().getUniqueIdentifier());
+        
+      }
+
+    } else {
+      Logger.info("Req. attribute '" + el.getName()
+          + "' contains NO or MORE THEN ONE attribute-values. Ignore full req. attribute");
+    }
+
+    return false;
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
index f3eaff11a..7f44c4deb 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
@@ -23,6 +23,7 @@
 package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.tasks;
 
 import java.io.IOException;
+import java.util.Arrays;
 import java.util.Set;
 
 import javax.servlet.http.HttpServletRequest;
@@ -64,6 +65,7 @@ import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentral
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -194,7 +196,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 				throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING});
 				
 			}
-			
+						
 			//copy attributes into MOASession
 			AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
 			Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
@@ -207,12 +209,32 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			
 			//set foreigner flag
 			session.setForeigner(true);
+			
+			//set CCE URL
 			if (extractor.getFullAssertion().getIssuer() != null && 
 					StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue()))
 				session.setBkuURL(extractor.getFullAssertion().getIssuer().getValue());
 			else
 				session.setBkuURL("eIDAS_Authentication");
 			
+	     if (authConfig.getBasicConfigurationBoolean(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, false)) {
+	        if (extractor.containsAttribute(PVPConstants.MANDATE_TYPE_NAME)) {
+	          Logger.trace("Check attributes in SEMPER eIDAS mode.");
+	          if (!extractor.containsAllRequiredAttributes(Arrays.asList(
+	              PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_NAME,
+	              PVPConstants.MANDATE_LEG_PER_SOURCE_PIN_TYPE_NAME,
+	              PVPConstants.MANDATE_LEG_PER_FULL_NAME_NAME))) {
+	            Logger.warn("PVP Response from 'ms-specific eIDAS node' contains not all required attributes for eIDAS SEMPER process.");
+	            throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING});
+	            
+	          }
+	          
+	          Logger.info("SEMPER mode is active and mandates are found. Activing mandates for eIDAS login ... ");
+	          session.setUseMandates(true);
+	                    
+	        }                  
+	      }
+			
 												
 		} catch (AssertionValidationExeption e) {
 			throw new BuildException("builder.06", null, e);
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml
index f57d4a94b..baf7e84b5 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/resources/moaid_eIDAS_central_node_auth.beans.xml
@@ -31,6 +31,10 @@
 	<bean 	id="pvpAuthnRequestBuilder"
 				class="at.gv.egiz.eaaf.modules.pvp2.sp.impl.PVPAuthnRequestBuilder" />
 	
+    <bean   id="semperAuthnRequestPostProcessor"
+            class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.AuthnRequestSemperProcessor" />
+  
+  
 <!-- Federated Authentication Process Tasks -->
 	<bean id="CreateEidasCentrialAuthnRequestTask" 
 				class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.tasks.CreateAuthnRequestTask"
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java
new file mode 100644
index 000000000..9b0ebf88c
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/AuthnRequestSemperProcessorTest.java
@@ -0,0 +1,348 @@
+package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper;
+
+import static org.hamcrest.collection.IsIterableContainingInOrder.contains;
+import static org.junit.Assert.assertThat;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.opensaml.saml2.core.AuthnRequest;
+import org.opensaml.xml.ConfigurationException;
+import org.opensaml.xml.io.Unmarshaller;
+import org.opensaml.xml.io.UnmarshallerFactory;
+import org.opensaml.xml.io.UnmarshallingException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.annotation.DirtiesContext.ClassMode;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Element;
+import org.xml.sax.SAXException;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AuthnRequestValidatorException;
+import at.gv.egiz.eaaf.core.impl.idp.conf.SPConfigurationImpl;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/SpringTest-context_basic_test.xml" })
+@DirtiesContext(classMode = ClassMode.BEFORE_CLASS)
+public class AuthnRequestSemperProcessorTest {
+
+  @Autowired DummyAuthConfigMap configMap;
+  @Autowired AuthnRequestSemperProcessor processor;
+  
+  private MockHttpServletRequest httpReq;
+  private MockHttpServletResponse httpResp;
+  private TestRequestImpl pendingReq;
+  
+  /**
+   * jUnit class initializer.
+   * @throws ConfigurationException In case of an OpenSAML error
+   * 
+   */
+  @BeforeClass
+  public static void classInitializer() throws ConfigurationException {
+    EAAFDefaultSAML2Bootstrap.bootstrap();
+    
+  }
+
+  /**
+   * jUnit test set-up.
+   * 
+   */
+  @Before 
+  public void initialize() {
+    configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, "true");
+    configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST, 
+        RandomStringUtils.randomAlphabetic(15) + ",https://demo.egiz.gv.at/ms_connector/sp/metadata");
+    
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/ms_connector");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    Map<String, String> spConfig = new HashMap<>();
+    spConfig.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, 
+        "https://demo.egiz.gv.at/ms_connector/sp/metadata");
+    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setAuthURL("https://localhost/ms_connector");
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(new OAAuthParameterDecorator(new SPConfigurationImpl(spConfig, configMap)));
+    
+  }
+  
+  @Test
+  public void semperModeNotSet() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+    configMap.removeConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE);    
+    
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());    
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());   
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void semperModeInactive() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+    configMap.putConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_ACTIVE, "false");    
+    
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());    
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());   
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void allowedSPsNotSet() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+    configMap.removeConfigValue(EidasCentralAuthConstants.CONFIG_PROPS_SEMPER_MANDATES_MS_PROXY_LIST);    
+    
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());    
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());   
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void nonValidSpEntityId() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+        
+    
+    pendingReq.getServiceProviderConfiguration().getFullConfiguration().put(
+        EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, 
+        "https://apps.egiz.gv.at/ms_connector/sp/metadata");
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_2.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());    
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());   
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void bPKTargetIsMissing_1() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_3.xml");
+    
+    try {
+      processor.process(httpReq, pendingReq, authReq , null);
+      Assert.fail("No bPK target not detected");
+      
+    } catch (AuthnRequestValidatorException e) {
+      Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void bPKTargetIsMissing_2() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_4.xml");
+    
+    try {
+      processor.process(httpReq, pendingReq, authReq , null);
+      Assert.fail("No bPK target not detected");
+      
+    } catch (AuthnRequestValidatorException e) {
+      Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void bPKTargetIsMissing_3() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_5.xml");
+    
+    try {
+      processor.process(httpReq, pendingReq, authReq , null);
+      Assert.fail("No bPK target not detected");
+      
+    } catch (AuthnRequestValidatorException e) {
+      Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void noRequestedAttributes() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_9.xml");
+    
+    try {
+      processor.process(httpReq, pendingReq, authReq , null);
+      Assert.fail("No bPK target not detected");
+      
+    } catch (AuthnRequestValidatorException e) {
+      Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void noSAML2ExtentsionElement() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_10.xml");
+    
+    try {
+      processor.process(httpReq, pendingReq, authReq , null);
+      Assert.fail("No bPK target not detected");
+      
+    } catch (AuthnRequestValidatorException e) {
+      Assert.assertEquals("ErrorMessage", "pvp2.22", e.getErrorId());
+      
+    }        
+  }
+  
+  @Test
+  public void validSpEntityIdNoMandateProfiles() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_6.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());
+    Assert.assertEquals("SP target not match",  "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier());
+    
+
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());    
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void validSpEntityIdNotValidMandateProfiles_1() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_7.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());
+    Assert.assertEquals("SP target not match",  "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier());
+    
+
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());    
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void validSpEntityIdNotValidMandateProfiles_2() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_8.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());
+    Assert.assertEquals("SP target not match",  "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier());
+    
+
+    Assert.assertFalse("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());    
+    Assert.assertNull("Mandate profiles", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    
+  }
+  
+  @Test
+  public void validSpEntityIdWithMandateProfiles() throws ParserConfigurationException, SAXException, IOException, UnmarshallingException, AuthnRequestValidatorException {
+        
+    AuthnRequest authReq = getAuthRequest("/data/pvp2_authn_1.xml");
+    
+    processor.process(httpReq, pendingReq, authReq , null);
+    
+    ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();
+    Assert.assertNotNull("SP config is null", spConfig);
+    org.springframework.util.Assert.isInstanceOf(OAAuthParameterDecorator.class, 
+        spConfig, "SP config is NOT of type MOA-ID SP Config");
+    
+    Assert.assertNotNull("SP target is null", spConfig.getAreaSpecificTargetIdentifier());
+    Assert.assertEquals("SP target not match",  "urn:publicid:gv.at:eidasid+AT+EE", spConfig.getAreaSpecificTargetIdentifier());
+    
+
+    Assert.assertTrue("UseMandates flag", ((OAAuthParameterDecorator)spConfig).isShowMandateCheckBox());
+    
+    Assert.assertNotNull("Mandate profiles are null", ((OAAuthParameterDecorator)spConfig).getMandateProfiles());    
+    Assert.assertEquals("Number of mandate profiles not match",  3, ((OAAuthParameterDecorator)spConfig).getMandateProfiles().size());
+    assertThat("Mandate profiles not match", ((OAAuthParameterDecorator)spConfig).getMandateProfiles(), 
+        contains("Einzelvertretungsbefugnis", "1.2.40.0.10.1.7.3.1.1", "ERsB"));
+    
+  }
+  
+  private AuthnRequest getAuthRequest(String resource) throws 
+      ParserConfigurationException, SAXException, IOException, UnmarshallingException {
+   final Element authBlockDom =
+       DOMUtils.parseXmlValidating(AuthnRequestSemperProcessor.class.getResourceAsStream(resource));
+
+   final UnmarshallerFactory unmarshallerFactory =
+       org.opensaml.xml.Configuration.getUnmarshallerFactory();
+   final Unmarshaller unmarshaller = unmarshallerFactory.getUnmarshaller(authBlockDom);
+   return (AuthnRequest) unmarshaller.unmarshall(authBlockDom);
+
+}
+}
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java
new file mode 100644
index 000000000..1cc51f2e0
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/semper/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+  private Map<String, String> config = new HashMap<>();
+  
+  public DummyAuthConfigMap() {
+    
+  }
+  
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param configIs Property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(configIs);
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param path Path to property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final String path) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(this.getClass().getResourceAsStream(path));
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+
+  @Override
+  public String getBasicConfiguration(final String key) {
+    return config.get(key);
+
+  }
+
+  @Override
+  public String getBasicConfiguration(final String key, final String defaultValue) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return defaultValue;
+    } else {
+      return value;
+    }
+
+  }
+
+  @Override
+  public Boolean getBasicConfigurationBoolean(final String key) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return false;
+    } else {
+      return Boolean.valueOf(value);
+    }
+  }
+
+  @Override
+  public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+    return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+  }
+
+  @Override
+  public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+    return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+  }
+
+  @Override
+  public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public URI getConfigurationRootDirectory() {
+    return new java.io.File(".").toURI();
+
+  }
+
+  @Override
+  public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+    return null;
+  }
+
+  public void putConfigValue(final String key, final String value) {
+    config.put(key, value);
+  }
+
+  public void removeConfigValue(final String key) {
+    config.remove(key);
+
+  }
+
+
+}
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml
new file mode 100644
index 000000000..18900c27d
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/SpringTest-context_basic_test.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xmlns:context="http://www.springframework.org/schema/context"
+  xmlns:tx="http://www.springframework.org/schema/tx"
+  xmlns:aop="http://www.springframework.org/schema/aop"
+  xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+    http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+    http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+    http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+  <context:annotation-config />
+
+  <bean   id="semperAuthnRequestPostProcessor"
+          class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.AuthnRequestSemperProcessor" />
+
+  <bean   id="dummyConfig"
+          class="at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.semper.DummyAuthConfigMap" />
+
+</beans>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml
new file mode 100644
index 000000000..f6c6b26ee
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_1.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml
new file mode 100644
index 000000000..1d52986fc
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_10.xml
@@ -0,0 +1,33 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml
new file mode 100644
index 000000000..c5b634539
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_2.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://apps.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml
new file mode 100644
index 000000000..d79caa0fe
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_3.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml
new file mode 100644
index 000000000..c04a97a7f
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_4.xml
@@ -0,0 +1,43 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string"></eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml
new file mode 100644
index 000000000..339514323
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_5.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+XX</eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml
new file mode 100644
index 000000000..8a046363c
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_6.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml
new file mode 100644
index 000000000..502619e94
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_7.xml
@@ -0,0 +1,44 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">Einzelvertretungsbefugnis,1.2.40.0.10.1.7.3.1.1,ERsB</eid:AttributeValue>
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml
new file mode 100644
index 000000000..ff667168a
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_8.xml
@@ -0,0 +1,42 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+    <eid:RequestedAttributes xmlns:eid="http://eid.gv.at/eID/attributes/saml-extensions">
+      <eid:RequestedAttribute FriendlyName="EID-SECTOR-FOR-IDENTIFIER" Name="urn:oid:1.2.40.0.10.2.1.1.261.34" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+        <eid:AttributeValue xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="xs:string">urn:publicid:gv.at:eidasid+AT+EE</eid:AttributeValue>
+      </eid:RequestedAttribute>
+      <eid:RequestedAttribute FriendlyName="ServiceProvider-MandateProfiles" Name="urn:eidgvat:attributes.ServiceProviderMandateProfiles" NameFormat="urn:oasis:names:tc:SAML:2.0:attrname-format:uri" isRequired="true">
+      </eid:RequestedAttribute>
+    </eid:RequestedAttributes>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml
new file mode 100644
index 000000000..5506b2f31
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/test/resources/data/pvp2_authn_9.xml
@@ -0,0 +1,35 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml2p:AuthnRequest xmlns:saml2p="urn:oasis:names:tc:SAML:2.0:protocol" AssertionConsumerServiceIndex="0" Destination="https://vidp.gv.at/ms_connector/pvp/post" ID="_5f6e9aff8ff6fa4b84e888bf99400f95" IsPassive="false" IssueInstant="2019-12-13T06:42:21.185Z" ProviderName="OpenID Connect Demo" Version="2.0" xmlns:xs="http://www.w3.org/2001/XMLSchema">
+  <saml2:Issuer xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:entity">https://demo.egiz.gv.at/ms_connector/sp/metadata</saml2:Issuer>
+  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
+    <ds:SignedInfo>
+      <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+      <ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
+      <ds:Reference URI="#_5f6e9aff8ff6fa4b84e888bf99400f95">
+        <ds:Transforms>
+          <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+          <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
+            <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="xs"/>
+          </ds:Transform>
+        </ds:Transforms>
+        <ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
+        <ds:DigestValue>mOljEGj9lBXPvJbT3biANFlsYGLrKtcaoHTNDmjRuko=</ds:DigestValue>
+      </ds:Reference>
+    </ds:SignedInfo>
+    <ds:SignatureValue>ARMTDwMGYMJteX/wjLqtONtFoHWc34gd6KKkgxnWe17xrUns1gHo/wDnKhvyG6kNtUZgfrebbdNA5Z4XZC+wiGkeZggKXaPdxAKco9amauuwSwoK8C556bQFA0F7yEjhypZGZxCoEMhS+hDKN+r/Pgh5QxkTgYi5DJXK6tIYgewt41k1YOAtrhr/RbyqvlFLvdZig2Sr8eotsCfATmics6NXeHGJV2ajaFITmNZd09exAoe4oi0zk2DUOUc2611bPW+4wrAb4F0iB4sPGxngfKArdMeJ8Ybh4nnA0WncwwJ2WMVu4CF87cWQKU1VIIPTisJjSN5pFXnm6wMQQUZu1A==</ds:SignatureValue>
+    <ds:KeyInfo>
+      <ds:X509Data>
+        <ds:X509Certificate>MIIDKzCCAhMCBFrxKO4wDQYJKoZIhvcNAQELBQAwWjELMAkGA1UEBhMCQVQxDTALBgNVBAoMBEVH SVoxGDAWBgNVBAsMD2RlbW8uZWdpei5ndi5hdDEiMCAGA1UEAwwZTU9BLUlEIElEUCAoVGVzdC1W ZXJzaW9uKTAeFw0xODA1MDgwNDM0NTRaFw0yMTAxMzEwNDM0NTRaMFoxCzAJBgNVBAYTAkFUMQ0w CwYDVQQKDARFR0laMRgwFgYDVQQLDA9kZW1vLmVnaXouZ3YuYXQxIjAgBgNVBAMMGU1PQS1JRCBJ RFAgKFRlc3QtVmVyc2lvbikwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCaFnqoaYoq UptenemC6FiVDg5F2hEjpjix8+ow6/6QhUl2cPOS0uwZHaIvwT/RVbJ9CPdil6+11qaCPfZ+FoY+ M+ke7TRd2RS1DqFbe1KC0imEnwemyLQrYe5Pm7DNcaY/kHTTq+k0eeGbYH0U/Iopyi0VuN5OWl4F Vg45pf7knhXkaimItdjnCXnKcYM91mmltCf6TDgUrz7US7PmgvinnhfBgdITAT4GRr4ehliT+/jt 1OzHEyWRHanBGIpXNeZNqxgnpnGtaDh4JZuYR8qfH+GRK6dtW2ziej6rGIiUElGVCkXsohgxMNzq nWeD9JT8+yyp1XZlyQf+IxhhESQLAgMBAAEwDQYJKoZIhvcNAQELBQADggEBAIFejAFQepaEl/kC VLvidMR+MXq5LCGHthUiI6eDTQZ+H7lZdHlj547XwEdX15b6Md3h7eSJ4hwlfV4go/0FaoLPzvVq itwtYY5htywB3B6ZV34Eyi6C59Gl34XrV8CWxH4KKwLsVAjAy+/p/Xh0q2pzSBkeOChzBMBkjmyc 2Ue4MEKdL9guzp6+Yc/HL/phHAKYapkVyFwvsdqWOgyRzxAHINko8ExImMMB3xB5a52kfqLcui5O fzEhjwLFJaGBMmFCmFGGOUwtIvl/6ZQ2LLzOE9+giVK9WsIgH11Pu+ejPFAbXf8cf4oWhbAfTkiy 4jpXrp77JXFRSDWddb0yePc=</ds:X509Certificate>
+      </ds:X509Data>
+    </ds:KeyInfo>
+  </ds:Signature>
+  <saml2p:Extensions>
+  </saml2p:Extensions>
+  <saml2p:NameIDPolicy AllowCreate="true" Format="urn:oasis:names:tc:SAML:2.0:nameid-format:persistent"/>
+  <saml2p:RequestedAuthnContext Comparison="minimum">
+    <saml2:AuthnContextClassRef xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion">http://eidas.europa.eu/LoA/low</saml2:AuthnContextClassRef>
+  </saml2p:RequestedAuthnContext>
+  <saml2p:Scoping>
+    <saml2p:RequesterID>https://demo.egiz.gv.at/demoportal-openID_demo</saml2p:RequesterID>
+  </saml2p:Scoping>
+</saml2p:AuthnRequest>
+\ No newline at end of file
diff --git a/pom.xml b/pom.xml
index e16484168..f5bfb5746 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,923 +1,899 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-    xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-    <modelVersion>4.0.0</modelVersion>
-    <groupId>MOA</groupId>
-    <artifactId>MOA</artifactId>
-    <packaging>pom</packaging>
-    <version>4.1.0</version>
-    <name>MOA</name>
-
-    <properties>
-        <repositoryPath>${basedir}/repository</repositoryPath>
-        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
-		
-			<!-- Project Version -->			
-			<moa-id-version>4.1.0</moa-id-version>
-			
-			<moa-id-version-final>4.1.0</moa-id-version-final>			
-			<moa-id-version-edu>4.1.0</moa-id-version-edu>			
-			
-			<moa-id-proxy-version>2.0.1</moa-id-proxy-version>
-			
-			<configtool-version>3.0.1</configtool-version>
-			<demo-oa-version>2.0.6</demo-oa-version>
-			
-			<moa-id-module-elga_mandate_client>1.3.2</moa-id-module-elga_mandate_client>
-
-			<!-- =================================================================================== -->
-			<egiz-spring-api.version>0.3</egiz-spring-api.version>
-			<egiz.eaaf.version>1.0.13.1</egiz.eaaf.version>							
-			<org.springframework.version>5.2.2.RELEASE</org.springframework.version>
-			<org.springframework.data.spring-data-jpa>2.2.3.RELEASE</org.springframework.data.spring-data-jpa>
-			<org.springframework.data.spring-data-redis>2.2.3.RELEASE</org.springframework.data.spring-data-redis>
-			<surefire.version>2.22.0</surefire.version>		
-			
-			<jaxb.version>2.3.1</jaxb.version>
-			<jaxb-core.version>2.3.0.1</jaxb-core.version>
-			<guava.version>28.1-jre</guava.version>
-			
-			<opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016)-->
-			<org.opensaml.openws.version>1.5.6</org.opensaml.openws.version>
-			<xmltooling.version>1.4.6</xmltooling.version>
-			<xmlsec.version>2.1.3</xmlsec.version>
-			<jaxws-api.version>2.3.1</jaxws-api.version>
-			<jws-api.version>1.1</jws-api.version>
-			
-			<hibernate.version>5.4.3.Final</hibernate.version>
-			<org.apache.commons.commons.dbcp2>2.6.0</org.apache.commons.commons.dbcp2> 
-						
-			<cxf.version>3.3.4</cxf.version>			
-			<struts.version>2.5.22</struts.version> <!-- 2.5.10.1 -->
-			
-			<egovutils.version>2.0.0</egovutils.version>
-			
-			<slf4j.version>1.7.26</slf4j.version>						
-			
-			<httpclient.version>4.5.8</httpclient.version>
-			<httpcore.version>4.4.11</httpcore.version>
-			
-			<!-- Maybe problems with Hibernate 5.0.10 -->
-			<mysql-connector.java>8.0.16</mysql-connector.java>
-			<!-- <mysql-connector.java>5.1.40</mysql-connector.java> -->			
-						
-			<junit.version>4.12</junit.version>			
-			<org.apache.commons.io.version>2.6</org.apache.commons.io.version>
-			<org.apache.commons.lang3.version>3.9</org.apache.commons.lang3.version>
-			<org.apache.commons.collections4.version>4.3</org.apache.commons.collections4.version>
-			<org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version>
-			<org.apache.commons-text.version>1.6</org.apache.commons-text.version>
-			<jodatime.version>2.10.2</jodatime.version>
-			
-			<jackson-version>2.9.9</jackson-version>
-	    	<apache-cli-version>1.4</apache-cli-version>
-	    	<spring-orm-version>${org.springframework.version}</spring-orm-version>
-	   
-    </properties>
-
-    <profiles>
-        <profile>
-            <id>default</id>
-            <activation>
-                <activeByDefault>true</activeByDefault>
-                <property>
-                    <name>default</name>
-                </property>
-            </activation>
-            <modules>
-                <module>id</module>              
-            </modules>
-            <repositories>
-                <repository>
-                    <id>moaid_local</id>
-                    <name>local</name>
-                    <url>file:${basedir}/../../../repository</url>
-                </repository>
-<!--                 <repository>
-                    <id>hyberjaxb</id>
-                    <url>http://repository.highsource.org/maven2/releases/</url>
-                    <releases>
-                        <enabled>false</enabled>
-                    </releases>
-                </repository> -->
-                <repository>
-                    <id>egiz-shibboleth-mirror</id>
-                    <name>egiz-shibboleth-mirror</name>
-                    <url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
-                </repository>
-                <repository>
-                    <id>jboss</id>
-                    <url>https://repository.jboss.org/nexus/content/repositories/central/</url>
-                    <releases>
-                        <enabled>true</enabled>
-                    </releases>
-                </repository>
-                <repository>
-                    <id>egiz-commons</id>
-                    <url>https://apps.egiz.gv.at/maven/</url>
-                    <releases>
-                        <enabled>true</enabled>
-                    </releases>
-                </repository>
-                
-            </repositories>
-        </profile>
-    </profiles>
-    
-    <build>
-    	<pluginManagement>
-    		<plugins>
-    			<plugin>
-    				<artifactId>maven-release-plugin</artifactId>
-    				<version>2.5.1</version>
-    			</plugin>
-    		</plugins>
-    	</pluginManagement>
-        <plugins>
-<!--         		<plugin>
-            		<groupId>org.codehaus.mojo</groupId>
-            		<artifactId>properties-maven-plugin</artifactId>
-            		<version>1.0-alpha-2</version>
-            		<executions>
-                		<execution>
-                    		<phase>initialize</phase>
-                    		<goals>
-                        		<goal>read-project-properties</goal>
-                    		</goals>
-                    		<configuration>
-    	                   		<files>
-		                            <file>${basedir}/moa-id.properties</file>
-      		                  </files>
-          		          </configuration>
-              		  </execution>
-            		</executions>
-        		</plugin> -->
-        		<plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-surefire-plugin</artifactId>
-                <version>${surefire.version}</version>
-                <configuration>
-                	<excludes>
-                		<exclude>eu/stork/peps/test/simple/SimpleBaseTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkAuthRequestTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkLogoutRequestTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkLogoutResponseTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkNewResponseTest.java</exclude>
-                		<exclude>eu/stork/peps/test/simple/StorkResponseTest.java</exclude>
-                		<exclude>test/MOAIDTestCase.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/MOATestCase.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/UnitTestCase.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/invoke/IdentityLinkAssertionParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLArtifactBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/SPSSTestCase.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/TransformParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParserTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImplTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfiguratorTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvokerTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactoryTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/invoke/TransformationFactoryTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvokerTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvokerTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/spss/server/tools/CertToolTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/DOMUtilsTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/SSLUtilsTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/URLDecoderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/URLEncoderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java</exclude>
-                		<exclude>test/at/gv/egovernment/moa/util/XPathUtilsTest.java</exclude>
-                	</excludes>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-compiler-plugin</artifactId>
-                <version>3.6.1</version>
-                <configuration>
-                    <verbose>false</verbose>
-                    <fork>true</fork>
-                    <executable>${env.BUILD_EXECUTEABLE}</executable>
-                    <compilerVersion>${env.BUILD_VERSION}</compilerVersion>
-                    <encoding>${project.build.sourceEncoding}</encoding>
-                    <source>1.8</source>
-                    <target>1.8</target>
-                </configuration>
-            </plugin>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-jar-plugin</artifactId>
-                <version>3.1.2</version>
-                <configuration>
-                    <archive>
-                        <manifest>
-                            <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
-                        </manifest>
-                    </archive>
-                </configuration>
-            </plugin>
-            <plugin>
-                <inherited>false</inherited>
-                <artifactId>maven-assembly-plugin</artifactId>
-                <!-- <version>2.2-beta-1</version> --> 
-                <version>2.2.2</version>
-                <!-- TODO Update Version 2.2-beta-1 for MOA-SPSS -->
-                <configuration>
-                    <finalName>moa</finalName>
-                    <encoding>UTF-8</encoding>
-                    <descriptors>
-                        <descriptor>id/assembly-auth-final.xml</descriptor>
-                        <descriptor>id/assembly-auth-edu.xml</descriptor>
-                        <descriptor>id/assembly-proxy.xml</descriptor>   
-                                              
-<!--                         <descriptor>spss/assembly.xml</descriptor>
-                        <descriptor>spss/assembly-lib.xml</descriptor> -->
-                    </descriptors>
-                </configuration>
-            </plugin>
-            
-            <plugin>
-            	<groupId>org.codehaus.mojo</groupId>
-    			<artifactId>versions-maven-plugin</artifactId>
-    			<version>2.7</version>
-            </plugin>
-            
-            		            <!-- Vulnerability checks -->
-<!--             <plugin>
-              <groupId>org.owasp</groupId>
-              <artifactId>dependency-check-maven</artifactId>
-              <version>1.2.5</version>
-              <executions>
-                  <execution>
-                  	<phase>verify</phase>
-                    <goals>
-                    	<goal>check</goal>
-                    </goals>
-                  </execution>
-              </executions>
-            </plugin> -->
-            
-        </plugins>
-        
-    </build>
-
-    <reporting>
-        <plugins>
-            <plugin>
-                <groupId>org.apache.maven.plugins</groupId>
-                <artifactId>maven-javadoc-plugin</artifactId>
-                <configuration>
-                    <excludePackageNames>test.*</excludePackageNames>
-                    <failOnError>false</failOnError>
-                </configuration>
-            </plugin>
-        </plugins>
-    </reporting>
-
-    <dependencyManagement>
-        <dependencies>
-
-					<dependency>
-						<groupId>org.apache.commons</groupId>
-						<artifactId>commons-dbcp2</artifactId>
-						<version>${org.apache.commons.commons.dbcp2}</version>
-					</dependency>
-			<dependency>
-  				<groupId>org.opensaml</groupId>
-  				<artifactId>opensaml</artifactId>
-  				<version>${opensaml.version}</version>
-  			</dependency>  		
-			<dependency>
-				<groupId>org.opensaml</groupId>
-				<artifactId>xmltooling</artifactId>
-				<version>${xmltooling.version}</version>
-			</dependency>
-			<dependency>
-				<groupId>org.opensaml</groupId>
-				<artifactId>openws</artifactId>
-				<version>${org.opensaml.openws.version}</version>
-			</dependency>
-			<dependency>
-				<groupId>org.apache.santuario</groupId>
-				<artifactId>xmlsec</artifactId>
-				<version>${xmlsec.version}</version>
-			</dependency>
-			
-			<dependency>
-    			<groupId>javax.xml.ws</groupId>
-    			<artifactId>jaxws-api</artifactId>
-    			<version>${jaxws-api.version}</version>
-			</dependency>
-			<dependency>
-    			<groupId>javax.jws</groupId>
-    			<artifactId>javax.jws-api</artifactId>
-    			<version>${jws-api.version}</version>
-			</dependency>
-			
-
-		<dependency>
-			<groupId>com.google.guava</groupId>
-			<artifactId>guava</artifactId>
-			<version>${guava.version}</version>
-		</dependency>
-
-    	<dependency>
-        	<groupId>org.apache.cxf</groupId>
-        	<artifactId>cxf-rt-frontend-jaxws</artifactId>
-        	<version>${cxf.version}</version>
-    	</dependency>
-    	<dependency>
-        	<groupId>org.apache.cxf</groupId>
-        	<artifactId>cxf-rt-transports-http</artifactId>
-        	<version>${cxf.version}</version>
-    	</dependency>
-
-				<dependency>
-					<groupId>commons-collections</groupId>
-					<artifactId>commons-collections</artifactId>
-					<version>${org.apache.commons.collections3.version}</version>
-				</dependency>
-
-		<dependency>
-    		<groupId>org.apache.commons</groupId>
-    		<artifactId>commons-text</artifactId>
-    		<version>${org.apache.commons-text.version}</version>
-		</dependency>
-
-        <dependency>
-            <groupId>org.apache.struts</groupId>
-            <artifactId>struts2-core</artifactId>
-            <version>${struts.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.apache.struts</groupId>
-            <artifactId>struts2-json-plugin</artifactId>
-            <version>${struts.version}</version>
-        </dependency>
-
-        <dependency>
-            <groupId>at.gv.util</groupId>
-            <artifactId>egovutils</artifactId>
-            <version>${egovutils.version}</version>
-        </dependency>
-
-    	<dependency>
-    		<groupId>at.gv.egiz.components</groupId>
-    		<artifactId>egiz-spring-api</artifactId>
-    		<version>${egiz-spring-api.version}</version>
-    	</dependency>
-
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>slf4j-api</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>jcl-over-slf4j</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-            <groupId>org.slf4j</groupId>
-            <artifactId>jul-to-slf4j</artifactId>
-            <version>${slf4j.version}</version>
-        </dependency>
-        <dependency>
-						<groupId>org.slf4j</groupId>
-						<artifactId>slf4j-log4j12</artifactId>
-						<version>${slf4j.version}</version>
-				</dependency>
-		 
-            <dependency>
-                <groupId>jaxen</groupId>
-                <artifactId>jaxen</artifactId>
-                <version>1.1.6</version>
-            </dependency>
-            <dependency>
-                <groupId>saxpath</groupId>
-                <artifactId>saxpath</artifactId>
-                <version>1.0-FCS</version>
-                <scope>compile</scope> 
-            </dependency>
-
- 						<dependency>
-							<groupId>org.apache.logging.log4j</groupId>
-							<artifactId>log4j-core</artifactId>
-							<version>2.5</version>
-						</dependency>            					
-            					
-    				<dependency>
-    					<groupId>org.apache.httpcomponents</groupId>
-    					<artifactId>httpclient</artifactId>
-    					<version>${httpclient.version}</version>
-						</dependency>            					
-            
-            <dependency>
-    						<groupId>org.apache.httpcomponents</groupId>
-    						<artifactId>httpcore</artifactId>
-    						<version>${httpcore.version}</version>
-						</dependency>
-            
-						<dependency>
-							<groupId>org.postgresql</groupId>
-							<artifactId>postgresql</artifactId>
-							<version>9.3-1102-jdbc41</version>
-						</dependency>
-
-            <dependency>
-                <groupId>javax.mail</groupId>
-                <artifactId>mail</artifactId>
-                <version>1.4.7</version>
-            </dependency>
-            <dependency>
-                <groupId>commons-fileupload</groupId>
-                <artifactId>commons-fileupload</artifactId>
-                <version>1.3.3</version>
-            </dependency>
-            <dependency>
-               <groupId>commons-httpclient</groupId>
-               <artifactId>commons-httpclient</artifactId>
-               <version>3.1</version>
-            </dependency>           
-            <dependency>
-                <groupId>dav4j</groupId>
-                <artifactId>dav4j</artifactId>
-                <version>0.1</version>
-                <scope>compile</scope>
-            </dependency>
-            <dependency>
-                <groupId>httpsclient</groupId>
-                <artifactId>httpsclient</artifactId>
-                <version>JSSE-1.0</version>
-                <scope>compile</scope>
-            </dependency>
-<!--              <dependency>
-                <groupId>regexp</groupId>
-                <artifactId>regexp</artifactId>
-                <version>1.3</version>
-            </dependency> -->
-
-
-<!-- 						<dependency>
-							<groupId>org.bouncycastle</groupId>
-							<artifactId>bcprov-jdk16</artifactId>
-							<version>1.46</version>
-						</dependency> -->
-
-						<dependency>
-							<groupId>at.gv.egiz.eaaf</groupId>
-  							<artifactId>eaaf_core_api</artifactId>
-  							<version>${egiz.eaaf.version}</version>
-						</dependency>
-						<dependency>
-	    					<groupId>at.gv.egiz.eaaf</groupId>
-	  						<artifactId>eaaf-core</artifactId>
-	  						<version>${egiz.eaaf.version}</version>
-	  					</dependency>
-	  					<dependency>
-							<groupId>at.gv.egiz.eaaf</groupId>
-  							<artifactId>eaaf-core</artifactId>
-  							<type>test-jar</type>
-  							<version>${egiz.eaaf.version}</version>
-  							<scope>test</scope>
-						</dependency>
-	  					<dependency>
-	  						<groupId>at.gv.egiz.eaaf</groupId>
-  							<artifactId>eaaf_module_pvp2_idp</artifactId>
-  							<version>${egiz.eaaf.version}</version>
-  						</dependency>
-  						<dependency> 
-							<groupId>at.gv.egiz.eaaf</groupId>
-  							<artifactId>eaaf_module_pvp2_sp</artifactId>
-  							<version>${egiz.eaaf.version}</version>
-						</dependency>  							
-						<dependency>
-        					<groupId>at.gv.egiz.eaaf</groupId>
-        					<artifactId>eaaf_module_pvp2_core</artifactId>
-        					<version>${egiz.eaaf.version}</version>
-        				</dependency>
-        				<dependency>
-        					<groupId>at.gv.egiz.eaaf</groupId>
-	  						<artifactId>eaaf_module_auth_sl20</artifactId>
-	  						<version>${egiz.eaaf.version}</version>
-        				</dependency>  							
-  							
-  							
-      					<dependency>
-							<groupId>MOA.id.server</groupId>
-							<artifactId>moa-id-spring-initializer</artifactId>
-							<version>${moa-id-version}</version>
-						</dependency>
-
-						<dependency>
-							<groupId>MOA.id.server</groupId>
-  						<artifactId>moa-id-frontend-resources</artifactId>
-  						<version>${moa-id-version}</version>
-						</dependency>
-
-						<dependency>
-							<groupId>MOA.id</groupId>
-							<artifactId>moa-spss-container</artifactId>
-  						<version>${moa-id-version}</version>
-  						<type>pom</type>
-						</dependency>
-						
-						
-						
-            <dependency>
-                <groupId>MOA.id.server</groupId>
-                <artifactId>moa-id-lib</artifactId>
-                <version>${moa-id-version}</version>
-                <scope>compile</scope>
-            </dependency>
-            <dependency>
-            	<groupId>MOA.id.server</groupId>
-            	<artifactId>moa-id-commons</artifactId>
-            	<version>${moa-id-version}</version>
-              <scope>compile</scope>
-        		</dependency>
-        		
-        		<dependency>
-    					<groupId>MOA.id.server</groupId>
-    					<artifactId>moa-id-jaxb_classes</artifactId>
-    					<version>${moa-id-version}</version>
-    				</dependency>
-        		
-        		<dependency>
-  						<groupId>MOA.id.server</groupId>
-  						<artifactId>moa-id-lib</artifactId>
-  						<version>${moa-id-version}</version>
-  						<scope>test</scope>
-  						<type>test-jar</type>
-  					</dependency>
-               		
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-stork</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>            
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-monitoring</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-saml1</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-openID</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-modul-citizencard_authentication</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-eIDAS</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-pvp2</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency> 
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-modules-federated_authentication</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency> 
-
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-    		<artifactId>moa-id-module-elga_mandate_service</artifactId>
-    		<version>${moa-id-module-elga_mandate_client}</version>
-			</dependency>
-			   			                         
-      <dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>	
-			   			                         
-      <dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-sl20_authentication</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-			
-			<dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>				   			                         
-			   
-      <dependency>
-				<groupId>MOA.id.server.modules</groupId>
-				<artifactId>moa-id-module-EID_connector</artifactId>
-				<version>${moa-id-version}</version>
-			</dependency>
-         
-         			                         
-             <dependency>
-                <groupId>MOA.id.server</groupId>
-                <artifactId>moa-id-commons</artifactId>
-                <version>${moa-id-version}</version>
-                <type>test-jar</type>
-                <scope>test</scope>
-            </dependency>
-             
-            <dependency>
-                <groupId>junit</groupId>
-                <artifactId>junit</artifactId>
-                <version>${junit.version}</version>
-                <scope>test</scope>
-            </dependency>
-            <dependency>
-                <groupId>commons-logging</groupId>
-                <artifactId>commons-logging</artifactId>
-                <version>1.2</version>
-                <scope>compile</scope>
-            </dependency>
-            
-            <dependency>
-            	<groupId>javax.servlet</groupId>
-							<artifactId>javax.servlet-api</artifactId>
-							<version>3.0.1</version> 
-						<scope>provide</scope>                
-            </dependency>
-             <dependency>
-                <groupId>javax.activation</groupId>
-                <artifactId>activation</artifactId>
-                <version>1.1.1</version>	
-                <scope>compile</scope>
-            </dependency>
-            <dependency>
-                <groupId>commons-discovery</groupId>
-                <artifactId>commons-discovery</artifactId>
-                <version>0.5</version>	
-                <scope>compile</scope>
-            </dependency>
-            <!-- IAIK libraries -->
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_jce_full</artifactId>
-                <version>5.52_moa</version>
-            </dependency>
-            
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_X509TrustManager</artifactId>
-                <version>0.3.1</version>
-                <scope>compile</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Provider</artifactId>
-                <version>1.2.4</version>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <scope>compile</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <classifier>win32</classifier>
-                <type>dll</type>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <classifier>linux</classifier>
-                <type>so</type>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <classifier>linux_x64</classifier>
-                <type>so</type>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <classifier>solaris_sparc</classifier>
-                <type>so</type>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                <classifier>solaris_sparcv9</classifier>
-                <type>so</type>
-                <scope>runtime</scope>
-            </dependency>
-            <dependency>
-                <groupId>iaik.prod</groupId>
-                <artifactId>iaik_Pkcs11Wrapper</artifactId>
-                <version>1.2.17</version>
-                 <classifier>win64</classifier>
-                <type>dll</type>
-                <scope>runtime</scope>
-            </dependency>
-
-		<dependency>
-			<groupId>javax.xml.bind</groupId>
-    		<artifactId>jaxb-api</artifactId>
-    		<version>${jaxb.version}</version>
-		</dependency>
-            		
-            <dependency>
-                <groupId>xerces</groupId>
-                <artifactId>xercesImpl</artifactId>
-                <version>2.11.0</version>
-                <scope>compile</scope>	
-            </dependency>
-            <!-- The xmlParserAPIs.jar of the official xalan distribution
-                 and the one in the central repository differ. So, we
-                 are going to include the official one in our own
-                 distribution to prevent from problems with different
-                 versions in the endorsed directory of the servlet container
-                 or jre endorsed directory. -->
-            <dependency>
-                <groupId>xalan-bin-dist</groupId>
-                <artifactId>xml-apis</artifactId>
-                <version>2.11.0</version>
-                <scope>runtime</scope>
-            </dependency>
-            <!-- The xalan.jar of the official xalan distribution
-                 and the one in the central repository differ. So, we
-                 are going to include the official one in our own
-                 distribution to prevent from problems with different
-                 versions in the endorsed directory of the servlet container
-                 or jre endorsed directory. -->
-            <dependency>
-                <groupId>xalan-bin-dist</groupId>
-                <artifactId>xalan</artifactId>
-                <version>2.7.1</version>
-                <scope>compile</scope><!-- for XPathAPI, Javadoc,...-->
-            </dependency>
-            <dependency>
-                <groupId>xalan-bin-dist</groupId>
-                <artifactId>serializer</artifactId>
-                <version>2.7.1</version><!-- xalan version -->
-                <scope>runtime</scope>
-            </dependency>
-            
-			<dependency>
-				<groupId>org.springframework</groupId>
-				<artifactId>spring-webmvc</artifactId>
-				<version>${org.springframework.version}</version>
-			</dependency>
-			
-			<dependency>
-	        	<groupId>org.springframework.data</groupId>
-	        	<artifactId>spring-data-redis</artifactId>
-	        	<version>${org.springframework.data.spring-data-redis}</version>
-	    	</dependency>
-			
-			
-            <!-- the core, which includes Streaming API, shared low-level abstractions (but NOT data-binding) -->
-            <dependency>
-                <groupId>com.fasterxml.jackson.core</groupId>
-                <artifactId>jackson-core</artifactId>
-                <version>${jackson-version}</version>
-			</dependency>
-			<!-- databinding; ObjectMapper, JsonNode and related classes are here -->
-			<dependency>
-                <groupId>com.fasterxml.jackson.core</groupId>
-                <artifactId>jackson-databind</artifactId>
-                <version>${jackson-version}</version>
-            </dependency>
-            <dependency>
-                <groupId>com.fasterxml.jackson.core</groupId>
-                <artifactId>jackson-annotations</artifactId>
-                <version>${jackson-version}</version>
-            </dependency>
-			<dependency>
-				<groupId>commons-cli</groupId>
-				<artifactId>commons-cli</artifactId>
-				<version>${apache-cli-version}</version>
-			</dependency>
-			
-			<dependency>
-				<groupId>com.sun.xml.bind</groupId>
-				<artifactId>jaxb-core</artifactId>
-				<version>${jaxb-core.version}</version>
-			</dependency>
-			<dependency>
-				<groupId>com.sun.xml.bind</groupId>
-				<artifactId>jaxb-impl</artifactId>
-				<version>${jaxb.version}</version>
-			</dependency>
-
-			<dependency>
-				<groupId>org.easymock</groupId>
-				<artifactId>easymock</artifactId>
-				<scope>test</scope>
-				<version>3.5</version>
-			</dependency>
-			<dependency>
-				<groupId>org.unitils</groupId>
-				<artifactId>unitils-core</artifactId>
-				<version>3.4.6</version>
-			</dependency>
-			
-			</dependencies>
-    </dependencyManagement>
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+  xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+  <modelVersion>4.0.0</modelVersion>
+  <groupId>MOA</groupId>
+  <artifactId>MOA</artifactId>
+  <packaging>pom</packaging>
+  <version>4.1.0</version>
+  <name>MOA</name>
 
-    <dependencies>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>win32</classifier>
-            <type>dll</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>linux</classifier>
-            <type>so</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>linux_x64</classifier>
-            <type>so</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>solaris_sparc</classifier>
-            <type>so</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>solaris_sparcv9</classifier>
-            <type>so</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>iaik.prod</groupId>
-            <artifactId>iaik_Pkcs11Wrapper</artifactId>
-            <classifier>win64</classifier>
-            <type>dll</type>
-            <scope>runtime</scope>
-        </dependency>
-        <dependency>
-            <groupId>commons-io</groupId>
-            <artifactId>commons-io</artifactId>
-            <version>${org.apache.commons.io.version}</version>
-        </dependency>
+  <properties>
+    <repositoryPath>${basedir}/repository</repositoryPath>
+    <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
 
-    </dependencies>
+    <!-- Project Version -->
+    <moa-id-version>4.1.0</moa-id-version>
+
+    <moa-id-version-final>4.1.0</moa-id-version-final>
+    <moa-id-version-edu>4.1.0</moa-id-version-edu>
+
+    <moa-id-proxy-version>2.0.1</moa-id-proxy-version>
+
+    <configtool-version>3.0.1</configtool-version>
+    <demo-oa-version>2.0.6</demo-oa-version>
+
+    <moa-id-module-elga_mandate_client>1.3.2</moa-id-module-elga_mandate_client>
+
+    <!-- =================================================================================== -->
+    <egiz-spring-api.version>0.3</egiz-spring-api.version>
+    <egiz.eaaf.version>1.0.13.2</egiz.eaaf.version>
+    <org.springframework.version>5.2.2.RELEASE</org.springframework.version>
+    <org.springframework.data.spring-data-jpa>2.2.3.RELEASE</org.springframework.data.spring-data-jpa>
+    <org.springframework.data.spring-data-redis>2.2.3.RELEASE</org.springframework.data.spring-data-redis>
+    <surefire.version>2.22.0</surefire.version>
+
+    <jaxb.version>2.3.1</jaxb.version>
+    <jaxb-core.version>2.3.0.1</jaxb-core.version>
+    <guava.version>28.1-jre</guava.version>
+
+    <opensaml.version>2.6.6</opensaml.version> <!-- update to v3 (v2 is end-of-life in june 2016) -->
+    <org.opensaml.openws.version>1.5.6</org.opensaml.openws.version>
+    <xmltooling.version>1.4.6</xmltooling.version>
+    <xmlsec.version>2.1.3</xmlsec.version>
+    <jaxws-api.version>2.3.1</jaxws-api.version>
+    <jws-api.version>1.1</jws-api.version>
+
+    <hibernate.version>5.4.3.Final</hibernate.version>
+    <org.apache.commons.commons.dbcp2>2.6.0</org.apache.commons.commons.dbcp2>
+
+    <cxf.version>3.3.4</cxf.version>
+    <struts.version>2.5.22</struts.version> <!-- 2.5.10.1 -->
+
+    <egovutils.version>2.0.0</egovutils.version>
 
-    <repositories>
+    <slf4j.version>1.7.26</slf4j.version>
+
+    <httpclient.version>4.5.8</httpclient.version>
+    <httpcore.version>4.4.11</httpcore.version>
+
+    <!-- Maybe problems with Hibernate 5.0.10 -->
+    <mysql-connector.java>8.0.16</mysql-connector.java>
+    <!-- <mysql-connector.java>5.1.40</mysql-connector.java> -->
+
+    <junit.version>4.12</junit.version>
+    <org.apache.commons.io.version>2.6</org.apache.commons.io.version>
+    <org.apache.commons.lang3.version>3.9</org.apache.commons.lang3.version>
+    <org.apache.commons.collections4.version>4.3</org.apache.commons.collections4.version>
+    <org.apache.commons.collections3.version>3.2.2</org.apache.commons.collections3.version>
+    <org.apache.commons-text.version>1.6</org.apache.commons-text.version>
+    <jodatime.version>2.10.2</jodatime.version>
+
+    <jackson-version>2.9.9</jackson-version>
+    <apache-cli-version>1.4</apache-cli-version>
+    <spring-orm-version>${org.springframework.version}</spring-orm-version>
+
+  </properties>
+
+  <profiles>
+    <profile>
+      <id>default</id>
+      <activation>
+        <activeByDefault>true</activeByDefault>
+        <property>
+          <name>default</name>
+        </property>
+      </activation>
+      <modules>
+        <module>id</module>
+      </modules>
+      <repositories>
         <repository>
-            <id>MOA</id>
-            <name>MOA Dependencies</name>
-            <!--releases>
-                <enabled>false</enabled>
-                </releases-->
-            <layout>default</layout>
-            <url>file://${repositoryPath}</url>
+          <id>moaid_local</id>
+          <name>local</name>
+          <url>file:${basedir}/../../../repository</url>
         </repository>
-    </repositories>
+        <!-- <repository> <id>hyberjaxb</id> <url>http://repository.highsource.org/maven2/releases/</url> 
+          <releases> <enabled>false</enabled> </releases> </repository> -->
+        <repository>
+          <id>egiz-shibboleth-mirror</id>
+          <name>egiz-shibboleth-mirror</name>
+          <url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
+        </repository>
+        <repository>
+          <id>jboss</id>
+          <url>https://repository.jboss.org/nexus/content/repositories/central/</url>
+          <releases>
+            <enabled>true</enabled>
+          </releases>
+        </repository>
+        <repository>
+          <id>egiz-commons</id>
+          <url>https://apps.egiz.gv.at/maven/</url>
+          <releases>
+            <enabled>true</enabled>
+          </releases>
+        </repository>
+
+      </repositories>
+    </profile>
+  </profiles>
+
+  <build>
+    <pluginManagement>
+      <plugins>
+        <plugin>
+          <artifactId>maven-release-plugin</artifactId>
+          <version>2.5.1</version>
+        </plugin>
+      </plugins>
+    </pluginManagement>
+    <plugins>
+      <!-- <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>properties-maven-plugin</artifactId> 
+        <version>1.0-alpha-2</version> <executions> <execution> <phase>initialize</phase> 
+        <goals> <goal>read-project-properties</goal> </goals> <configuration> <files> 
+        <file>${basedir}/moa-id.properties</file> </files> </configuration> </execution> 
+        </executions> </plugin> -->
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-surefire-plugin</artifactId>
+        <version>${surefire.version}</version>
+        <configuration>
+          <excludes>
+            <exclude>eu/stork/peps/test/simple/SimpleBaseTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkAttrQueryRequestTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkAttrQueryResponseTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkAuthRequestTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkLogoutRequestTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkLogoutResponseTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkNewResponseTest.java</exclude>
+            <exclude>eu/stork/peps/test/simple/StorkResponseTest.java</exclude>
+            <exclude>test/MOAIDTestCase.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/MOATestCase.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/UnitTestCase.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/MOAIDAuthInitialiserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/builder/InfoboxReadRequestBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/builder/PersonDataBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/builder/SAMLArtifactBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/builder/VerifyXMLSignatureRequestBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/invoke/IdentityLinkAssertionParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/invoke/MOASPSSTestCase.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/invoke/SignatureVerificationTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/oauth/CertTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/parser/IdentityLinkAssertionParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/parser/InfoboxReadResponseParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLArtifactBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/proxy/builder/SAMLRequestBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/id/proxy/parser/SAMLResponseParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/SPSSTestCase.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/CreateXMLSignatureRequestParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/TransformParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyCMSSignatureRequestParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/api/xmlbind/VerifyXMLSignatureRequestParserTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/ConfigurationDataImplTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/iaik/config/IaikConfiguratorTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/invoke/CMSSignatureVerificationInvokerTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/invoke/DataObjectFactoryTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/invoke/TransformationFactoryTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureCreationInvokerTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/invoke/XMLSignatureVerificationInvokerTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/spss/server/tools/CertToolTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/DOMUtilsTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/KeyStoreUtilsTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/SSLUtilsTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/URLDecoderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/URLEncoderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/XMLGrammarBuilderTest.java</exclude>
+            <exclude>test/at/gv/egovernment/moa/util/XPathUtilsTest.java</exclude>
+          </excludes>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-compiler-plugin</artifactId>
+        <version>3.6.1</version>
+        <configuration>
+          <verbose>false</verbose>
+          <fork>true</fork>
+          <executable>${env.BUILD_EXECUTEABLE}</executable>
+          <compilerVersion>${env.BUILD_VERSION}</compilerVersion>
+          <encoding>${project.build.sourceEncoding}</encoding>
+          <source>1.8</source>
+          <target>1.8</target>
+        </configuration>
+      </plugin>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-jar-plugin</artifactId>
+        <version>3.1.2</version>
+        <configuration>
+          <archive>
+            <manifest>
+              <addDefaultImplementationEntries>true</addDefaultImplementationEntries>
+            </manifest>
+          </archive>
+        </configuration>
+      </plugin>
+      <plugin>
+        <inherited>false</inherited>
+        <artifactId>maven-assembly-plugin</artifactId>
+        <!-- <version>2.2-beta-1</version> -->
+        <version>2.2.2</version>
+        <!-- TODO Update Version 2.2-beta-1 for MOA-SPSS -->
+        <configuration>
+          <finalName>moa</finalName>
+          <encoding>UTF-8</encoding>
+          <descriptors>
+            <descriptor>id/assembly-auth-final.xml</descriptor>
+            <descriptor>id/assembly-auth-edu.xml</descriptor>
+            <descriptor>id/assembly-proxy.xml</descriptor>
+
+            <!-- <descriptor>spss/assembly.xml</descriptor> <descriptor>spss/assembly-lib.xml</descriptor> -->
+          </descriptors>
+        </configuration>
+      </plugin>
+
+      <plugin>
+        <groupId>org.codehaus.mojo</groupId>
+        <artifactId>versions-maven-plugin</artifactId>
+        <version>2.7</version>
+      </plugin>
+
+      <!-- Vulnerability checks -->
+      <!-- <plugin> <groupId>org.owasp</groupId> <artifactId>dependency-check-maven</artifactId> 
+        <version>1.2.5</version> <executions> <execution> <phase>verify</phase> <goals> 
+        <goal>check</goal> </goals> </execution> </executions> </plugin> -->
+
+    </plugins>
+
+  </build>
+
+  <reporting>
+    <plugins>
+      <plugin>
+        <groupId>org.apache.maven.plugins</groupId>
+        <artifactId>maven-javadoc-plugin</artifactId>
+        <configuration>
+          <excludePackageNames>test.*</excludePackageNames>
+          <failOnError>false</failOnError>
+        </configuration>
+      </plugin>
+    </plugins>
+  </reporting>
+
+  <dependencyManagement>
+    <dependencies>
+
+      <dependency>
+        <groupId>org.apache.commons</groupId>
+        <artifactId>commons-dbcp2</artifactId>
+        <version>${org.apache.commons.commons.dbcp2}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.opensaml</groupId>
+        <artifactId>opensaml</artifactId>
+        <version>${opensaml.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.opensaml</groupId>
+        <artifactId>xmltooling</artifactId>
+        <version>${xmltooling.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.opensaml</groupId>
+        <artifactId>openws</artifactId>
+        <version>${org.opensaml.openws.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.santuario</groupId>
+        <artifactId>xmlsec</artifactId>
+        <version>${xmlsec.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>javax.xml.ws</groupId>
+        <artifactId>jaxws-api</artifactId>
+        <version>${jaxws-api.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>javax.jws</groupId>
+        <artifactId>javax.jws-api</artifactId>
+        <version>${jws-api.version}</version>
+      </dependency>
+
+
+      <dependency>
+        <groupId>com.google.guava</groupId>
+        <artifactId>guava</artifactId>
+        <version>${guava.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-rt-frontend-jaxws</artifactId>
+        <version>${cxf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.cxf</groupId>
+        <artifactId>cxf-rt-transports-http</artifactId>
+        <version>${cxf.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>commons-collections</groupId>
+        <artifactId>commons-collections</artifactId>
+        <version>${org.apache.commons.collections3.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.commons</groupId>
+        <artifactId>commons-text</artifactId>
+        <version>${org.apache.commons-text.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.struts</groupId>
+        <artifactId>struts2-core</artifactId>
+        <version>${struts.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.apache.struts</groupId>
+        <artifactId>struts2-json-plugin</artifactId>
+        <version>${struts.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>at.gv.util</groupId>
+        <artifactId>egovutils</artifactId>
+        <version>${egovutils.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>at.gv.egiz.components</groupId>
+        <artifactId>egiz-spring-api</artifactId>
+        <version>${egiz-spring-api.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.slf4j</groupId>
+        <artifactId>slf4j-api</artifactId>
+        <version>${slf4j.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.slf4j</groupId>
+        <artifactId>jcl-over-slf4j</artifactId>
+        <version>${slf4j.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.slf4j</groupId>
+        <artifactId>jul-to-slf4j</artifactId>
+        <version>${slf4j.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>org.slf4j</groupId>
+        <artifactId>slf4j-log4j12</artifactId>
+        <version>${slf4j.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>jaxen</groupId>
+        <artifactId>jaxen</artifactId>
+        <version>1.1.6</version>
+      </dependency>
+      <dependency>
+        <groupId>saxpath</groupId>
+        <artifactId>saxpath</artifactId>
+        <version>1.0-FCS</version>
+        <scope>compile</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.logging.log4j</groupId>
+        <artifactId>log4j-core</artifactId>
+        <version>2.5</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.httpcomponents</groupId>
+        <artifactId>httpclient</artifactId>
+        <version>${httpclient.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.apache.httpcomponents</groupId>
+        <artifactId>httpcore</artifactId>
+        <version>${httpcore.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.postgresql</groupId>
+        <artifactId>postgresql</artifactId>
+        <version>9.3-1102-jdbc41</version>
+      </dependency>
+
+      <dependency>
+        <groupId>javax.mail</groupId>
+        <artifactId>mail</artifactId>
+        <version>1.4.7</version>
+      </dependency>
+      <dependency>
+        <groupId>commons-fileupload</groupId>
+        <artifactId>commons-fileupload</artifactId>
+        <version>1.3.3</version>
+      </dependency>
+      <dependency>
+        <groupId>commons-httpclient</groupId>
+        <artifactId>commons-httpclient</artifactId>
+        <version>3.1</version>
+      </dependency>
+      <dependency>
+        <groupId>dav4j</groupId>
+        <artifactId>dav4j</artifactId>
+        <version>0.1</version>
+        <scope>compile</scope>
+      </dependency>
+      <dependency>
+        <groupId>httpsclient</groupId>
+        <artifactId>httpsclient</artifactId>
+        <version>JSSE-1.0</version>
+        <scope>compile</scope>
+      </dependency>
+      <!-- <dependency> <groupId>regexp</groupId> <artifactId>regexp</artifactId> 
+        <version>1.3</version> </dependency> -->
+
+
+      <!-- <dependency> <groupId>org.bouncycastle</groupId> <artifactId>bcprov-jdk16</artifactId> 
+        <version>1.46</version> </dependency> -->
+
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_core_api</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf-core</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf-core</artifactId>
+        <type>test-jar</type>
+        <version>${egiz.eaaf.version}</version>
+        <scope>test</scope>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_module_pvp2_idp</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_module_pvp2_sp</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_module_pvp2_core</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_module_auth_sl20</artifactId>
+        <version>${egiz.eaaf.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf_core_utils</artifactId>
+        <version>${egiz.eaaf.version}</version>
+        <scope>test</scope>
+        <type>test-jar</type>
+      </dependency>
+      <dependency>
+        <groupId>at.gv.egiz.eaaf</groupId>
+        <artifactId>eaaf-core</artifactId>
+        <version>${egiz.eaaf.version}</version>
+        <scope>test</scope> 
+        <type>test-jar</type>
+      </dependency>
+
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-spring-initializer</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-frontend-resources</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id</groupId>
+        <artifactId>moa-spss-container</artifactId>
+        <version>${moa-id-version}</version>
+        <type>pom</type>
+      </dependency>
+
+
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-lib</artifactId>
+        <version>${moa-id-version}</version>
+        <scope>compile</scope>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-commons</artifactId>
+        <version>${moa-id-version}</version>
+        <scope>compile</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-jaxb_classes</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-lib</artifactId>
+        <version>${moa-id-version}</version>
+        <scope>test</scope>
+        <type>test-jar</type>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-stork</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-monitoring</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-saml1</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-openID</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-modul-citizencard_authentication</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-eIDAS</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-pvp2</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-modules-federated_authentication</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-elga_mandate_service</artifactId>
+        <version>${moa-id-module-elga_mandate_client}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-sl20_authentication</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>MOA.id.server.modules</groupId>
+        <artifactId>moa-id-module-EID_connector</artifactId>
+        <version>${moa-id-version}</version>
+      </dependency>
+
+
+      <dependency>
+        <groupId>MOA.id.server</groupId>
+        <artifactId>moa-id-commons</artifactId>
+        <version>${moa-id-version}</version>
+        <type>test-jar</type>
+        <scope>test</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>junit</groupId>
+        <artifactId>junit</artifactId>
+        <version>${junit.version}</version>
+        <scope>test</scope>
+      </dependency>
+      <dependency>
+        <groupId>commons-logging</groupId>
+        <artifactId>commons-logging</artifactId>
+        <version>1.2</version>
+        <scope>compile</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>javax.servlet</groupId>
+        <artifactId>javax.servlet-api</artifactId>
+        <version>3.0.1</version>
+        <scope>provide</scope>
+      </dependency>
+      <dependency>
+        <groupId>javax.activation</groupId>
+        <artifactId>activation</artifactId>
+        <version>1.1.1</version>
+        <scope>compile</scope>
+      </dependency>
+      <dependency>
+        <groupId>commons-discovery</groupId>
+        <artifactId>commons-discovery</artifactId>
+        <version>0.5</version>
+        <scope>compile</scope>
+      </dependency>
+      <!-- IAIK libraries -->
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_jce_full</artifactId>
+        <version>5.52_moa</version>
+      </dependency>
+
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_X509TrustManager</artifactId>
+        <version>0.3.1</version>
+        <scope>compile</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Provider</artifactId>
+        <version>1.2.4</version>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <scope>compile</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>win32</classifier>
+        <type>dll</type>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>linux</classifier>
+        <type>so</type>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>linux_x64</classifier>
+        <type>so</type>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>solaris_sparc</classifier>
+        <type>so</type>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>solaris_sparcv9</classifier>
+        <type>so</type>
+        <scope>runtime</scope>
+      </dependency>
+      <dependency>
+        <groupId>iaik.prod</groupId>
+        <artifactId>iaik_Pkcs11Wrapper</artifactId>
+        <version>1.2.17</version>
+        <classifier>win64</classifier>
+        <type>dll</type>
+        <scope>runtime</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>javax.xml.bind</groupId>
+        <artifactId>jaxb-api</artifactId>
+        <version>${jaxb.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>xerces</groupId>
+        <artifactId>xercesImpl</artifactId>
+        <version>2.11.0</version>
+        <scope>compile</scope>
+      </dependency>
+      <!-- The xmlParserAPIs.jar of the official xalan distribution and the 
+        one in the central repository differ. So, we are going to include the official 
+        one in our own distribution to prevent from problems with different versions 
+        in the endorsed directory of the servlet container or jre endorsed directory. -->
+      <dependency>
+        <groupId>xalan-bin-dist</groupId>
+        <artifactId>xml-apis</artifactId>
+        <version>2.11.0</version>
+        <scope>runtime</scope>
+      </dependency>
+      <!-- The xalan.jar of the official xalan distribution and the one in 
+        the central repository differ. So, we are going to include the official one 
+        in our own distribution to prevent from problems with different versions 
+        in the endorsed directory of the servlet container or jre endorsed directory. -->
+      <dependency>
+        <groupId>xalan-bin-dist</groupId>
+        <artifactId>xalan</artifactId>
+        <version>2.7.1</version>
+        <scope>compile</scope><!-- for XPathAPI, Javadoc,... -->
+      </dependency>
+      <dependency>
+        <groupId>xalan-bin-dist</groupId>
+        <artifactId>serializer</artifactId>
+        <version>2.7.1</version><!-- xalan version -->
+        <scope>runtime</scope>
+      </dependency>
+
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-webmvc</artifactId>
+        <version>${org.springframework.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.springframework.data</groupId>
+        <artifactId>spring-data-redis</artifactId>
+        <version>${org.springframework.data.spring-data-redis}</version>
+      </dependency>
+
+
+      <!-- the core, which includes Streaming API, shared low-level abstractions 
+        (but NOT data-binding) -->
+      <dependency>
+        <groupId>com.fasterxml.jackson.core</groupId>
+        <artifactId>jackson-core</artifactId>
+        <version>${jackson-version}</version>
+      </dependency>
+      <!-- databinding; ObjectMapper, JsonNode and related classes are here -->
+      <dependency>
+        <groupId>com.fasterxml.jackson.core</groupId>
+        <artifactId>jackson-databind</artifactId>
+        <version>${jackson-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>com.fasterxml.jackson.core</groupId>
+        <artifactId>jackson-annotations</artifactId>
+        <version>${jackson-version}</version>
+      </dependency>
+      <dependency>
+        <groupId>commons-cli</groupId>
+        <artifactId>commons-cli</artifactId>
+        <version>${apache-cli-version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>com.sun.xml.bind</groupId>
+        <artifactId>jaxb-core</artifactId>
+        <version>${jaxb-core.version}</version>
+      </dependency>
+      <dependency>
+        <groupId>com.sun.xml.bind</groupId>
+        <artifactId>jaxb-impl</artifactId>
+        <version>${jaxb.version}</version>
+      </dependency>
+
+      <dependency>
+        <groupId>org.easymock</groupId>
+        <artifactId>easymock</artifactId>
+        <scope>test</scope>
+        <version>3.5</version>
+      </dependency>
+      <dependency>
+        <groupId>org.unitils</groupId>
+        <artifactId>unitils-core</artifactId>
+        <version>3.4.6</version>
+      </dependency>
+
+    </dependencies>
+  </dependencyManagement>
+
+  <dependencies>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>win32</classifier>
+      <type>dll</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>linux</classifier>
+      <type>so</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>linux_x64</classifier>
+      <type>so</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>solaris_sparc</classifier>
+      <type>so</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>solaris_sparcv9</classifier>
+      <type>so</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>iaik.prod</groupId>
+      <artifactId>iaik_Pkcs11Wrapper</artifactId>
+      <classifier>win64</classifier>
+      <type>dll</type>
+      <scope>runtime</scope>
+    </dependency>
+    <dependency>
+      <groupId>commons-io</groupId>
+      <artifactId>commons-io</artifactId>
+      <version>${org.apache.commons.io.version}</version>
+    </dependency>
+
+  </dependencies>
+
+  <repositories>
+    <repository>
+      <id>MOA</id>
+      <name>MOA Dependencies</name>
+      <!--releases> <enabled>false</enabled> </releases -->
+      <layout>default</layout>
+      <url>file://${repositoryPath}</url>
+    </repository>
+  </repositories>
 </project>
author	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-12-13 08:54:02 +0100
committer	Thomas Lenz <tlenz@iaik.tugraz.at>	2019-12-13 08:54:02 +0100
commit	38f60c2385cd47c320942fdc7c9eb158f0e320e0 (patch)
tree	3269a16ff008242f214a3d1ded556392d6214324
parent	31e23d3cedeecf980e39b9637237cb8f3d01ad9f (diff)
download	moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.tar.gz moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.tar.bz2 moa-id-spss-38f60c2385cd47c320942fdc7c9eb158f0e320e0.zip