make SAML2 http POST-Binding template and mandate-service selection-template configurable for every online application

10 files changed, 82 insertions, 38 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
index 365a31fe1..643e30ac9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AttributQueryAction.java
@@ -39,6 +39,7 @@ import org.opensaml.saml2.core.Response;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Service;
 
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
@@ -79,6 +80,7 @@ public class AttributQueryAction implements IAction {
 	@Autowired private IDPCredentialProvider pvpCredentials;
 	@Autowired private AuthConfiguration authConfig;
 	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
+	@Autowired(required=true) ApplicationContext springContext;
 	
 	private final static List<String> DEFAULTSTORKATTRIBUTES = Arrays.asList(
 			new String[]{PVPConstants.EID_STORK_TOKEN_NAME});	
@@ -141,9 +143,9 @@ public class AttributQueryAction implements IAction {
 						metadataProvider, issuerEntityID, attrQuery, date, 
 						assertion, authConfig.isPVP2AssertionEncryptionActive());
 									
-				SoapBinding decoder = new SoapBinding();				
+				SoapBinding decoder = springContext.getBean("PVPSOAPBinding", SoapBinding.class);
 				decoder.encodeRespone(httpReq, httpResp, authResponse, null, null,
-						pvpCredentials.getIDPAssertionSigningCredential());
+						pvpCredentials.getIDPAssertionSigningCredential(), pendingReq);
 				return null;
 				
 			} catch (MessageEncodingException e) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
index aac49844e..9d60ae4b2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/AuthenticationAction.java
@@ -35,6 +35,7 @@ import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Service;
 
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
@@ -62,6 +63,7 @@ public class AuthenticationAction implements IAction {
 	@Autowired IDPCredentialProvider pvpCredentials;
 	@Autowired AuthConfiguration authConfig;
 	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
+	@Autowired(required=true) ApplicationContext springContext;
 	
 	public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
 			HttpServletResponse httpResp, IAuthData authData) throws MOAIDException {
@@ -102,11 +104,11 @@ public class AuthenticationAction implements IAction {
 
 		if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-			binding = new RedirectBinding();
+			binding = springContext.getBean("PVPRedirectBinding", RedirectBinding.class);
 						
 		} else if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_POST_BINDING_URI)) {
-			binding = new PostBinding();
+			binding = springContext.getBean("PVPPOSTBinding", PostBinding.class);
 			
 		}
 
@@ -117,7 +119,7 @@ public class AuthenticationAction implements IAction {
 		try {
 			binding.encodeRespone(httpReq, httpResp, authResponse, 
 					consumerService.getLocation(), moaRequest.getRelayState(),
-					pvpCredentials.getIDPAssertionSigningCredential());
+					pvpCredentials.getIDPAssertionSigningCredential(), req);
 
 			//set protocol type
 			sloInformation.setProtocolType(req.requestedModule());
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index a7a249eed..216d7a8b1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -444,13 +444,13 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController  {
 		IEncoder encoder = null;
 		
 		if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {			
-			encoder = new RedirectBinding();
+			encoder = applicationContext.getBean("PVPRedirectBinding", RedirectBinding.class);
 						
 		} else if(pvpRequest.getBinding().equals(SAMLConstants.SAML2_POST_BINDING_URI))  {
-			encoder = new PostBinding();
+			encoder = applicationContext.getBean("PVPPOSTBinding", PostBinding.class);
 			
 		} else if (pvpRequest.getBinding().equals(SAMLConstants.SAML2_SOAP11_BINDING_URI))  {
-			encoder = new SoapBinding();
+			encoder = applicationContext.getBean("PVPSOAPBinding", SoapBinding.class);
 		}
 
 		if(encoder == null) {
@@ -465,7 +465,7 @@ public class PVP2XProtocol extends AbstractAuthProtocolModulController  {
 		X509Credential signCred = pvpCredentials.getIDPAssertionSigningCredential();
 		
 		encoder.encodeRespone(request, response, samlResponse, pvpRequest.getConsumerURL(), 
-				relayState, signCred);
+				relayState, signCred, protocolRequest);
 		return true;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
index ff703d585..f709da213 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/SingleLogOutAction.java
@@ -111,7 +111,7 @@ public class SingleLogOutAction implements IAction {
 					//LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 					LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
 					Logger.info("Sending SLO success message to requester ...");
-					sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());						
+					sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState(), pvpReq);						
 					return null;
 
 				} else {						
@@ -127,7 +127,7 @@ public class SingleLogOutAction implements IAction {
 						//LogoutResponse message = sloBuilder.buildSLOErrorResponse(sloService, pvpReq, StatusCode.RESPONDER_URI);
 						LogoutResponse message = sloBuilder.buildSLOResponseMessage(sloService, pvpReq, null);
 						Logger.info("Sending SLO success message to requester ...");
-						sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState());
+						sloBuilder.sendFrontChannelSLOMessage(sloService, message, httpReq, httpResp, samlReq.getRelayState(), pvpReq);
 						return null;
 
 					}						
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
index 3b2fb3687..ccbef6e6c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/IEncoder.java
@@ -31,6 +31,7 @@ import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
 
+import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.PVP2Exception;
 
 public interface IEncoder {
@@ -43,12 +44,13 @@ public interface IEncoder {
 	 * @param targetLocation URL, where the request should be transmit
 	 * @param relayState token for session handling
 	 * @param credentials Credential to sign the request object
+	 * @param pendingReq Internal MOA-ID request object that contains session-state informations but never null
 	 * @throws MessageEncodingException
 	 * @throws SecurityException
 	 * @throws PVP2Exception
 	 */
 	public void encodeRequest(HttpServletRequest req, 
-			HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState, Credential credentials) 
+			HttpServletResponse resp, RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq) 
 					throws MessageEncodingException, SecurityException, PVP2Exception;
 	
 	/**
@@ -59,10 +61,11 @@ public interface IEncoder {
 	 * @param targetLocation URL, where the request should be transmit
 	 * @param relayState token for session handling
 	 * @param credentials Credential to sign the response object
+	 * @param pendingReq Internal MOA-ID request object that contains session-state informations but never null
 	 * @throws MessageEncodingException
 	 * @throws SecurityException
 	 */
 	public void encodeRespone(HttpServletRequest req, 
-			HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState, Credential credentials) 
+			HttpServletResponse resp, StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq) 
 					throws MessageEncodingException, SecurityException, PVP2Exception;
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
index 9977e607b..c7688c14b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/PostBinding.java
@@ -25,13 +25,11 @@ package at.gv.egovernment.moa.id.protocols.pvp2x.binding;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.velocity.app.VelocityEngine;
 import org.opensaml.common.SAMLObject;
 import org.opensaml.common.binding.BasicSAMLMessageContext;
 import org.opensaml.common.binding.decoding.URIComparator;
 import org.opensaml.common.xml.SAMLConstants;
 import org.opensaml.saml2.binding.decoding.HTTPPostDecoder;
-import org.opensaml.saml2.binding.encoding.HTTPPostEncoder;
 import org.opensaml.saml2.core.RequestAbstractType;
 import org.opensaml.saml2.core.StatusResponseType;
 import org.opensaml.saml2.metadata.IDPSSODescriptor;
@@ -49,8 +47,17 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.auth.frontend.builder.GUIFormBuilderImpl;
+import at.gv.egovernment.moa.id.auth.frontend.builder.IGUIBuilderConfiguration;
+import at.gv.egovernment.moa.id.auth.frontend.builder.SPSpecificGUIBuilderConfigurationWithFileSystemLoad;
 import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IRequest;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.id.opemsaml.MOAIDHTTPPostEncoder;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -62,10 +69,14 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+@Service("PVPPOSTBinding")
 public class PostBinding implements IDecoder, IEncoder {
+	
+	@Autowired(required=true) AuthConfiguration authConfig;
+	@Autowired(required=true) GUIFormBuilderImpl guiBuilder;
 		
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials)	
+			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)	
 			throws MessageEncodingException, SecurityException {
 	
 		try {
@@ -75,9 +86,18 @@ public class PostBinding implements IDecoder, IEncoder {
 			//load default PVP security configurations
 			MOADefaultBootstrap.initializeDefaultPVPConfiguration();
 			
-			VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
-			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
-					"resources/templates/pvp_postbinding_template.html");
+			//initialize POST binding encoder with template decoration
+			IGUIBuilderConfiguration guiConfig = 
+					new SPSpecificGUIBuilderConfigurationWithFileSystemLoad(
+							pendingReq, 
+							"pvp_postbinding_template.html", 
+							MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SAML2POSTBINDING_URL, 
+							null, 
+							authConfig.getRootConfigFileDir());								
+			MOAIDHTTPPostEncoder encoder = new MOAIDHTTPPostEncoder(guiConfig, guiBuilder,
+					VelocityProvider.getClassPathVelocityEngine());	
+			
+			//set OpenSAML2 process parameter into binding context dao
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
 					resp, true);
 			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
@@ -103,22 +123,27 @@ public class PostBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation, String relayState, Credential credentials)
+			StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
 			throws MessageEncodingException, SecurityException {
 
 		try {
-//			X509Credential credentials = credentialProvider
-//					.getIDPAssertionSigningCredential();
-
 			//load default PVP security configurations
 			MOADefaultBootstrap.initializeDefaultPVPConfiguration();
 			
 			Logger.debug("create SAML POSTBinding response");
 			
-			 VelocityEngine engine = VelocityProvider.getClassPathVelocityEngine();
-
-			HTTPPostEncoder encoder = new HTTPPostEncoder(engine,
-					"resources/templates/pvp_postbinding_template.html");
+			//initialize POST binding encoder with template decoration
+			IGUIBuilderConfiguration guiConfig = 
+					new SPSpecificGUIBuilderConfigurationWithFileSystemLoad(
+							pendingReq, 
+							"pvp_postbinding_template.html", 
+							MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_SAML2POSTBINDING_URL, 
+							null, 
+							authConfig.getRootConfigFileDir());								
+			MOAIDHTTPPostEncoder encoder = new MOAIDHTTPPostEncoder(guiConfig, guiBuilder,
+					VelocityProvider.getClassPathVelocityEngine());	
+			
+			//set OpenSAML2 process parameter into binding context dao			
 			HttpServletResponseAdapter responseAdapter = new HttpServletResponseAdapter(
 					resp, true);
 			BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject> context = new BasicSAMLMessageContext<SAMLObject, SAMLObject, SAMLObject>();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
index 279038967..4f44a6202 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/RedirectBinding.java
@@ -50,7 +50,9 @@ import org.opensaml.ws.transport.http.HttpServletResponseAdapter;
 import org.opensaml.xml.parse.BasicParserPool;
 import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
+import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap;
 import at.gv.egovernment.moa.id.protocols.pvp2x.messages.InboundMessage;
@@ -62,10 +64,11 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+@Service("PVPRedirectBinding")
 public class RedirectBinding implements IDecoder, IEncoder {
 	
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials)
+			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
 			throws MessageEncodingException, SecurityException {
 		
 //		try {
@@ -100,7 +103,7 @@ public class RedirectBinding implements IDecoder, IEncoder {
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
 			StatusResponseType response, String targetLocation, String relayState, 
-			Credential credentials) throws MessageEncodingException, SecurityException {
+			Credential credentials, IRequest pendingReq) throws MessageEncodingException, SecurityException {
 //		try {
 //			X509Credential credentials = credentialProvider
 //					.getIDPAssertionSigningCredential();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
index 94d91694a..552b64ac6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/SoapBinding.java
@@ -48,7 +48,9 @@ import org.opensaml.xml.security.SecurityException;
 import org.opensaml.xml.security.credential.Credential;
 import org.opensaml.xml.signature.SignableXMLObject;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
 
+import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVP2XProtocol;
 import at.gv.egovernment.moa.id.protocols.pvp2x.config.MOADefaultBootstrap;
 import at.gv.egovernment.moa.id.protocols.pvp2x.exceptions.AttributQueryException;
@@ -60,6 +62,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.signer.IDPCredentialProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
+@Service("PVPSOAPBinding")
 public class SoapBinding implements IDecoder, IEncoder {
 
 	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
@@ -136,13 +139,13 @@ public class SoapBinding implements IDecoder, IEncoder {
 	}
 
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
-			RequestAbstractType request, String targetLocation, String relayState, Credential credentials)
+			RequestAbstractType request, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
 			throws MessageEncodingException, SecurityException, PVP2Exception {
 		
 	}
 
 	public void encodeRespone(HttpServletRequest req, HttpServletResponse resp,
-			StatusResponseType response, String targetLocation, String relayState, Credential credentials)
+			StatusResponseType response, String targetLocation, String relayState, Credential credentials, IRequest pendingReq)
 			throws MessageEncodingException, SecurityException, PVP2Exception {
 //		try {
 //			Credential credentials = credentialProvider
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
index 01ef4a43d..f29418853 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/PVPAuthnRequestBuilder.java
@@ -44,6 +44,8 @@ import org.opensaml.saml2.metadata.EntityDescriptor;
 import org.opensaml.saml2.metadata.SingleSignOnService;
 import org.opensaml.ws.message.encoder.MessageEncodingException;
 import org.opensaml.xml.security.SecurityException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Service;
 
 import at.gv.egovernment.moa.id.commons.api.IRequest;
@@ -64,6 +66,7 @@ import at.gv.egovernment.moa.util.MiscUtil;
 @Service("PVPAuthnRequestBuilder")
 public class PVPAuthnRequestBuilder {
 	
+	@Autowired(required=true) ApplicationContext springContext;
 	
 	/**
 	 * Build a PVP2.x specific authentication request
@@ -202,17 +205,17 @@ public class PVPAuthnRequestBuilder {
 		IEncoder binding = null;
 		if (endpoint.getBinding().equals(
 				SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-			binding = new RedirectBinding();
+			binding = springContext.getBean("PVPRedirectBinding", RedirectBinding.class);
 														
 		} else if (endpoint.getBinding().equals(
 				SAMLConstants.SAML2_POST_BINDING_URI)) {
-			binding = new PostBinding();
+			binding = springContext.getBean("PVPPOSTBinding", PostBinding.class);
 			
 		}
 		
 		//encode message
 		binding.encodeRequest(null, httpResp, authReq, 
-				endpoint.getLocation(), pendingReq.getRequestID(), config.getAuthnRequestSigningCredential());
+				endpoint.getLocation(), pendingReq.getRequestID(), config.getAuthnRequestSigningCredential(), pendingReq);
 	}
 
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
index de59e6055..4fef52aec 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/builder/SingleLogOutBuilder.java
@@ -59,6 +59,7 @@ import org.opensaml.xml.signature.Signature;
 import org.opensaml.xml.signature.SignatureConstants;
 import org.opensaml.xml.signature.Signer;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
 import org.springframework.stereotype.Service;
 import org.w3c.dom.Document;
 
@@ -95,7 +96,9 @@ import at.gv.egovernment.moa.logging.Logger;
 public class SingleLogOutBuilder {
 
 	@Autowired(required=true) private MOAMetadataProvider metadataProvider;
+	@Autowired(required=true) ApplicationContext springContext;
 	@Autowired private IDPCredentialProvider credentialProvider;
+	
 		
 	public void checkStatusCode(ISLOInformationContainer sloContainer, LogoutResponse logOutResp) {
 		Status status = logOutResp.getStatus();				
@@ -185,15 +188,15 @@ public class SingleLogOutBuilder {
 	
 	public void sendFrontChannelSLOMessage(SingleLogoutService consumerService, 
 			LogoutResponse sloResp, HttpServletRequest req, HttpServletResponse resp, 
-			String relayState) throws MOAIDException {
+			String relayState, PVPTargetConfiguration pvpReq) throws MOAIDException {
 		IEncoder binding = null;
 		if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
-			binding = new RedirectBinding();
+			binding = springContext.getBean("PVPRedirectBinding", RedirectBinding.class);
 						
 		} else if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_POST_BINDING_URI)) {
-			binding = new PostBinding();
+			binding = springContext.getBean("PVPPOSTBinding", PostBinding.class);
 			
 		}
 
@@ -204,7 +207,7 @@ public class SingleLogOutBuilder {
 		try {
 			binding.encodeRespone(req, resp, sloResp, 
 					consumerService.getLocation(), relayState, 
-					credentialProvider.getIDPAssertionSigningCredential());
+					credentialProvider.getIDPAssertionSigningCredential(), pvpReq);
 			
 		} catch (MessageEncodingException e) {
 			Logger.error("Message Encoding exception", e);