merge

25 files changed, 372 insertions, 184 deletions

diff --git a/id/oa/.classpath b/id/oa/.classpath
deleted file mode 100644
index e49707af4..000000000
--- a/id/oa/.classpath
+++ /dev/null
@@ -1,29 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<classpath>
-	<classpathentry kind="src" output="target/classes" path="src/main/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="src" path="src/main/resources"/>
-	<classpathentry kind="con" path="org.eclipse.jst.server.core.container/org.eclipse.jst.server.tomcat.runtimeTarget/Apache Tomcat v6.0"/>
-	<classpathentry kind="src" output="target/test-classes" path="src/test/java">
-		<attributes>
-			<attribute name="optional" value="true"/>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER/org.eclipse.jdt.internal.debug.ui.launcher.StandardVMType/J2SE-1.5">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
-		<attributes>
-			<attribute name="maven.pomderived" value="true"/>
-			<attribute name="org.eclipse.jst.component.dependency" value="/WEB-INF/lib"/>
-		</attributes>
-	</classpathentry>
-	<classpathentry kind="output" path="target/classes"/>
-</classpath>
diff --git a/id/oa/.gitignore b/id/oa/.gitignore
deleted file mode 100644
index ea8c4bf7f..000000000
--- a/id/oa/.gitignore
+++ /dev/null
@@ -1 +0,0 @@
-/target
diff --git a/id/oa/.project b/id/oa/.project
deleted file mode 100644
index bc5551a61..000000000
--- a/id/oa/.project
+++ /dev/null
@@ -1,36 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<projectDescription>
-	<name>moa-id-oa</name>
-	<comment>NO_M2ECLIPSE_SUPPORT: Project files created with the maven-eclipse-plugin are not supported in M2Eclipse.</comment>
-	<projects>
-	</projects>
-	<buildSpec>
-		<buildCommand>
-			<name>org.eclipse.jdt.core.javabuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.wst.common.project.facet.core.builder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.wst.validation.validationbuilder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-		<buildCommand>
-			<name>org.eclipse.m2e.core.maven2Builder</name>
-			<arguments>
-			</arguments>
-		</buildCommand>
-	</buildSpec>
-	<natures>
-		<nature>org.eclipse.m2e.core.maven2Nature</nature>
-		<nature>org.eclipse.jdt.core.javanature</nature>
-		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
-		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
-		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
-	</natures>
-</projectDescription>
diff --git a/id/oa/.settings/.jsdtscope b/id/oa/.settings/.jsdtscope
deleted file mode 100644
index beb42ee1c..000000000
--- a/id/oa/.settings/.jsdtscope
+++ /dev/null
@@ -1,13 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<classpath>

-	<classpathentry kind="src" path="target/m2e-wtp/web-resources"/>

-	<classpathentry kind="src" path="src/main/webapp"/>

-	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.JRE_CONTAINER"/>

-	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.WebProject">

-		<attributes>

-			<attribute name="hide" value="true"/>

-		</attributes>

-	</classpathentry>

-	<classpathentry kind="con" path="org.eclipse.wst.jsdt.launching.baseBrowserLibrary"/>

-	<classpathentry kind="output" path=""/>

-</classpath>

diff --git a/id/oa/.settings/org.eclipse.jdt.core.prefs b/id/oa/.settings/org.eclipse.jdt.core.prefs
deleted file mode 100644
index dc0892a32..000000000
--- a/id/oa/.settings/org.eclipse.jdt.core.prefs
+++ /dev/null
@@ -1,8 +0,0 @@
-eclipse.preferences.version=1

-org.eclipse.jdt.core.compiler.codegen.inlineJsrBytecode=enabled

-org.eclipse.jdt.core.compiler.codegen.targetPlatform=1.5

-org.eclipse.jdt.core.compiler.compliance=1.5

-org.eclipse.jdt.core.compiler.problem.assertIdentifier=error

-org.eclipse.jdt.core.compiler.problem.enumIdentifier=error

-org.eclipse.jdt.core.compiler.problem.forbiddenReference=warning

-org.eclipse.jdt.core.compiler.source=1.5

diff --git a/id/oa/.settings/org.eclipse.wst.common.component b/id/oa/.settings/org.eclipse.wst.common.component
deleted file mode 100644
index b9dffde72..000000000
--- a/id/oa/.settings/org.eclipse.wst.common.component
+++ /dev/null
@@ -1,12 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><project-modules id="moduleCoreId" project-version="1.5.0">

-  <wb-module deploy-name="moa-id-oa">

-        <dependent-module archiveName="moa-common-2.0.jar" deploy-path="/WEB-INF/lib" handle="module:/resource/moa-common/moa-common">

-            <dependency-type>uses</dependency-type>

-        </dependent-module>

-    <property name="context-root" value="moa-id-oa"/>

-    <wb-resource deploy-path="/" source-path="src/main/webapp"/>

-        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/java"/>

-        <wb-resource deploy-path="/WEB-INF/classes" source-path="/src/main/resources"/>

-    <property name="java-output-path" value="/target/classes"/>

-  </wb-module>

-</project-modules>

diff --git a/id/oa/.settings/org.eclipse.wst.common.project.facet.core.xml b/id/oa/.settings/org.eclipse.wst.common.project.facet.core.xml
deleted file mode 100644
index a801c94a0..000000000
--- a/id/oa/.settings/org.eclipse.wst.common.project.facet.core.xml
+++ /dev/null
@@ -1,7 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>

-<faceted-project>

-  <fixed facet="jst.java"/>

-  <fixed facet="jst.web"/>

-  <installed facet="jst.web" version="2.4"/>

-  <installed facet="jst.java" version="1.4"/>

-</faceted-project>
\ No newline at end of file
diff --git a/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.container b/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.container
deleted file mode 100644
index 3bd5d0a48..000000000
--- a/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.container
+++ /dev/null
@@ -1 +0,0 @@
-org.eclipse.wst.jsdt.launching.baseBrowserLibrary
\ No newline at end of file
diff --git a/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.name b/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.name
deleted file mode 100644
index 05bd71b6e..000000000
--- a/id/oa/.settings/org.eclipse.wst.jsdt.ui.superType.name
+++ /dev/null
@@ -1 +0,0 @@
-Window
\ No newline at end of file
diff --git a/id/oa/.settings/org.maven.ide.eclipse.prefs b/id/oa/.settings/org.maven.ide.eclipse.prefs
deleted file mode 100644
index 7f28ca3cd..000000000
--- a/id/oa/.settings/org.maven.ide.eclipse.prefs
+++ /dev/null
@@ -1,8 +0,0 @@
-activeProfiles=

-eclipse.preferences.version=1

-fullBuildGoals=process-test-resources

-includeModules=false

-resolveWorkspaceProjects=true

-resourceFilterGoals=process-resources resources\:testResources

-skipCompilerPlugin=true

-version=1

diff --git a/id/oa/moa-id-oa.iml b/id/oa/moa-id-oa.iml
index 412cad133..2167d3b37 100644
--- a/id/oa/moa-id-oa.iml
+++ b/id/oa/moa-id-oa.iml
@@ -22,42 +22,35 @@
     </content>
     <orderEntry type="inheritedJdk" />
     <orderEntry type="sourceFolder" forTests="false" />
-    <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.5.3" level="project" />
-    <orderEntry type="library" name="Maven: org.opensaml:openws:1.4.4" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:jstl:1.2" level="project" />
+    <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
+    <orderEntry type="library" name="Maven: org.opensaml:opensaml:2.6.0" level="project" />
+    <orderEntry type="library" name="Maven: org.opensaml:openws:1.5.0" level="project" />
     <orderEntry type="library" name="Maven: org.opensaml:xmltooling:1.4.0" level="project" />
     <orderEntry type="library" name="Maven: org.bouncycastle:bcprov-jdk15:1.46" level="project" />
-    <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.3" level="project" />
-    <orderEntry type="library" name="Maven: joda-time:joda-time:1.6.2" level="project" />
+    <orderEntry type="library" name="Maven: commons-codec:commons-codec:1.7" level="project" />
+    <orderEntry type="library" name="Maven: joda-time:joda-time:2.2" level="project" />
     <orderEntry type="library" name="Maven: ca.juliusdavies:not-yet-commons-ssl:0.3.9" level="project" />
     <orderEntry type="library" name="Maven: commons-httpclient:commons-httpclient:3.1" level="project" />
     <orderEntry type="library" name="Maven: org.apache.santuario:xmlsec:1.5.4" level="project" />
-    <orderEntry type="library" name="Maven: commons-logging:commons-logging:1.0.4" level="project" />
-    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
-    <orderEntry type="library" scope="PROVIDED" name="Maven: javax.servlet:servlet-api:2.4" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xml-apis:xml-apis:1.4.01" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xerces:xercesImpl:2.10.0" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xml-resolver:xml-resolver:1.2" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan:xalan:2.7.1" level="project" />
-    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan:serializer:2.7.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-collections:commons-collections:3.2.1" level="project" />
-    <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
-    <orderEntry type="library" name="Maven: velocity:velocity:1.5" level="project" />
-    <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xml-apis:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:xercesImpl:2.10.0" level="project" />
     <orderEntry type="library" scope="RUNTIME" name="Maven: org.apache.xerces:serializer:2.10.0" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xml-resolver:xml-resolver:1.2" level="project" />
+    <orderEntry type="library" scope="RUNTIME" name="Maven: xalan:xalan:2.7.1" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jcl-over-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-api:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:jul-to-slf4j:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:log4j-over-slf4j:1.7.5" level="project" />
+    <orderEntry type="library" name="Maven: commons-collections:commons-collections:3.2.1" level="project" />
+    <orderEntry type="library" name="Maven: commons-lang:commons-lang:2.6" level="project" />
+    <orderEntry type="library" name="Maven: org.apache.velocity:velocity:1.7" level="project" />
+    <orderEntry type="library" name="Maven: org.owasp.esapi:esapi:2.0.1" level="project" />
     <orderEntry type="library" name="Maven: jstl:jstl:1.2" level="project" />
     <orderEntry type="library" name="Maven: org.slf4j:slf4j-simple:1.7.5" level="project" />
     <orderEntry type="library" name="Maven: iaik:commons-iaik:0.7.1" level="project" />
+    <orderEntry type="library" name="Maven: log4j:log4j:1.2.14" level="project" />
     <orderEntry type="module" module-name="moa-common" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_jce_full:5.101" level="project" />
-    <orderEntry type="library" name="Maven: iaik.prod:iaik_moa:1.5" level="project" />
-    <orderEntry type="library" name="Maven: jaxen:jaxen:1.0-FCS" level="project" />
-    <orderEntry type="library" name="Maven: saxpath:saxpath:1.0-FCS" level="project" />
   </component>
 </module>
 
diff --git a/id/oa/pom.xml b/id/oa/pom.xml
index 254b9e119..4b9a053ad 100644
--- a/id/oa/pom.xml
+++ b/id/oa/pom.xml
@@ -1,11 +1,17 @@
 <project xmlns="http://maven.apache.org/POM/4.0.0"
     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
     xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
+    <parent>
+  		<groupId>MOA</groupId>
+    	<artifactId>id</artifactId>
+    	<version>1.9.98-SNAPSHOT</version>
+  	</parent>
+    
     <modelVersion>4.0.0</modelVersion>
-    <groupId>MOA</groupId>
+    <groupId>MOA.id</groupId>
     <artifactId>moa-id-oa</artifactId>
     <packaging>war</packaging>
-    <version>2.0</version>
+    <version>2.0.0</version>
     <name>MOA Sample OA</name>
 
     <properties>
@@ -40,10 +46,22 @@
     </build>
     
     <dependencies>
+      <dependency>
+				<groupId>javax.servlet</groupId>
+				<artifactId>jstl</artifactId>
+				<version>1.2</version>
+				<scope>provided</scope>
+			</dependency>
+			<dependency>
+				<groupId>javax.servlet</groupId>
+				<artifactId>servlet-api</artifactId>
+				<scope>provided</scope>
+			</dependency>        
+        
 			<dependency>
   			<groupId>org.opensaml</groupId>
   			<artifactId>opensaml</artifactId>
-  			<version>2.5.3</version>
+  			<version>2.6.0</version>
   		</dependency>  		
 			<dependency>
 				<groupId>org.opensaml</groupId>
@@ -82,7 +100,6 @@
   		<dependency>
 				<groupId>MOA</groupId>
 				<artifactId>moa-common</artifactId>
-				<version>2.0</version>
 				<type>jar</type>
 			</dependency>
   		
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
index 0ca5464a7..c143d050b 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Configuration.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA;
 
 
@@ -63,6 +85,7 @@ public class Configuration {
 		return publicURLPreFix;
 	}
 	
+	
 	public KeyStore getPVP2KeyStore() throws ConfigurationException {
 		
 		try {
@@ -75,8 +98,7 @@ public class Configuration {
 					keyStore = KeyStore.getInstance(keystoretype);
 	
 				}
-				
-				
+						
 				String file = getPVP2MetadataKeystoreURL();	
 				if (MiscUtil.isEmpty(file)) {
 					throw new ConfigurationException("KeyStoreURL is empty");
@@ -191,6 +213,7 @@ public class Configuration {
 			
 			fis.close();
 			
+			//load OpenSAML library
 			DefaultBootstrap.bootstrap();
 			
 		} catch ( FileNotFoundException e) {
@@ -208,7 +231,8 @@ public class Configuration {
 	
 	private void initalPVP2Login() throws ConfigurationException {
 		try {
-					
+			
+			//load IDP certificate to validate IDP metadata
 			String metadataCert = getPVP2IDPMetadataCertificate();
 			if (MiscUtil.isEmpty(metadataCert)) {
 				throw new ConfigurationException("NO IDP Certificate to verify IDP Metadata");
@@ -224,7 +248,8 @@ public class Configuration {
 			if (MiscUtil.isEmpty(metadataurl)) {
 				throw new ConfigurationException("NO IDP Metadata URL.");
 			}
-						
+		
+			//load IDP metadata into metadataprovider
 			idpMetadataProvider = new HTTPMetadataProvider(new Timer(), new HttpClient(), metadataurl);  
 			idpMetadataProvider.setRequireValidMetadata(true);  
 			idpMetadataProvider.setParserPool(new BasicParserPool());
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Constants.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Constants.java
index 1f5d4871b..af1dd84be 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Constants.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/Constants.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA;
 
 public class Constants {
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/PVPConstants.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/PVPConstants.java
index facc2feb2..da7d334f1 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/PVPConstants.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/PVPConstants.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA;
 
 public interface PVPConstants {
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/exception/ConfigurationException.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/exception/ConfigurationException.java
index 77250d818..600486230 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/exception/ConfigurationException.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/exception/ConfigurationException.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.exception;
 
 
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
index 68fef277b..5bf9c4970 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/Authenticate.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
@@ -75,6 +97,7 @@ public class Authenticate extends HttpServlet {
 	DocumentBuilder builder;
 
 
+	//generate AuthenticationRequest
 	protected void process(HttpServletRequest request,
 			HttpServletResponse response, Map<String,String> legacyParameter) throws ServletException, IOException {
 		try {
@@ -87,13 +110,10 @@ public class Authenticate extends HttpServlet {
 			SecureRandomIdentifierGenerator gen = new SecureRandomIdentifierGenerator();
 			authReq.setID(gen.generateIdentifier());
 			
-			HttpSession session = request.getSession();
-			if (session != null) {
-				session.setAttribute(Constants.SESSION_PVP2REQUESTID, authReq.getID());
-			}
 			
 			authReq.setAssertionConsumerServiceIndex(0);
 			authReq.setAttributeConsumingServiceIndex(0);
+			
 			authReq.setIssueInstant(new DateTime());
 			Subject subject = SAML2Utils.createSAMLObject(Subject.class);
 			NameID name = SAML2Utils.createSAMLObject(NameID.class);
@@ -121,13 +141,15 @@ public class Authenticate extends HttpServlet {
 				throw new ConfigurationException("No IDP EntityName configurated");
 			}
 			
-			HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();
+			//get IDP metadata from metadataprovider
+			HTTPMetadataProvider idpmetadata = config.getMetaDataProvier();			
 			EntityDescriptor idpEntity = idpmetadata.getEntityDescriptor(entityname);
 			if (idpEntity == null) {
 				log.info("IDP EntityName is not found in IDP Metadata");
 				throw new ConfigurationException("IDP EntityName is not found in IDP Metadata");
 			}
 			
+			//select authentication-service url from metadata
 			SingleSignOnService redirectEndpoint = null;  
 			for (SingleSignOnService sss : 
 					idpEntity.getIDPSSODescriptor(SAMLConstants.SAML20P_NS).getSingleSignOnServices()) {
@@ -137,9 +159,9 @@ public class Authenticate extends HttpServlet {
 					redirectEndpoint = sss;  
 				}  
 			}
-			
 			authReq.setDestination(redirectEndpoint.getLocation());
 			
+			
 			RequestedAuthnContext reqAuthContext = 
 					SAML2Utils.createSAMLObject(RequestedAuthnContext.class);
 			
@@ -154,8 +176,8 @@ public class Authenticate extends HttpServlet {
 			
 			authReq.setRequestedAuthnContext(reqAuthContext);
 			
+			//sign authentication request
 			KeyStore keyStore = config.getPVP2KeyStore();
-
 			X509Credential authcredential = new KeyStoreX509CredentialAdapter(
 					keyStore, 
 					config.getPVP2KeystoreAuthRequestKeyAlias(), 
@@ -165,9 +187,9 @@ public class Authenticate extends HttpServlet {
 			signer.setSignatureAlgorithm(SignatureConstants.ALGO_ID_SIGNATURE_RSA_SHA1);
 			signer.setCanonicalizationAlgorithm(SignatureConstants.ALGO_ID_C14N_EXCL_OMIT_COMMENTS);
 			signer.setSigningCredential(authcredential);
-
 			authReq.setSignature(signer);
 
+			//generate Http-POST Binding message
 			VelocityEngine engine = new VelocityEngine();
 			engine.setProperty(RuntimeConstants.ENCODING_DEFAULT, "UTF-8");
 			engine.setProperty(RuntimeConstants.OUTPUT_ENCODING, "UTF-8");
@@ -175,6 +197,8 @@ public class Authenticate extends HttpServlet {
 			engine.setProperty(RuntimeConstants.RESOURCE_LOADER, "classpath");
 			engine.setProperty("classpath.resource.loader.class",
 					"org.apache.velocity.runtime.resource.loader.ClasspathResourceLoader");
+			engine.setProperty(RuntimeConstants.RUNTIME_LOG_LOGSYSTEM_CLASS,
+					"org.apache.velocity.runtime.log.SimpleLog4JLogSystem");
 			engine.init();
 
 			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
index f3821374a..72a253694 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/BuildMetadata.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
@@ -20,7 +42,7 @@ import javax.xml.transform.TransformerFactoryConfigurationError;
 import javax.xml.transform.dom.DOMSource;
 import javax.xml.transform.stream.StreamResult;
 
-import org.apache.log4j.Logger;
+import org.joda.time.DateTime;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.core.NameIDType;
@@ -50,13 +72,12 @@ import at.gv.egovernment.moa.id.demoOA.Constants;
 import at.gv.egovernment.moa.id.demoOA.exception.ConfigurationException;
 import at.gv.egovernment.moa.id.demoOA.utils.AttributeListBuilder;
 import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
 import at.iaik.commons.util.MiscUtil;
 
 public class BuildMetadata extends HttpServlet {
 	private static final long serialVersionUID = 1L;
 	
-	private static final Logger log = Logger.getLogger(BuildMetadata.class);
-
 	/**
 	 * @see HttpServlet#HttpServlet()
 	 */
@@ -88,23 +109,29 @@ public class BuildMetadata extends HttpServlet {
 			
 			String name = config.getPVP2MetadataEntitiesName();
 			if (MiscUtil.isEmpty(name)) {
-				log.info("NO Metadata EntitiesName configurated");
+				Logger.info("NO Metadata EntitiesName configurated");
 				throw new ConfigurationException("NO Metadata EntitiesName configurated");
 			}
 			
 			spEntitiesDescriptor.setName(name);
 			spEntitiesDescriptor.setID(idGen.generateIdentifier());
 			
+			//set period of validity for metadata information
+			DateTime validUntil =  new DateTime();
+			spEntitiesDescriptor.setValidUntil(validUntil.plusDays(7));
+			
+			
 			EntityDescriptor spEntityDescriptor = SAML2Utils
 					.createSAMLObject(EntityDescriptor.class);
 
 			spEntitiesDescriptor.getEntityDescriptors().add(spEntityDescriptor);
 			
+			//set OA-ID (PublicURL Prefix) as identifier
 			String serviceURL = config.getPublicUrlPreFix(request);
 			if (!serviceURL.endsWith("/"))
 				serviceURL = serviceURL + "/";
 			
-			log.debug("Set OnlineApplicationURL to " + serviceURL);
+			Logger.debug("Set OnlineApplicationURL to " + serviceURL);
 			spEntityDescriptor.setEntityID(serviceURL);
 
 			SPSSODescriptor spSSODescriptor = SAML2Utils
@@ -126,7 +153,7 @@ public class BuildMetadata extends HttpServlet {
 					config.getPVP2KeystoreMetadataKeyPassword().toCharArray());
 
 			
-			log.debug("Set Metadata key information");
+			Logger.debug("Set Metadata key information");
 			//Set MetaData Signing key
 			KeyDescriptor entitiesSignKeyDescriptor = SAML2Utils
 					.createSAMLObject(KeyDescriptor.class);
@@ -162,7 +189,7 @@ public class BuildMetadata extends HttpServlet {
 				spSSODescriptor.getKeyDescriptors().add(encryKeyDescriptor);
 				
 			} else {
-				log.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
+				Logger.warn("No Assertion Encryption-Key defined. This setting is not recommended!");
 				
 			}
 			
@@ -181,23 +208,21 @@ public class BuildMetadata extends HttpServlet {
 			unspecifiednameIDFormat.setFormat(NameIDType.UNSPECIFIED);
 			
 			spSSODescriptor.getNameIDFormats().add(unspecifiednameIDFormat);
-						
+
+			//set HTTP-POST Binding assertion consumer service
 			AssertionConsumerService postassertionConsumerService = 
 					SAML2Utils.createSAMLObject(AssertionConsumerService.class);
 			
 			postassertionConsumerService.setIndex(0);
 			postassertionConsumerService.setBinding(SAMLConstants.SAML2_POST_BINDING_URI);
 			postassertionConsumerService.setLocation(serviceURL + Constants.SERVLET_PVP2ASSERTION);
-			
+		
 			spSSODescriptor.getAssertionConsumerServices().add(postassertionConsumerService);
 			
 			spSSODescriptor.addSupportedProtocol(SAMLConstants.SAML20P_NS);
 			
 			spEntityDescriptor.getRoleDescriptors().add(spSSODescriptor);
 			
-			spSSODescriptor.setWantAssertionsSigned(true);
-			spSSODescriptor.setAuthnRequestsSigned(true);
-			
 			AttributeConsumingService attributeService = 
 					SAML2Utils.createSAMLObject(AttributeConsumingService.class);
 			
@@ -207,10 +232,12 @@ public class BuildMetadata extends HttpServlet {
 			serviceName.setName(new LocalizedString("Default Service", "de"));
 			attributeService.getNames().add(serviceName);
 			
+			//set attributes which are requested
 			attributeService.getRequestAttributes().addAll(AttributeListBuilder.getRequestedAttributes());
-			
 			spSSODescriptor.getAttributeConsumingServices().add(attributeService);
 
+			
+			//build metadata
 			DocumentBuilder builder;
 			DocumentBuilderFactory factory = DocumentBuilderFactory.newInstance();
 			
@@ -237,32 +264,32 @@ public class BuildMetadata extends HttpServlet {
 			response.getOutputStream().close();
 			
 		} catch (ConfigurationException e) {
-			log.warn("Configuration can not be loaded.", e);
+			Logger.warn("Configuration can not be loaded.", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 			
 		} catch (NoSuchAlgorithmException e) {
-			log.warn("Requested Algorithm could not found.", e);
+			Logger.warn("Requested Algorithm could not found.", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 							
 		} catch (ParserConfigurationException e) {
-			log.warn("PVP2 Metadata createn error", e);
+			Logger.warn("PVP2 Metadata createn error", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 							
 		} catch (TransformerConfigurationException e) {
-			log.warn("PVP2 Metadata createn error", e);
+			Logger.warn("PVP2 Metadata createn error", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 			
 		} catch (TransformerFactoryConfigurationError e) {
-			log.warn("PVP2 Metadata createn error", e);
+			Logger.warn("PVP2 Metadata createn error", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 			
 		} catch (TransformerException e) {
-			log.warn("PVP2 Metadata createn error", e);
+			Logger.warn("PVP2 Metadata createn error", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 		}
 		
 		catch (Exception e) {
-			log.warn("Unspecific PVP2 Metadata createn error", e);
+			Logger.warn("Unspecific PVP2 Metadata createn error", e);
 			throw new ServletException("MetaData can not be created. Look into LogFiles for more details.");
 		}
 
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
index 2d32ce9af..0b30d7d86 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/servlet/pvp2/DemoApplication.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.servlet.pvp2;
 
 import java.io.IOException;
@@ -11,7 +33,6 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.servlet.http.HttpSession;
 
-import org.apache.log4j.Logger;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.common.xml.SAMLConstants;
@@ -53,13 +74,13 @@ import at.gv.egovernment.moa.id.demoOA.Configuration;
 import at.gv.egovernment.moa.id.demoOA.PVPConstants;
 import at.gv.egovernment.moa.id.demoOA.utils.ApplicationBean;
 import at.gv.egovernment.moa.id.demoOA.utils.SAML2Utils;
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.DOMUtils;
 
 
 public class DemoApplication extends HttpServlet {
 
 	private static final long serialVersionUID = -2129228304760706063L;
-	private static final Logger log = Logger.getLogger(DemoApplication.class);
 	
 	
 	
@@ -73,7 +94,7 @@ public class DemoApplication extends HttpServlet {
 		String method = request.getMethod();
 		HttpSession session = request.getSession();
 		if (session == null) {
-			log.info("NO HTTP Session");
+			Logger.info("NO HTTP Session");
 			bean.setErrorMessage("NO HTTP session");
 			setAnser(request, response, bean);
 			return;
@@ -96,7 +117,7 @@ public class DemoApplication extends HttpServlet {
 			
 				Signature sign = samlResponse.getSignature();
 				if (sign == null) {
-					log.info("Only http POST Requests can be used");
+					Logger.info("Only http POST Requests can be used");
 					bean.setErrorMessage("Only http POST Requests can be used");
 					setAnser(request, response, bean);
 					return;
@@ -126,7 +147,7 @@ public class DemoApplication extends HttpServlet {
 				ExplicitKeySignatureTrustEngine trustEngine = new ExplicitKeySignatureTrustEngine(credentialResolver, keyInfoResolver);
 				trustEngine.validate(sign, criteriaSet);
 				
-				log.info("PVP2 Assertion is valid");
+				Logger.info("PVP2 Assertion is valid");
 				
 				if (samlResponse.getStatus().getStatusCode().getValue().equals(StatusCode.SUCCESS_URI)) {
 			
@@ -137,7 +158,7 @@ public class DemoApplication extends HttpServlet {
 					if (encryAssertionList != null && encryAssertionList.size() > 0) {
 						//decrypt assertions
 						
-						log.debug("Found encryped assertion. Start decryption ...");
+						Logger.debug("Found encryped assertion. Start decryption ...");
 						
 						KeyStore keyStore = config.getPVP2KeyStore();
 						
@@ -163,7 +184,7 @@ public class DemoApplication extends HttpServlet {
 
 						}
 						
-						log.debug("Assertion decryption finished. ");
+						Logger.debug("Assertion decryption finished. ");
 						
 					} else {
 						saml2assertions = samlResponse.getAssertions();
@@ -219,7 +240,7 @@ public class DemoApplication extends HttpServlet {
 				}
 				
 			} catch (Exception e) {
-				log.warn(e);
+				Logger.warn(e);
 				bean.setErrorMessage("Internal Error: " + e.getMessage());
 				setAnser(request, response, bean);
 				return;
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java
index 83f9a8b2c..832993604 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/ApplicationBean.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.utils;
 
 import java.io.Serializable;
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
index 8c9d15d11..18c91cfdc 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/AttributeListBuilder.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.utils;
 
 import java.util.ArrayList;
@@ -9,7 +31,6 @@ import org.opensaml.saml2.metadata.RequestedAttribute;
 import at.gv.egovernment.moa.id.demoOA.PVPConstants;
 
 
-
 public class AttributeListBuilder implements PVPConstants{
 
 	protected static RequestedAttribute buildReqAttribute(String name, String friendlyName, boolean required) {
@@ -24,6 +45,8 @@ public class AttributeListBuilder implements PVPConstants{
 	public static List<RequestedAttribute> getRequestedAttributes() {
 		List<RequestedAttribute> requestedAttributes = new ArrayList<RequestedAttribute>();
 		
+		
+		//select PVP2 attributes which are needed for this application
 		requestedAttributes.add(buildReqAttribute(PVP_VERSION_NAME, PVP_VERSION_FRIENDLY_NAME, true));
 		requestedAttributes.add(buildReqAttribute(PRINCIPAL_NAME_NAME, PRINCIPAL_NAME_FRIENDLY_NAME, true));
 		requestedAttributes.add(buildReqAttribute(GIVEN_NAME_NAME, GIVEN_NAME_FRIENDLY_NAME, true));
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java
index 2b4e20ba0..4779274ac 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/MetaDataVerificationFilter.java
@@ -1,9 +1,28 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.utils;
 
-import java.util.Iterator;
-
 import org.opensaml.saml2.metadata.EntitiesDescriptor;
-import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.provider.FilterException;
 import org.opensaml.saml2.metadata.provider.MetadataFilter;
 import org.opensaml.security.SAMLSignatureProfileValidator;
diff --git a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java
index f04caf888..0bf41bb6d 100644
--- a/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java
+++ b/id/oa/src/main/java/at/gv/egovernment/moa/id/demoOA/utils/SAML2Utils.java
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 package at.gv.egovernment.moa.id.demoOA.utils;
 
 import java.io.IOException;
diff --git a/id/oa/src/main/webapp/index.jsp b/id/oa/src/main/webapp/index.jsp
new file mode 100644
index 000000000..f13a6e1bf
--- /dev/null
+++ b/id/oa/src/main/webapp/index.jsp
@@ -0,0 +1,23 @@
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+
+<html>
+<head>
+	<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+	<meta content="text/css" http-equiv="Content-Style-Type">
+    <link rel="stylesheet" type="text/css" href="css/index.css">
+     
+	<script type="text/javascript" src="./js/common.js"></script>
+        
+</head>
+<body>
+
+	<div id="demonstrator_main">
+             <div id="demonstrator_leftcontent">
+                  <input type="button" size="400" value="Login" onclick="PVP2LoginIframe('servlet/pvp2login');" id="submitbutton"/>
+             </div>
+	</div>
+	
+
+	<script type="text/javascript">jumpToAnker();</script>
+</body>
+</html>
\ No newline at end of file
diff --git a/id/oa/src/main/webapp/js/common.js b/id/oa/src/main/webapp/js/common.js
index 59b7b4e0e..3e8524ed7 100644
--- a/id/oa/src/main/webapp/js/common.js
+++ b/id/oa/src/main/webapp/js/common.js
@@ -1,3 +1,25 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ *******************************************************************************/
 function gup(name) {
 	name = name.replace(/[\[]/,"\\\[").replace(/[\]]/,"\\\]");
   	var regexS = "[\\?&]"+name+"=([^&#]*)";