aboutsummaryrefslogtreecommitdiff
path: root/id/server/idserverlib/src/test
diff options
context:
space:
mode:
authorThomas Lenz <tlenz@iaik.tugraz.at>2015-02-18 13:47:14 +0100
committerThomas Lenz <tlenz@iaik.tugraz.at>2015-02-18 13:47:14 +0100
commitbf086cff8ef680b73ca0300147c3c3b70ab32ae0 (patch)
tree1174cdc916982f5f879cde1fc587147a7dced63d /id/server/idserverlib/src/test
parent570527d48e3bf03444cdda08a4c1bcf8e7d4ff42 (diff)
parent271e22add71f0260f5d421844a2171a09093f505 (diff)
downloadmoa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.tar.gz
moa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.tar.bz2
moa-id-spss-bf086cff8ef680b73ca0300147c3c3b70ab32ae0.zip
Merge branch 'datentechnik_modularization' into moa-id-2.2-merge
Conflicts: id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java id/server/stork2-commons/pom.xml id/server/stork2-commons/src/main/java/eu/stork/peps/complex/attributes/.svn/entries id/server/stork2-commons/src/main/resources/.svn/entries id/server/stork2-saml-engine/pom.xml pom.xml
Diffstat (limited to 'id/server/idserverlib/src/test')
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java52
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java41
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java116
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java54
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java54
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java50
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java33
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java52
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java42
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java46
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/BooleanStringExpressionEvaluator.java24
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java19
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java19
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessDefinitionParserTest.java137
-rw-r--r--id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java108
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties12
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml54
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml19
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml13
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml14
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml52
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml487
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml179
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml22
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml16
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml21
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml19
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml19
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml18
-rw-r--r--id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml21
30 files changed, 1813 insertions, 0 deletions
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
new file mode 100644
index 000000000..c26236619
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+
+/**
+ * Adapter class for {@link ExpressionEvaluationContext}. Intended to be used for testing purposes.
+ *
+ * @author tknall
+ *
+ */
+public class ExpressionContextAdapter implements ExpressionEvaluationContext {
+
+ private static final long serialVersionUID = 1L;
+
+ private Map<String, Serializable> ctxData = Collections.synchronizedMap(new HashMap<String, Serializable>());
+
+ /**
+ * Returns a certain {@link Serializable} object associated with a certain {@code key}.
+ *
+ * @param key
+ * The key.
+ * @return The object or {@code null} if no object was found stored with that key or if a {@code null} value was
+ * stored.
+ */
+ Serializable get(String key) {
+ return ctxData.get(key);
+ }
+
+ /**
+ * Stores a {@link Serializable} with a certain {@code key}.
+ *
+ * @param key
+ * The key.
+ * @param object
+ * The object.
+ */
+ void put(String key, Serializable object) {
+ ctxData.put(key, object);
+ }
+
+ @Override
+ public Map<String, Serializable> getCtx() {
+ return Collections.unmodifiableMap(ctxData);
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
new file mode 100644
index 000000000..89f3c0383
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * A dummy pojo used to test {@link ExpressionEvaluator} with Spring EL referencing Spring beans.
+ *
+ * @author tknall
+ *
+ */
+public class SimplePojo {
+
+ private Boolean booleanValue;
+ private String stringValue;
+ private Integer integerValue;
+
+ public Boolean getBooleanValue() {
+ return booleanValue;
+ }
+
+ public void setBooleanValue(Boolean booleanValue) {
+ this.booleanValue = booleanValue;
+ }
+
+ public String getStringValue() {
+ return stringValue;
+ }
+
+ public void setStringValue(String stringValue) {
+ this.stringValue = stringValue;
+ }
+
+ public Integer getIntegerValue() {
+ return integerValue;
+ }
+
+ public void setIntegerValue(Integer integerValue) {
+ this.integerValue = integerValue;
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
new file mode 100644
index 000000000..5355f14d3
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
@@ -0,0 +1,116 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.*;
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Properties;
+
+import org.hibernate.cfg.Configuration;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessEngineImpl;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore;
+import at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator;
+
+/**
+ * Tests the process engine using processes based on Spring EL referencing the process context and further Spring beans.
+ *
+ * @author tknall
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionAwareProcessEngineTest {
+
+
+ private static ProcessEngine pe;
+
+ @BeforeClass
+ public static void init() throws IOException, ProcessDefinitionParserException {
+
+ pe = new ProcessEngineImpl();
+ ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new SpringExpressionEvaluator());
+ try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionWithExpression1.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(in);
+ }
+ try (InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("SampleProcessDefinitionForSAML1Authentication.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(in);
+ }
+
+ initHibernateForTesting();
+ }
+
+ private static void initHibernateForTesting() throws IOException{
+
+ InputStream in = SpringExpressionAwareProcessEngineTest.class.getResourceAsStream("/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties");
+ Properties props = new Properties();
+ props.load(in);
+
+ try {
+ ConfigurationDBUtils.initHibernate(props);
+ Configuration config = new Configuration();
+ config.addProperties(props);
+ config.addAnnotatedClass(ProcessInstanceStore.class);
+ config.addAnnotatedClass(InterfederationSessionStore.class);
+ MOASessionDBUtils.initHibernate(config, props);
+ } catch (MOADatabaseException e) {
+ e.printStackTrace();
+ }
+ }
+
+
+ @Test
+ public void testSampleProcessDefinitionWithExpression1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+
+ String piId = pe.createProcessInstance("SampleProcessWithExpression1");
+ ProcessInstance pi = pe.getProcessInstance(piId);
+ assertEquals(NOT_STARTED, pi.getState());
+
+
+ // start process
+ pe.start(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test
+ public void testSampleProcessDefinitionForSAML1Authentication() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+
+ String piId = pe.createProcessInstance("SampleProcessDefinitionForSAML1Authentication");
+ ProcessInstance pi = pe.getProcessInstance(piId);
+ assertEquals(NOT_STARTED, pi.getState());
+
+ // start process
+ pe.start(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(ENDED, pi.getState());
+
+ pi = pe.getProcessInstance(piId);
+ ExecutionContext ec = pi.getExecutionContext();
+ assertNotNull(ec);
+ System.out.println(ec.keySet());
+
+ assertNotNull(ec.get("bkuURL"));
+ assertNotNull(ec.get("IdentityLink"));
+ assertNotNull(ec.get("isIdentityLinkValidated"));
+ assertNotNull(ec.get("SignedAuthBlock"));
+ assertNotNull(ec.get("isSignedAuthBlockValidated"));
+ assertNotNull(ec.get("SAML1Assertion"));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
new file mode 100644
index 000000000..bc9d1d399
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Tests the {@link ExpressionEvaluator} using a Spring EL based implementation capable of dereferencing Spring beans.
+ *
+ * @author tknall
+ *
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionEvaluatorTest {
+
+ private ExpressionContextAdapter ctx;
+
+ @Autowired
+ private ExpressionEvaluator expressionEvaluator;
+
+ @Before
+ public void prepareTest() {
+ ctx = new ExpressionContextAdapter();
+ }
+
+ @Test
+ public void testEvaluateSimpleExpression() {
+ assertTrue(expressionEvaluator.evaluate(ctx, "'true'"));
+ }
+
+ @Test
+ public void testEvaluateExpressionWithCtx() {
+ ctx.put("myProperty", false);
+ assertFalse(expressionEvaluator.evaluate(ctx, "ctx['myProperty']"));
+ }
+
+ @Test
+ public void testEvaluateExpressionWithBeanReference() {
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.booleanValue"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "'HelloWorld'.equals(@simplePojo.stringValue)"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.integerValue == 42"));
+ assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.stringValue.length() == 10"));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
new file mode 100644
index 000000000..7e56071bd
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the creation of a SAML1 assertion.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SAML1Assertion}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class CreateSAML1AssertionTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isSignedAuthBlockValidated"))));
+
+ log.debug("Using IdentityLink and signed auth block in order to create SAML1 assertion.");
+
+ try (InputStream in = getClass().getResourceAsStream("SAML1Assertion.xml")) {
+ executionContext.put("SAML1Assertion", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
new file mode 100644
index 000000000..412fb0123
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the retrieval of an IdentityLink.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class GetIdentityLinkTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws IOException {
+ Objects.requireNonNull(executionContext.get("bkuURL"));
+
+ log.debug("Using bkuURL in order to retrieve IdentityLink.");
+
+ try (InputStream in = getClass().getResourceAsStream("IdentityLink_Max_Mustermann.xml")) {
+ executionContext.put("IdentityLink", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
new file mode 100644
index 000000000..54195ec91
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating a bku selection.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class SelectBKUTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ log.debug("Providing BKU selection.");
+ executionContext.put("bkuURL", "https://127.0.0.1:3496/https-security-layer-request");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
new file mode 100644
index 000000000..8099c0f98
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the signature of an auth block.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class SignAuthBlockTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("bkuURL"));
+
+ log.debug("Using validated IdentityLink and bkuURL in order to sign auth block.");
+ try (InputStream in = getClass().getResourceAsStream("SignedAuthBlock.xml")) {
+ executionContext.put("SignedAuthBlock", IOUtils.toString(in, Charset.forName("UTF-8")));
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
new file mode 100644
index 000000000..a8e7df3d7
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Dummy task simulating the validation of an IdentityLink.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class ValidateIdentityLinkTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+
+ log.debug("Validating IdentityLink.");
+
+ executionContext.put("isIdentityLinkValidated", true);
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
new file mode 100644
index 000000000..07b2ea69c
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the validation of an auth block.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ *
+ * @author tknall
+ *
+ */
+public class ValidateSignedAuthBlockTask implements Task {
+
+ private Logger log = LoggerFactory.getLogger(getClass());
+
+ @Override
+ public void execute(ExecutionContext executionContext) throws Exception {
+ Objects.requireNonNull(executionContext.get("IdentityLink"));
+ assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+ Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+
+ log.debug("Using validated IdentityLink and signed auth block in order to validate signed auth block.");
+
+ executionContext.put("isSignedAuthBlockValidated", true);
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/BooleanStringExpressionEvaluator.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/BooleanStringExpressionEvaluator.java
new file mode 100644
index 000000000..20dfc50ef
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/BooleanStringExpressionEvaluator.java
@@ -0,0 +1,24 @@
+package at.gv.egovernment.moa.id.process.test;
+
+import java.util.Objects;
+
+import org.apache.commons.lang3.BooleanUtils;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Expression evaluator that guesses the boolean value from a String. Refer to {@link BooleanUtils#toBoolean(String)}
+ * for further information.
+ *
+ * @author tknall
+ *
+ */
+public class BooleanStringExpressionEvaluator implements ExpressionEvaluator {
+
+ @Override
+ public boolean evaluate(ExpressionEvaluationContext expressionContext, String expression) {
+ return BooleanUtils.toBoolean(Objects.requireNonNull(expression, "Expression must not be null."));
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java
new file mode 100644
index 000000000..d05200ee8
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HalloWeltTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hallo World" text to the console.
+ *
+ * @author tknall
+ *
+ */
+public class HalloWeltTask implements Task {
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ System.out.println("Hallo Welt");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java
new file mode 100644
index 000000000..e79bb8198
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/HelloWorldTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hello World" text to the console.
+ *
+ * @author tknall
+ *
+ */
+public class HelloWorldTask implements Task {
+
+ @Override
+ public void execute(ExecutionContext executionContext) {
+ System.out.println("Hello World");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessDefinitionParserTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessDefinitionParserTest.java
new file mode 100644
index 000000000..df13f064b
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessDefinitionParserTest.java
@@ -0,0 +1,137 @@
+package at.gv.egovernment.moa.id.process.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.model.EndEvent;
+import at.gv.egovernment.moa.id.process.model.ProcessDefinition;
+import at.gv.egovernment.moa.id.process.model.ProcessNode;
+import at.gv.egovernment.moa.id.process.model.StartEvent;
+import at.gv.egovernment.moa.id.process.model.TaskInfo;
+import at.gv.egovernment.moa.id.process.model.Transition;
+
+public class ProcessDefinitionParserTest {
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_MultipleStartEvents() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_MultipleStartEvents.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionLoop() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionLoop.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionStartsFromEndEvent() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionStartsFromEndEvent.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_TransitionRefsTransition() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionRefsTransition.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test(expected = ProcessDefinitionParserException.class)
+ public void testParseInvalidProcessDefinition_NoStartEvents() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_NoStartEvents.xml")) {
+ new ProcessDefinitionParser().parse(in);
+ }
+ }
+
+ @Test
+ public void testParseSampleProcessDefinition() throws IOException, ProcessDefinitionParserException {
+ try (InputStream in = getClass().getResourceAsStream("SampleProcessDefinition1.xml")) {
+
+ ProcessDefinitionParser parser = new ProcessDefinitionParser();
+ ProcessDefinition pd = parser.parse(in);
+
+ assertNotNull(pd);
+ assertEquals("SampleProcess1", pd.getId());
+
+ // first assert tasks then transitions
+ // start event
+ StartEvent startEvent = pd.getStartEvent();
+ assertNotNull(startEvent);
+ assertEquals("start", startEvent.getId());
+ assertEquals(startEvent, pd.getProcessNode("start"));
+ // task1
+ ProcessNode processNode = pd.getProcessNode("task1");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof TaskInfo);
+ TaskInfo task1 = (TaskInfo) processNode;
+ assertEquals("task1", task1.getId());
+ assertFalse(task1.isAsync());
+ // task2
+ processNode = pd.getProcessNode("task2");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof TaskInfo);
+ TaskInfo task2 = (TaskInfo) processNode;
+ assertEquals("task2", task2.getId());
+ assertTrue(task2.isAsync());
+ // end event
+ processNode = pd.getProcessNode("end");
+ assertNotNull(processNode);
+ assertTrue(processNode instanceof EndEvent);
+ EndEvent endEvent = (EndEvent) processNode;
+ assertEquals("end", endEvent.getId());
+
+ // assert transitions
+ // start event
+ assertNotNull(startEvent.getIncomingTransitions());
+ assertTrue(startEvent.getIncomingTransitions().isEmpty());
+ assertNotNull(startEvent.getOutgoingTransitions());
+ assertEquals(1, startEvent.getOutgoingTransitions().size());
+ // transition from start to task1
+ Transition startToTask1 = startEvent.getOutgoingTransitions().get(0);
+ assertEquals("fromStart", startToTask1.getId());
+ assertEquals(startEvent, startToTask1.getFrom());
+ assertEquals(task1, startToTask1.getTo());
+ assertEquals("true", startToTask1.getConditionExpression());
+ // task1
+ assertNotNull(task1.getIncomingTransitions());
+ assertEquals(1, task1.getIncomingTransitions().size());
+ assertEquals(startToTask1, task1.getIncomingTransitions().get(0));
+ assertNotNull(task1.getOutgoingTransitions());
+ assertEquals(1, task1.getOutgoingTransitions().size());
+ // transition from task1 to task2
+ Transition task1ToTask2 = task1.getOutgoingTransitions().get(0);
+ assertNull(task1ToTask2.getId());
+ assertEquals(task1, task1ToTask2.getFrom());
+ assertEquals(task2, task1ToTask2.getTo());
+ assertNull(task1ToTask2.getConditionExpression());
+ // task2
+ assertNotNull(task2.getIncomingTransitions());
+ assertEquals(1, task2.getIncomingTransitions().size());
+ assertEquals(task1ToTask2, task2.getIncomingTransitions().get(0));
+ assertNotNull(task2.getOutgoingTransitions());
+ assertEquals(1, task2.getOutgoingTransitions().size());
+ // transition from task2 to end
+ Transition task2ToEnd = task2.getOutgoingTransitions().get(0);
+ assertNull(task2ToEnd.getId());
+ assertEquals(task2, task2ToEnd.getFrom());
+ assertEquals(endEvent, task2ToEnd.getTo());
+ assertNull(task2ToEnd.getConditionExpression());
+
+ }
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java
new file mode 100644
index 000000000..4f24468fe
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/test/ProcessEngineTest.java
@@ -0,0 +1,108 @@
+package at.gv.egovernment.moa.id.process.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.*;
+import static org.junit.Assert.*;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.util.Properties;
+
+import org.hibernate.cfg.Configuration;
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.session.InterfederationSessionStore;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessEngineImpl;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+import at.gv.egovernment.moa.id.process.dao.ProcessInstanceStore;
+
+public class ProcessEngineTest {
+
+ private static ProcessEngine pe;
+
+ @BeforeClass
+ public static void init() throws IOException, ProcessDefinitionParserException {
+
+ ProcessDefinitionParser pdp = new ProcessDefinitionParser();
+
+ pe = new ProcessEngineImpl();
+
+ ((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new BooleanStringExpressionEvaluator());
+ try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition1.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+ }
+ try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition2.xml")) {
+ ((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+ }
+
+ initHibernateForTesting();
+ }
+
+
+ private static void initHibernateForTesting() throws IOException{
+
+ InputStream in = ProcessEngineTest.class.getResourceAsStream("/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties");
+ Properties props = new Properties();
+ props.load(in);
+
+ try {
+ ConfigurationDBUtils.initHibernate(props);
+ Configuration config = new Configuration();
+ config.addProperties(props);
+ config.addAnnotatedClass(ProcessInstanceStore.class);
+ config.addAnnotatedClass(InterfederationSessionStore.class);
+ MOASessionDBUtils.initHibernate(config, props);
+ } catch (MOADatabaseException e) {
+ e.printStackTrace();
+ }
+ }
+
+ @Test
+ public void testSampleProcess1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+
+ String piId = pe.createProcessInstance("SampleProcess1");
+ ProcessInstance pi = pe.getProcessInstance(piId);
+ assertEquals(NOT_STARTED, pi.getState());
+
+ // start process
+ pe.start(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(SUSPENDED, pi.getState());
+
+ System.out.println("Do something asynchronously");
+ pe.signal(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test
+ public void testSampleProcess2() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+
+ String piId = pe.createProcessInstance("SampleProcess2");
+ ProcessInstance pi = pe.getProcessInstance(piId);
+ assertEquals(NOT_STARTED, pi.getState());
+
+ // start process
+ pe.start(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(SUSPENDED, pi.getState());
+
+ System.out.println("Do something asynchronously");
+ pe.signal(piId);
+ pi = pe.getProcessInstance(piId);
+ assertEquals(ENDED, pi.getState());
+ }
+
+ @Test(expected = IllegalArgumentException.class)
+ public void testProcessInstanceDoesNotExist() {
+ pe.getProcessInstance("does not exist");
+ }
+
+}
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties
new file mode 100644
index 000000000..c4faa6d09
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/hibernate.configuration.test.properties
@@ -0,0 +1,12 @@
+# minimal Hibnerate configuration for testing the process engine
+hibernate.dialect=org.hibernate.dialect.H2Dialect
+hibernate.connection.url=jdbc:h2:mem:moa.id-session;DB_CLOSE_DELAY=-1
+hibernate.connection.charSet=utf-8
+hibernate.connection.driver_class=org.h2.Driver
+hibernate.connection.username=
+hibernate.connection.password=
+
+hibernate.format_sql=true
+hibernate.show_sql=false
+hibernate.transaction.auto_close_session=true
+hibernate.hbm2ddl.auto=update
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
new file mode 100644
index 000000000..764ad6405
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ id="SampleProcessDefinitionForSAML1Authentication">
+
+ <!--
+ returns String 'bkuURL'
+ -->
+ <pd:Task id="bkuSelectionTask" class="at.gv.egovernment.moa.id.process.spring.test.task.SelectBKUTask" />
+
+ <!--
+ requires 'bkuURL'
+ returns String 'IdentityLink'
+ -->
+ <pd:Task id="getIdentityLinkTask" class="at.gv.egovernment.moa.id.process.spring.test.task.GetIdentityLinkTask" />
+
+ <!--
+ requires 'IdentityLink'
+ returns Boolean 'isIdentityLinkValidated'
+ -->
+ <pd:Task id="validateIdentityLinkTask" class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateIdentityLinkTask" />
+
+ <!--
+ requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL'
+ returns String 'SignedAuthBlock'
+ -->
+ <pd:Task id="signAuthBlockTask" class="at.gv.egovernment.moa.id.process.spring.test.task.SignAuthBlockTask" />
+
+ <!--
+ requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock'
+ returns Boolean 'isSignedAuthBlockValidated'
+ -->
+ <pd:Task id="validateSignedAuthBlockTask" class="at.gv.egovernment.moa.id.process.spring.test.task.ValidateSignedAuthBlockTask" />
+
+ <!--
+ requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated';
+ returns 'SAML1Assertion'
+ -->
+ <pd:Task id="createAssertionTask" class="at.gv.egovernment.moa.id.process.spring.test.task.CreateSAML1AssertionTask" />
+
+ <pd:StartEvent id="start" />
+ <pd:EndEvent id="end" />
+
+ <pd:Transition from="start" to="bkuSelectionTask" conditionExpression="ctx['bkuURL'] == null" />
+ <pd:Transition from="start" to="getIdentityLinkTask" />
+
+ <pd:Transition from="bkuSelectionTask" to="getIdentityLinkTask" />
+ <pd:Transition from="getIdentityLinkTask" to="validateIdentityLinkTask" />
+ <pd:Transition from="validateIdentityLinkTask" to="signAuthBlockTask" conditionExpression="ctx['isIdentityLinkValidated']" />
+ <pd:Transition from="signAuthBlockTask" to="validateSignedAuthBlockTask" />
+ <pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask" conditionExpression="ctx['isSignedAuthBlockValidated']" />
+
+ <pd:Transition from="createAssertionTask" to="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
new file mode 100644
index 000000000..dfe186423
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ id="SampleProcessWithExpression1">
+
+ <pd:Task id="task1" />
+ <pd:Task id="task2" />
+ <pd:Task id="task3" />
+ <pd:Task id="task4" />
+
+ <pd:StartEvent id="start" />
+ <pd:EndEvent id="end" />
+
+ <pd:Transition from="start" to="task1" conditionExpression="'true'" />
+ <pd:Transition from="task1" to="task2" conditionExpression="'true'" />
+ <pd:Transition from="task2" to="task3" conditionExpression="'true'" />
+ <pd:Transition from="task3" to="task4" conditionExpression="'true'" />
+ <pd:Transition from="task4" to="end" conditionExpression="'true'" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
new file mode 100644
index 000000000..9a381d83a
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xmlns:task="http://www.springframework.org/schema/task"
+ xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd
+ http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="springElAwareExpressionEvaluator" class="at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator" />
+
+ <bean id="processEngine" class="at.gv.egovernment.moa.id.process.ProcessEngineImpl">
+ <property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" />
+ </bean>
+</beans>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
new file mode 100644
index 000000000..95b88ca1a
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+ <bean id="simplePojo" class="at.gv.egovernment.moa.id.process.spring.test.SimplePojo">
+ <property name="booleanValue" value="true" />
+ <property name="integerValue" value="42" />
+ <property name="stringValue" value="HelloWorld" />
+ </bean>
+
+ <bean id="expressionEvaluator" class="at.gv.egovernment.moa.id.process.spring.SpringExpressionEvaluator" />
+
+</beans>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
new file mode 100644
index 000000000..c68972f13
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
+ <dsig:Signature>
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+ NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH
+ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA
+wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv
+VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2
+/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw==
+ </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+ <dsig:Object>
+ <dsig:Manifest Id="manifest">
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:Manifest>
+ </dsig:Object>
+ </dsig:Signature>
+</saml:Assertion> \ No newline at end of file
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
new file mode 100644
index 000000000..3aeedd590
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
@@ -0,0 +1,487 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>
+ <pr:Identification>
+ <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+ <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+ </pr:Identification>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>1978-04-29</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+ <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+ <saml:AttributeValue>MeineTestFirma</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+ <saml:AttributeValue>123456i</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ <dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Signatur der Anmeldedaten</title>
+ <style media="screen" type="text/css">
+ .boldstyle { font-weight: bold; }
+ .italicstyle { font-style: italic; }
+ .annotationstyle { font-size: small; }
+ </style>
+ </head>
+ <body>
+ <h1>Signatur der Anmeldedaten</h1>
+ <p/>
+ <h4>Mit meiner elektronischen Signatur beantrage ich,
+ <span class="boldstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </span>, geboren am
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
+ in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
+ (OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
+ </xsl:if>
+ den Zugang zur gesicherten Anwendung.
+ </h4>
+ <p/>
+ <h4>Datum und Uhrzeit:
+ <xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
+ <xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
+ <xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
+ <xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
+ <xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
+ <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </h4>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
+ </h4>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </h4>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
+ <hr/>
+ <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
+ von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
+ <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
+ </xsl:if>, in deren Auftrag zu handeln.
+ </h4>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
+ <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
+ </h4>
+ </xsl:if>
+ <p/>
+ </xsl:if>
+ <xsl:choose>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ </xsl:choose>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
+ jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
+ Wirtschaftsunternehmen.</div>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
+ Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
+ Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+ <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
+ beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
+ </xsl:if>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
++lyI</dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:X509Data>
+ <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
+EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
+dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
+LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
+LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
+BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
+YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
+MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
+6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
+MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
+CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
+BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
+aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
+dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
+ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
+dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
+VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
+ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
+SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
+CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
+BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
+ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
+uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
+egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
+GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
+SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
+</dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
+ <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
+ <etsi:SignedProperties>
+ <etsi:SignedSignatureProperties>
+ <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
+ <etsi:SigningCertificate>
+ <etsi:Cert>
+ <etsi:CertDigest>
+ <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
+ </etsi:CertDigest>
+ <etsi:IssuerSerial>
+ <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
+ </etsi:IssuerSerial>
+ </etsi:Cert>
+ </etsi:SigningCertificate>
+ <etsi:SignaturePolicyIdentifier>
+ <etsi:SignaturePolicyImplied/>
+ </etsi:SignaturePolicyIdentifier>
+ </etsi:SignedSignatureProperties>
+ <etsi:SignedDataObjectProperties>
+ <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
+ <etsi:MimeType>application/xhtml+xml</etsi:MimeType>
+ </etsi:DataObjectFormat>
+ </etsi:SignedDataObjectProperties>
+ </etsi:SignedProperties>
+ </etsi:QualifyingProperties>
+ </dsig:Object>
+ </dsig:Signature>
+ </saml:Assertion>
+ <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person si:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+ <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Thomas</pr:GivenName>
+ <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <ecdsa:ECDSAKeyValue>
+ <ecdsa:DomainParameters>
+ <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/>
+ </ecdsa:DomainParameters>
+ <ecdsa:PublicKey>
+ <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/>
+ <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/>
+ </ecdsa:PublicKey>
+ </ecdsa:ECDSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue>
+ <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje
+/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS
+uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw
+x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+ <dsig:Signature>
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>
+oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y
+qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf
+qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ
+mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/
+k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA==
+</dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:X509Data>
+ <dsig:X509Certificate>
+MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y
+cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0
+LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT
+AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj
+aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw
+EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu
+YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK
+d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV
+ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf
+9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9
+6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW
+R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq
+WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB
+AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h
+LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB
+BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av
+YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH
+bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0
+LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz
+ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK
+BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB
+BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes
+Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T
+nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1
+o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo
+B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5
+KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM=
+</dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ <dsig:Object>
+ <dsig:Manifest Id="manifest">
+ <dsig:Reference URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+ </dsig:Transform>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:Manifest>
+ </dsig:Object>
+ </dsig:Signature>
+ </saml:Assertion>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+ <saml:AttributeValue>
+ <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
+ <pr:Identification>
+ <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+ <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Thomas</pr:GivenName>
+ <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+ </pr:Person>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl
+bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w
+NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD
+VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t
+YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO
+PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp
+/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn
+BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF
+BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz
+L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v
+b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr
+BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy
+ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1
+c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh
+c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw
+DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0
+MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p
+4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr
+0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH
+wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg
+x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn
+W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7
+2/uCFrBzyTk=</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+ <saml:AttributeValue>
+ <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+ <md:Annotation>Prokura - MeineTestFirma</md:Annotation>
+ <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService>
+ <md:Representative>
+ <pr:PhysicalPerson>
+ <pr:Identification>
+ <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+ <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Thomas</pr:GivenName>
+ <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+ </pr:PhysicalPerson>
+ </md:Representative>
+ <md:Mandator>
+ <pr:CorporateBody>
+ <pr:Identification>
+ <pr:Value>123456i</pr:Value>
+ <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type>
+ </pr:Identification>
+ <pr:FullName>MeineTestFirma</pr:FullName>
+ </pr:CorporateBody>
+ </md:Mandator>
+ <md:Issued>
+ <md:Place>Wien</md:Place>
+ <md:Date>2008-07-14</md:Date>
+ </md:Issued>
+ <md:Properties>
+ <md:SubstitutionAllowed>false</md:SubstitutionAllowed>
+ </md:Properties>
+ <md:SimpleMandateContent>
+ <md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription>
+ </md:SimpleMandateContent>
+ <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <dsig:Reference Id="reference-1-1" URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1">
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:X509Data>
+ <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD
+VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB
+Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw
+ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT
+BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj
+MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49
+AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0
+BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s
+wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz
++XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/
+LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG
+A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud
+IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX
+/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT
+Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ <dsig:Object>
+ <dsig:Manifest Id="dsig-manifest-1-1">
+ <dsig:Reference Id="reference-1-2" URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+ <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:Manifest>
+ </dsig:Object>
+ </dsig:Signature>
+ </md:Mandate>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
new file mode 100644
index 000000000..450ba90f3
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
@@ -0,0 +1,179 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:SignedInfo>
+ <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+ <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+ <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
+ <dsig:Transforms>
+ <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+ <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html xmlns="http://www.w3.org/1999/xhtml">
+ <head>
+ <title>Signatur der Anmeldedaten</title>
+ <style media="screen" type="text/css">
+.boldstyle { font-weight: bold; }
+.italicstyle { font-style: italic; }
+.annotationstyle { font-size: small; }
+</style>
+ </head>
+ <body>
+ <h1>Signatur der Anmeldedaten</h1>
+ <p/>
+ <h4>Mit meiner elektronischen Signatur beantrage ich,
+<span class="boldstyle">
+ <xsl:value-of select="//@Issuer"/>
+ </span>, geboren am
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
+<xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
+in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
+(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
+</xsl:if>
+den Zugang zur gesicherten Anwendung.
+</h4>
+ <p/>
+ <h4>Datum und Uhrzeit:
+<xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
+<xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
+<xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
+<xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
+<xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
+<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+ </h4>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
+ </h4>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
+ </h4>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
+ <hr/>
+ <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
+von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
+ <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
+ <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
+ </xsl:if>, in deren Auftrag zu handeln.
+</h4>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
+ <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
+ </h4>
+ </xsl:if>
+ <p/>
+ </xsl:if>
+ <xsl:choose>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <p/>
+ <hr/>
+ </xsl:when>
+ </xsl:choose>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+ <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
+jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
+Wirtschaftsunternehmen.</div>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+ <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
+Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
+Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
+ </xsl:if>
+ <xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+ <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
+beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
+ </xsl:if>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet>
+ </dsig:Transform>
+ <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+ </dsig:Transforms>
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
+ </dsig:Reference>
+ <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
+ <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
+ </dsig:Reference>
+ </dsig:SignedInfo>
+ <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
++lyI</dsig:SignatureValue>
+ <dsig:KeyInfo>
+ <dsig:X509Data>
+ <dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
+EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
+dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
+LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
+LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
+BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
+YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
+MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
+6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
+MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
+CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
+BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
+aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
+dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
+ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
+dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
+VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
+ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
+SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
+CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
+BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
+ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
+uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
+egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
+GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
+SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
+</dsig:X509Certificate>
+ </dsig:X509Data>
+ </dsig:KeyInfo>
+ <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
+ <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
+ <etsi:SignedProperties>
+ <etsi:SignedSignatureProperties>
+ <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
+ <etsi:SigningCertificate>
+ <etsi:Cert>
+ <etsi:CertDigest>
+ <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+ <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
+ </etsi:CertDigest>
+ <etsi:IssuerSerial>
+ <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
+ </etsi:IssuerSerial>
+ </etsi:Cert>
+ </etsi:SigningCertificate>
+ <etsi:SignaturePolicyIdentifier>
+ <etsi:SignaturePolicyImplied/>
+ </etsi:SignaturePolicyIdentifier>
+ </etsi:SignedSignatureProperties>
+ <etsi:SignedDataObjectProperties>
+ <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
+ <etsi:MimeType>application/xhtml+xml</etsi:MimeType>
+ </etsi:DataObjectFormat>
+ </etsi:SignedDataObjectProperties>
+ </etsi:SignedProperties>
+ </etsi:QualifyingProperties>
+ </dsig:Object>
+</dsig:Signature> \ No newline at end of file
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml
new file mode 100644
index 000000000..17fa17cb4
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_MultipleStartEvents.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess2"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:StartEvent id="start1" />
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" class="at.gv.egovernment.moa.id.process.test.HalloWeltTask" />
+ <tns:Task id="task3" />
+
+ <tns:StartEvent id="start2" />
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start1" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="task3" />
+ <tns:Transition from="task3" to="end" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml
new file mode 100644
index 000000000..008309e3a
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_NoStartEvents.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" />
+
+ <tns:EndEvent id="end" />
+
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="end" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml
new file mode 100644
index 000000000..14b281192
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionLoop.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" />
+
+ <tns:StartEvent id="start" />
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="end" />
+
+ <!-- Must be loop since we have no conditionExpression set. -->
+ <tns:Transition id="loop" from="task1" to="task1" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml
new file mode 100644
index 000000000..1152f3503
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionRefsTransition.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" />
+
+ <tns:StartEvent id="start" />
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition id="invalidTransition" from="task1" to="fromStart" />
+ <tns:Transition from="task2" to="end" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml
new file mode 100644
index 000000000..94bd25c9a
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" />
+
+ <tns:StartEvent id="start" />
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="end" />
+ <tns:Transition from="end" to="task1" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml
new file mode 100644
index 000000000..c161900c5
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition1.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess1"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" />
+
+ <tns:StartEvent id="start" />
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="end" />
+
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml
new file mode 100644
index 000000000..9e419e124
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/test/SampleProcessDefinition2.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+ id="SampleProcess2"
+ xmlns:tns="http://reference.e-government.gv.at/namespace/moa/process/definition/v1"
+ xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+ xsi:schemaLocation="http://reference.e-government.gv.at/namespace/moa/process/definition/v1 ../../main/resources/at/gv/egovernment/moa/id/process/ProcessDefinition.xsd ">
+
+ <tns:StartEvent id="start" />
+
+ <tns:Task id="task1" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task2" async="true" class="at.gv.egovernment.moa.id.process.test.HelloWorldTask" />
+ <tns:Task id="task3" />
+
+ <tns:EndEvent id="end" />
+
+ <tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+ <tns:Transition from="task1" to="task2" />
+ <tns:Transition from="task2" to="task3" />
+ <tns:Transition from="task3" to="end" />
+
+</tns:ProcessDefinition>