Merge branch 'master' of gitlab.iaik.tugraz.at:egiz/moa-idspssHEADmaster

51 files changed, 4455 insertions, 0 deletions

diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
new file mode 100644
index 000000000..15edb681e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -0,0 +1,145 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>MOA.id.server.modules</groupId>
+		<artifactId>moa-id-modules</artifactId>
+		<version>4.2.0</version>
+	</parent>
+	<artifactId>moa-id-module-ehvd_integration</artifactId>
+	<version>${moa-id-ehvd_integration.version}</version>
+	<description>Module to integrate information from EHVD into MOA-ID response</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>MOA.id.server.modules</groupId>
+			<artifactId>moa-id-modul-citizencard_authentication</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>*</groupId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+
+		<dependency>
+			<groupId>MOA.id.server</groupId>
+			<artifactId>moa-id-lib</artifactId>
+			<scope>provided</scope>
+		</dependency>
+
+		<dependency>
+			<groupId>javax.servlet</groupId>
+    		<artifactId>javax.servlet-api</artifactId>
+			<scope>provided</scope>
+		</dependency>
+
+		<dependency>
+        	<groupId>org.apache.cxf</groupId>
+        	<artifactId>cxf-rt-frontend-jaxws</artifactId>
+        	<scope>provided</scope>
+    	</dependency>
+    	<dependency>
+        	<groupId>org.apache.cxf</groupId>
+        	<artifactId>cxf-rt-transports-http</artifactId>
+        	<scope>provided</scope>
+    	</dependency>
+
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf_core_utils</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf-core</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+    	<dependency>
+      		<groupId>com.github.skjolber</groupId>
+      		<artifactId>mockito-soap-cxf</artifactId>
+      		<version>1.2.0</version>
+      		<scope>test</scope>      		
+    	</dependency>
+		<dependency>
+    		<groupId>org.apache.cxf</groupId>
+    		<artifactId>cxf-rt-transports-http-jetty</artifactId>
+    		<scope>test</scope>
+		</dependency>
+		<dependency>
+    		<groupId>org.apache.cxf</groupId>
+    		<artifactId>cxf-rt-rs-extension-providers</artifactId>
+    		<scope>test</scope>
+		</dependency>		
+		<dependency>
+    		<groupId>org.apache.tomcat</groupId>
+    		<artifactId>tomcat-servlet-api</artifactId>
+    		<version>9.0.56</version>
+    		<scope>test</scope>
+		</dependency>		
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.cxf</groupId>
+				<artifactId>cxf-codegen-plugin</artifactId>
+				<version>3.3.12</version>
+				<dependencies>
+					<dependency>
+						<groupId>xerces</groupId>
+						<artifactId>xercesImpl</artifactId>
+						<version>2.8.1</version>
+					</dependency>
+					<dependency>
+						<groupId>com.sun.xml.bind</groupId>
+						<artifactId>jaxb-impl</artifactId>
+						<version>2.2.5</version>
+					</dependency>
+					<dependency>
+						<groupId>com.sun.xml.bind</groupId>
+						<artifactId>jaxb-xjc</artifactId>
+						<version>2.2.5</version>
+					</dependency>
+				</dependencies>
+				<executions>
+					<execution>
+						<id>generate-sources</id>
+						<phase>generate-sources</phase>
+						<configuration>
+							<sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
+							<wsdlOptions>
+								<wsdlOption>
+									<wsdl>${basedir}/src/main/resources/wsdl/eHVD.wsdl</wsdl>
+									<packagenames>
+										<packagename>eHVD=at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl</packagename>
+									</packagenames>
+									<extraargs>
+										<extraarg>-verbose </extraarg>
+									</extraargs>
+								</wsdlOption>
+							</wsdlOptions>
+						</configuration>
+						<goals>
+							<goal>wsdl2java</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
new file mode 100644
index 000000000..6cb9c08e3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+
+public class ConfigurationProperties {
+
+  // configuration properties
+  private static final String MODULE_PREFIX = "modules.ehvd.";
+
+  public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+  public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+
+  public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
+  public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url";
+  public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex";
+  public static final String PROP_MODULE_EHVD_OTHERID_PREFIX = MODULE_PREFIX + "service.otherid.prefix";
+
+  public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp";
+
+  public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port";
+
+  public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH";
+
+  
+  //TODO: define custom EHVD SAML2 attributes
+  public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd.";
+  public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title";
+  public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname";
+  public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname";
+  public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip";
+  public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state";
+  public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id";
+  public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid";
+  
+  
+  private ConfigurationProperties() {
+    // hide constructor or static class
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
new file mode 100644
index 000000000..d087b9fe2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl {
+
+  private int priority = 2;
+
+  @Autowired(required = true)
+  protected IConfigurationWithSP authConfig;
+
+  private Collection<String> uniqueIDsEnabled;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+   */
+  @Override
+  public int getPriority() {
+    return priority;
+
+  }
+
+  /**
+   * Sets the priority of this module. Default value is {@code 0}.
+   *
+   * @param priority The priority.
+   */
+  public void setPriority(int priority) {
+    this.priority = priority;
+
+  }
+
+  @PostConstruct
+  private void initialDummyAuthWhiteList() {
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      Logger.info("AuthModule for 'EHVD injection' is enabled");
+
+      // load allowed service-provider Id's
+      uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix(
+          ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+          .filter(el -> StringUtils.isNotEmpty(el))
+          .collect(Collectors.toSet());
+
+      if (!uniqueIDsEnabled.isEmpty()) {
+        Logger.info("EHVD communication is enabled for ....");
+        uniqueIDsEnabled.forEach(el -> Logger.info("   EntityID: " + el));
+
+      }
+
+    } else {
+      uniqueIDsEnabled = Collections.emptySet();
+      Logger.info("AuthModule for 'EHVD injection' is disabled");
+
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext)
+   */
+  @Override
+  public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+      Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");
+      final boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
+      if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) {
+        Logger.debug("EHVD communication is allowed for SP: " + spEntityID);
+        return "DefaultAuthenticationWithEHVDInteraction";
+
+      } else {
+        if (Logger.isDebugEnabled()) {
+          if (ccAuthRequested) {
+            Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication.");
+
+          } else {
+            Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too");
+
+          }
+        }
+      }
+
+    } else {
+      Logger.trace("'EHVD injection' authentication is disabled");
+
+    }
+
+    return null;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+   */
+  @Override
+  public String[] getProcessDefinitions() {
+    return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" };
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
new file mode 100644
index 000000000..589a316fe
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
@@ -0,0 +1,71 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider {
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+   */
+  @Override
+  public Resource[] getResourcesToLoad() {
+    final ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml",
+        EhvdServiceAuthSpringResourceProvider.class);
+    return new Resource[] { authConfig };
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+   */
+  @Override
+  public String[] getPackagesToScan() {
+    // TODO Auto-generated method stub
+    return null;
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+   */
+  @Override
+  public String getName() {
+    return "Module for 'Dummy Authentication'";
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
new file mode 100644
index 000000000..af413ffc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
@@ -0,0 +1,51 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.logging.Logger;
+
+public abstract class AbstractEhvdAttributeBuilder implements IPVPAttributeBuilder {
+
+  @Override
+  public <ATT> ATT build(ISPConfiguration spConfig, IAuthData authData, IAttributeGenerator<ATT> g)
+      throws AttributeBuilderException {
+    try {
+      GdaDescriptor fullGdaInfo = 
+          authData.getGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, GdaDescriptor.class);
+    
+      if (fullGdaInfo != null) {
+        String attrValue = generateAttributeValue(fullGdaInfo);
+        Logger.debug(StringUtils.isEmpty(attrValue) ? "Skip" : "Build" 
+            + "attribute: " + getName());      
+        return g.buildStringAttribute(getName(), getName(), 
+            StringUtils.isNotEmpty(attrValue) ? attrValue : null);
+      
+      } else {
+        Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+        return null;
+        
+      }
+      
+    } catch (ClassCastException e) {
+      Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+      return null;
+      
+    }
+  }
+
+  @Override
+  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+    return g.buildEmptyAttribute(getName(), getName());
+    
+  }
+  
+  protected abstract String generateAttributeValue(GdaDescriptor fullGdaInfo);
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
new file mode 100644
index 000000000..7056c3099
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressStateAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String ATTR_VALUE_DELIMITER = "|";
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_STATE;
+//    
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+//    return fullGdaInfo.getAddress().stream()
+//        .map(el -> el.getState() != null ? el.getState() : "")       
+//        .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
new file mode 100644
index 000000000..98a0567f2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressZipcodeAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String ATTR_VALUE_DELIMITER = "|";
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ZIPCODE;
+//    
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+//    return fullGdaInfo.getAddress().stream()
+//        .map(el -> el.getZip() != null ? el.getZip() : "")
+//        .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
new file mode 100644
index 000000000..1bb923cf4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdFirstnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_FIRSTNAME;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getFirstname();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
new file mode 100644
index 000000000..918b02c2e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ID;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {    
+    return fullGdaInfo.getId() != null ? fullGdaInfo.getId().getId() : null;
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
new file mode 100644
index 000000000..2d0e20c9c
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
@@ -0,0 +1,54 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+//import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+//import at.gv.egovernment.moa.logging.Logger;
+//
+//@PVPMETADATA
+//public class EhvdOtherIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String DEFAULT_ID_PREFIX = "1.2.40.0.34.4.18:";
+//
+//  private String idPrefix;
+//  
+//  public EhvdOtherIdAttributeBuilder() {   
+//    try {
+//      AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
+//      if (config != null) {
+//        idPrefix = config.getBasicConfiguration(
+//            ConfigurationProperties.PROP_MODULE_EHVD_OTHERID_PREFIX, DEFAULT_ID_PREFIX);
+//        
+//      } else {
+//        idPrefix = DEFAULT_ID_PREFIX;
+//        
+//      }
+//    } catch (ConfigurationException e) {
+//      idPrefix = DEFAULT_ID_PREFIX;
+//      
+//    }
+//        
+//    Logger.info("  Set-up " + getName() + " with otherId prefix: " + idPrefix);
+//    
+//  }
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_OTHERID;
+//
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {    
+//    return fullGdaInfo.getOtherID().stream()
+//        .filter(el -> el.startsWith(idPrefix))
+//        .findFirst()
+//        .map(el -> el.substring(idPrefix.length()))
+//        .orElse(null);
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
new file mode 100644
index 000000000..db8de397b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdSurnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_SURNAME;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getSurname();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
new file mode 100644
index 000000000..c978d4dd2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdTitelAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_TITLE;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getTitle();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
new file mode 100644
index 000000000..a79aa86dd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
@@ -0,0 +1,57 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import java.util.stream.Collectors;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
+import at.gv.egovernment.moa.logging.Logger;
+
+@PVPMETADATA
+public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder {
+
+  private static final String ROLE_NAME_DELIMITER = ";";
+
+  @Override
+  public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+      IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+    if (authData instanceof IMOAAuthData) {
+      final IMOAAuthData moaAuthData = (IMOAAuthData) authData;
+      if (moaAuthData.getAuthenticationRoles() != null
+          && !moaAuthData.getAuthenticationRoles().isEmpty()) {
+        return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME,
+            moaAuthData.getAuthenticationRoles().stream()
+                .map(el -> el.getRawRoleString())
+                .collect(Collectors.joining(ROLE_NAME_DELIMITER)));
+
+      } else {
+        Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME);
+
+      }
+
+    } else {
+      Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context");
+
+    }
+
+    return null;
+
+  }
+
+  @Override
+  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+    return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME);
+
+  }
+
+  @Override
+  public String getName() {
+    return ROLES_NAME;
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
new file mode 100644
index 000000000..f621d1bb4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.exception;
+
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+
+public class EhvdException extends AuthenticationException {
+
+  private static final long serialVersionUID = 380654627005502948L;
+
+  public EhvdException(String messageId, Object[] parameters) {
+    super(messageId, parameters);
+
+  }
+
+  public EhvdException(String messageId, Object[] parameters, Throwable e) {
+    super(messageId, parameters, e);
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
new file mode 100644
index 000000000..b165d05e2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -0,0 +1,321 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.net.URL;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+import java.util.Optional;
+import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.handler.Handler;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.ProxyServerType;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVDService;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GetGdaDescriptors;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.exception.EhvdException;
+import at.gv.egovernment.moa.logging.Logger;
+import at.gv.util.LoggingHandler;
+
+/**
+ * Implement interaction with EHVD service to get GDA information.
+ *
+ * @author tlenz
+ *
+ */
+public class EhvdCommunicationService implements IEhvdCommunication {
+
+  private static final String GDA_RESP_STATUS_ACTIVE = "Aktiv";
+
+  private static final String ERROR_EHVD_00 = "ehvd.00";
+  private static final String ERROR_EHVD_01 = "ehvd.01";
+  private static final String ERROR_EHVD_02 = "ehvd.02";
+  private static final String ERROR_EHVD_03 = "ehvd.03";
+  private static final String ERROR_EHVD_04 = "ehvd.04";
+  private static final String ERROR_CONFIG_05 = "config.05";
+
+  private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002");
+
+  @Autowired
+  IConfiguration config;
+
+  private String ehvdBpkTarget;
+
+  private EHVD ehvdClient;
+  private Pattern ehvdRolePattern;
+
+  private List<String> ehvhPvpRoleList;
+
+  /**
+   * Get user's GDA roles from EHVD Service.
+   *
+   * @param identityLink IdentityLink of the user
+   * @return {@link List} of Roles that are received from EHVD
+   * @throws AuthenticationException In case of an EHVD communication error
+   * @throws EAAFBuilderException    In case of a bPK generation error
+   */
+  @Override
+  @Nonnull
+  public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException,
+      EAAFBuilderException {
+
+    // get bPK for EHVD request
+    final Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
+        identityLink.getIdentificationValue(),
+        identityLink.getIdentificationType(),
+        ehvdBpkTarget);
+
+    // request EHVD and handle errors
+    final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst());
+
+    // parse roles from response
+    return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp));
+
+  }
+
+  @Nonnull
+  private GdaIndexResponse requestingGda(String bpk) throws EhvdException {
+    try {
+      final GetGdaDescriptors gdaReq = buildGdaRequest(bpk);
+      Logger.debug("Requesting EHVD to get GDA status ... ");
+      final GdaIndexResponse gdaResp = ehvdClient.getGDA(gdaReq);
+      Logger.debug("Receive GDA status. Starting response validation ... ");
+      return gdaResp;
+
+    } catch (final SOAPFaultException e) {
+      throw handleSoapFaultError(e);
+
+    } catch (final Exception e) {
+      Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
+      throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e);
+
+    }
+
+  }
+
+  private EhvdException handleSoapFaultError(SOAPFaultException e) {
+    // extract reason for this error
+    final String errorMsg = e.getFault() != null
+        ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString()
+            : e.getMessage()
+        : e.getMessage();
+
+    if (SERVICE_ERRORS_LOG_INFO.stream()
+        .filter(el -> errorMsg.contains(el))
+        .findFirst()
+        .isPresent()) {
+      Logger.info("EHVD communication failed with SOAP response: " + errorMsg);
+      return new EhvdException(ERROR_EHVD_03, new Object[] { errorMsg });
+
+    } else {
+      Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);
+      return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg });
+
+    }
+
+    
+
+  }
+
+  private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException {
+    if (ehvdResp.getGda() != null) {
+      final GdaDescriptor gdaInfo = ehvdResp.getGda();
+      if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) {
+        Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles");
+
+        // match roles with regex from configuration
+        final Optional<String> validGdaRole = gdaInfo.getRoles().getRole().stream()
+            .filter(el -> matchGdaRole(el))
+            .findFirst();
+
+        if (validGdaRole.isPresent()) {
+          Logger.info("Find valid GDA role: " + validGdaRole.get() + " Set PVP Role: "
+              + StringUtils.join(ehvhPvpRoleList, ",") + " into Session");
+
+          // set role into response
+          return ehvhPvpRoleList;
+
+        } else {
+          Logger.info("No valid GDA role in EHVD response");
+          throw new EhvdException(ERROR_EHVD_04, null);
+
+        }
+
+      } else {
+        Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... ");
+        throw new EhvdException(ERROR_EHVD_00, null);
+
+      }
+
+    } else {
+      Logger.info("Receive empty GDA response");
+      throw new EhvdException(ERROR_EHVD_03, new Object[] {});
+
+    }
+  }
+
+  private boolean matchGdaRole(String role) {
+    final Matcher matcher = ehvdRolePattern.matcher(role);
+    final boolean matches = matcher.matches();
+    Logger.trace(matches ? "EHVD role: " + role + " matches"
+        : "EHVD role: " + role + " does not matche to pattern: " + matcher.toString());
+    return matches;
+
+  }
+
+  private GetGdaDescriptors buildGdaRequest(String bPK) {
+    final GetGdaDescriptors req = new GetGdaDescriptors();
+    final InstanceIdentifier gdaIdentifier = new InstanceIdentifier();
+    gdaIdentifier.setOidIssuingAuthority(PVPAttributeDefinitions.BPK_OID);
+    gdaIdentifier.setId(bPK);
+    req.setHcIdentifier(gdaIdentifier);
+    return req;
+
+  }
+
+  @PostConstruct
+  private void initialize() throws EAAFConfigurationException {
+    if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      initializeEhvdClient();
+
+      // load EHVD bPK target
+      ehvdBpkTarget = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_SERVICE_TARGET,
+          ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);
+      Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget);
+
+      // load Regex to match EHVD Roles to PVP Roles
+      final String ehvdRoleRegex = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+      checkConfigPropertyNotNull(ehvdRoleRegex, ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+      ehvdRolePattern = Pattern.compile(ehvdRoleRegex);
+
+      Logger.info("Set-up EHVD Client with Role regex: " + ehvdRolePattern.toString());
+
+      // load PVP Roles for EHVD integration
+      final String ehvdPvpRole = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+      checkConfigPropertyNotNull(ehvdPvpRole, ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+      ehvhPvpRoleList = KeyValueUtils.getListOfCSVValues(ehvdPvpRole);
+      Logger.info("Set-up EHVD module with PVP Role: " + StringUtils.join(ehvhPvpRoleList, ","));
+
+    } else {
+      Logger.info("Skipping EHVD client because it's not active");
+
+    }
+  }
+
+  private void checkConfigPropertyNotNull(String valueToCheck, String configPropName)
+      throws EAAFConfigurationException {
+    if (StringUtils.isEmpty(valueToCheck)) {
+      Logger.error("Missing configuration for EHVD module. "
+          + "(Property: " + configPropName + ")");
+      throw new EAAFConfigurationException(ERROR_CONFIG_05,
+          new Object[] { configPropName });
+
+    }
+
+  }
+
+  private void initializeEhvdClient() throws EAAFConfigurationException {
+    Logger.debug("Initializing EHVD client ... ");
+    final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl");
+    final EHVDService service = new EHVDService(url);
+    ehvdClient = service.getEHVDPort12();
+
+    // load service end-point URL from configuration
+    final String ehvdEndpointUrl = config.getBasicConfiguration(
+        ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT);
+    if (StringUtils.isEmpty(ehvdEndpointUrl)) {
+      Logger.error("Missing configuration for EHVD WebService endpoint. "
+          + "(Property: " + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT + ")");
+      throw new EAAFConfigurationException(ERROR_CONFIG_05,
+          new Object[] { ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT });
+
+    }
+
+    // inject service end-point URL
+    final Map<String, Object> requestContext = ((BindingProvider) ehvdClient).getRequestContext();
+    requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ehvdEndpointUrl);
+
+    // inject Logging handler
+    List<Handler> handlerList = ((BindingProvider) ehvdClient).getBinding().getHandlerChain();
+    if (handlerList == null) {
+      handlerList = new ArrayList<>();
+
+    }
+
+    handlerList.add(new LoggingHandler());
+    ((BindingProvider) ehvdClient).getBinding().setHandlerChain(handlerList);
+
+    Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl);
+
+    // these code is only for local testing
+    final String socksPort = config.getBasicConfiguration(
+        ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT);
+    if (StringUtils.isNotEmpty(socksPort)) {
+      Logger.warn("Injecting SOCKS5 Proxy for service communication!");
+      final Client client = ClientProxy.getClient(ehvdClient);
+      final HTTPConduit http = (HTTPConduit) client.getConduit();
+      http.getClient().setProxyServerType(ProxyServerType.SOCKS);
+      http.getClient().setProxyServer("127.0.0.1");
+      http.getClient().setProxyServerPort(Integer.valueOf(socksPort));
+
+    }
+  }
+
+  public static class EhvdResponseHolder {
+    final List<String> roles;
+    final GdaDescriptor fullGdaResponse;
+    
+    
+    public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) {
+      return new EhvdResponseHolder(gdaInfo, processedRoles);
+      
+    }
+    
+    private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) {
+      this.roles = processedRoles;
+      this.fullGdaResponse = gdaInfo;
+      
+    }
+
+    public List<String> getRoles() {
+      return roles;
+    }
+
+    public GdaDescriptor getFullGdaResponse() {
+      return fullGdaResponse;
+    }
+    
+    
+    
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
new file mode 100644
index 000000000..6b7c7e2f5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -0,0 +1,20 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
+
+public interface IEhvdCommunication {
+
+  /**
+   * Get user's GDA roles from EHVD Service.
+   *
+   * @param identityLink IdentityLink of the user
+   * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response
+   * @throws AuthenticationException In case of an EHVD communication error
+   * @throws EAAFBuilderException    In case of a bPK generation error
+   */
+  EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
+
+}
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
new file mode 100644
index 000000000..ee5dbb2fd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd.task;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectEhvdInformationTask")
+public class InjectEhvdInformationTask extends AbstractAuthServletTask {
+
+  @Autowired
+  IEhvdCommunication ehvdService;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext,
+   * javax.servlet.http.HttpServletRequest,
+   * javax.servlet.http.HttpServletResponse)
+   */
+  @Override
+  public void execute(ExecutionContext executionContext, HttpServletRequest request,
+      HttpServletResponse response)
+      throws TaskExecutionException {
+    try {
+      final AuthenticationSessionWrapper session = pendingReq.getSessionData(
+          AuthenticationSessionWrapper.class);
+
+      // validate internal state
+      validateInternalState(session);
+
+      // requesting roles from EHVD
+      final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink());
+
+      // inject EHVD roles
+      session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME,
+          StringUtils.join(ehvdResponse.getRoles(), ";"));
+
+      // inject full EHVD response
+      session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, 
+          ehvdResponse.getFullGdaResponse());
+      
+      // store MOASession into database
+      requestStoreage.storePendingRequest(pendingReq);
+
+    } catch (final MOAIDException e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    } catch (final Exception e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    }
+  }
+
+  private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException {
+    // check if identityLink is available
+    if (session.getIdentityLink() == null) {
+      Logger.error("No IdentityLink in session. There is an internal error in process definition");
+      throw new AuthenticationException("process.04", null);
+
+    }
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
new file mode 100644
index 000000000..2ff0d552f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+    <!-- Tasks involved in this authentication flow -->
+	<pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" />
+	<pd:Task id="createIdentityLinkForm"    class="CreateIdentityLinkFormTask" />
+	<pd:Task id="verifyIdentityLink"        class="VerifyIdentityLinkTask"        async="true" />		
+	<pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" />
+	<pd:Task id="verifyAuthBlock"           class="VerifyAuthenticationBlockTask" async="true" />
+		
+	<pd:Task id="injectEhvdInformation"		class="InjectEhvdInformationTask" />	
+	<pd:Task id="userRestrictionTask" 		class="UserRestrictionTask" />
+	
+	<pd:Task id="finalizeAuthentication" 	class="FinalizeAuthenticationTask" />	
+		
+		
+	<!-- definition of the authentication flow -->
+	<pd:StartEvent id="start" />
+	
+	<pd:Transition from="start"                		  to="initializeBKUAuthentication" />	
+	<pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" />	
+	<pd:Transition from="createIdentityLinkForm"      to="verifyIdentityLink" />	
+	<pd:Transition from="verifyIdentityLink"          to="prepareAuthBlockSignature" />			
+	<pd:Transition from="prepareAuthBlockSignature"   to="verifyAuthBlock" />	
+	<pd:Transition from="verifyAuthBlock"             to="userRestrictionTask" />				
+	<pd:Transition from="userRestrictionTask"         to="injectEhvdInformation" />	
+	<pd:Transition from="injectEhvdInformation"       to="finalizeAuthentication" />	
+	<pd:Transition from="finalizeAuthentication"      to="end" />		
+	
+	<pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..6985f2b7d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
new file mode 100644
index 000000000..44f8d26cf
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -0,0 +1,5 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..4ef523ec8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+		<property name="priority" value="4" />
+	</bean>
+ 					 		
+	<bean id="ehvdCommunicationService"
+		  class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/> 					 			
+ 					 						
+	<bean id="InjectEhvdInformationTask" 
+		  class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask"
+		  scope="prototype"/>
+																						
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
new file mode 100644
index 000000000..b4a752a2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -0,0 +1,7 @@
+ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor
+ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen
+ehvd.04=Keine gültige EHVD Role gefunden 
+
+ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
new file mode 100644
index 000000000..d3ba65c11
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -0,0 +1,9 @@
+test.01=aabbccdd
+test.02=zzzyyyxxx
+
+ehvd.00=7000
+ehvd.01=7001
+ehvd.02=7001
+ehvd.03=7003
+ehvd.04=7002
+ehvd.99=7099
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
new file mode 100644
index 000000000..a1138f068
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="eHVD" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:mime="http://www.w3.org/2003/01/wsdl/mime" targetNamespace="eHVD">
+
+	<wsdl:documentation>
+		Service: eHVD
+		Version: 2
+		Owner: BRZ
+	</wsdl:documentation>
+
+	<wsdl:types>
+		<xs:schema xmlns:ehvd="eHVD" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" xmlns:xs="http://www.w3.org/2001/XMLSchema" jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.0" elementFormDefault="qualified" targetNamespace="eHVD" version="1.0">
+			<xs:annotation>
+				<xs:appinfo>
+					<jaxb:globalBindings>
+						<jaxb:serializable uid="1"/>
+					</jaxb:globalBindings>
+				</xs:appinfo>
+			</xs:annotation>
+
+			<xs:complexType name="InstanceIdentifier">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="oidIssuingAuthority" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="id" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="InstanceIdentifierSearch">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="rolecode" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="postcode" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="maxResults" type="xs:integer"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="ehvdstatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="elgastatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="description" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDAStatus">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="1" name="ehvdstatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="elgastatus" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDARoles">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="role" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="elgaRole" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="specialisation" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GdaAddress">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="zip" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="country" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDARelationship">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="memberof" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="ownerof" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDADBTimestamps">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="add" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="modify" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GdaDescriptor">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="1" name="id" type="ehvd:InstanceIdentifier"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="otherID" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="status" type="ehvd:GDAStatus"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="gender" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="title" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="knownname" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="address" type="ehvd:GdaAddress"/>
+					<xs:element maxOccurs="unbounded" minOccurs="1" name="description" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="roles" type="ehvd:GDARoles"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="relations" type="ehvd:GDARelationship"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="tel" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="fax" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="web" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="mail" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="timestamps" type="ehvd:GDADBTimestamps"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:element name="GetGdaSearch">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="1" name="hcIdentifierSearch" type="ehvd:InstanceIdentifierSearch"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GetGdaDescriptors">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="1" name="hcIdentifier" type="ehvd:InstanceIdentifier"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GdaIndexResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GdaIndexResponseList">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+		</xs:schema>
+	</wsdl:types>
+
+	<wsdl:message name="GetGdaDescriptors">
+		<wsdl:part element="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:message name="GetGdaSearch">
+		<wsdl:part element="tns:GetGdaSearch" name="GetGdaSearch">
+		</wsdl:part>
+	</wsdl:message>
+
+
+	<wsdl:message name="GdaIndexResponse">
+		<wsdl:part element="tns:GdaIndexResponse" name="GdaIndexResponse">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:message name="GdaIndexResponseList">
+		<wsdl:part element="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:portType name="eHVD">
+
+		<wsdl:documentation>eHVD Service Interfaces
+		</wsdl:documentation>
+
+		<wsdl:operation name="GetGDA">
+			<wsdl:input message="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+			</wsdl:input>
+			<wsdl:output message="tns:GdaIndexResponse" name="GdaIndexResponse">
+			</wsdl:output>
+		</wsdl:operation>
+
+		<wsdl:operation name="GdaSearch">
+			<wsdl:input message="tns:GetGdaSearch" name="GetGdaSearch">
+			</wsdl:input>
+			<wsdl:output message="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+			</wsdl:output>
+		</wsdl:operation>
+
+	</wsdl:portType>
+
+	<wsdl:binding name="eHVDSOAPBinding12" type="tns:eHVD">
+		<wsdl:documentation>SOAP 1.2 Binding</wsdl:documentation>
+
+		<soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+
+		<wsdl:operation name="GetGDA">
+			<soap12:operation soapAction="eHVD/GetGDA"/>
+			<wsdl:input name="GetGdaDescriptors">
+				<mime:content type="application/soap+xml"/>
+				<soap12:body use="literal"/>
+			</wsdl:input>
+			<wsdl:output name="GdaIndexResponse">
+				<soap12:body use="literal"/>
+			</wsdl:output>
+		</wsdl:operation>
+
+		<wsdl:operation name="GdaSearch">
+			<soap12:operation soapAction="eHVD/GdaSearch"/>
+			<wsdl:input name="GetGdaSearch">
+				<mime:content type="application/soap+xml"/>
+				<soap12:body use="literal"/>
+			</wsdl:input>
+			<wsdl:output name="GdaIndexResponseList">
+				<soap12:body use="literal"/>
+			</wsdl:output>
+		</wsdl:operation>
+
+	</wsdl:binding>
+
+	<wsdl:service name="eHVDService">
+		<wsdl:documentation>eHVD Service</wsdl:documentation>
+
+		<wsdl:port name="eHVDPort12" binding="tns:eHVDSOAPBinding12">
+			<soap12:address location="https://ehvdws.gesundheit.gv.at"/>
+		</wsdl:port>
+
+	</wsdl:service>
+
+</wsdl:definitions>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
new file mode 100644
index 000000000..91bf67b2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
@@ -0,0 +1,39 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  ApplicationContext context;
+
+  @Before
+  public void initialize() {
+    // re-set config
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+  }
+
+  @Test
+  public void authModuleDeactivated() {
+    assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
new file mode 100644
index 000000000..4a7c98803
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
@@ -0,0 +1,101 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdServiceAuthModuleTest {
+
+  @Autowired DummyAuthConfigMap config;
+  @Autowired EhvdServiceAuthModule module;
+  
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+  
+  @Before
+  public void initialize() {
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+    
+    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(spConfig);
+        
+    // re-set config
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(true));
+        
+    context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false));
+    context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5));
+    
+  }
+  
+  @Test
+  public void checkProcessDefinition() {    
+    String[] def = module.getProcessDefinitions();
+    
+    assertNotNull("no process definition", def);    
+    Arrays.asList(def).stream().forEach(
+        el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el));
+    
+  }
+  
+  @Test
+  public void bkuSelectionActiv() {
+    context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true));
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void deactivated() {
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void unknownServiceProvider() {    
+    assertNull("wrong authModule selected",  module.selectProcess(context, pendingReq));
+    
+  }
+        
+  @Test
+  public void allowedServiceProviderAndRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");    
+    
+    assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction", 
+        module.selectProcess(context, pendingReq));
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..b584e8753
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EhvdServiceAuthSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final EhvdServiceAuthSpringResourceProvider test =
+        new EhvdServiceAuthSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(
+        "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+    }
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
new file mode 100644
index 000000000..b1ac7d99a
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
@@ -0,0 +1,97 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Collections;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+public abstract class AbstractEhvdAttributeBuilderTest {
+
+  @Autowired
+  protected IConfiguration basicConfig;
+  
+  protected DummySPConfiguration oaParam;
+  protected AuthenticationData authData;  
+  protected IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();  
+  
+  protected abstract String expectedAttrName();  
+  protected abstract IAttributeBuilder getAttributeBuilderUnderTest();
+  
+  protected GdaAddress generateAddress(String zip, String state) {
+    GdaAddress addr = new GdaAddress();
+    addr.setZip(zip);
+    addr.setState(state);    
+    return addr;
+    
+  }
+  
+  @Before
+  public void initialize() {
+    oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);    
+    authData = new AuthenticationData();
+    
+  }
+  
+  @Test
+  public void checkAttributeRegistration() {
+    assertNotNull("Attribute: " + expectedAttrName() + " not registrated", 
+        PVPAttributeBuilder.getAttributeBuilder(expectedAttrName()));
+    
+  }
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong attr. name", expectedAttrName(), getAttributeBuilderUnderTest().getName());
+    
+  }
+  
+  @Test
+  public void checkEmptyAttribute() {    
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().buildEmpty(g));
+    
+  }
+  
+  @Test
+  public void noGdaInfos() throws AttributeBuilderException {
+    IAuthData authData = new AuthenticationData();
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void wrongGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+    AuthenticationData authData = new AuthenticationData();
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, RandomStringUtils.randomAlphabetic(10));
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void emptyGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+    AuthenticationData authData = new AuthenticationData();
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, new GdaDescriptor());
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
new file mode 100644
index 000000000..d342d331b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
@@ -0,0 +1,106 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressStateAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressStateAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.state";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdAddressStateAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String state = RandomStringUtils.randomAlphabetic(5);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(5), state));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = RandomStringUtils.randomAlphabetic(4);
+//    String state2 = RandomStringUtils.randomAlphabetic(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state1 + "|" + state2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = null;
+//    String state2 = RandomStringUtils.randomAlphabetic(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "|" + state2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = RandomStringUtils.randomAlphabetic(4);
+//    String state2 = null;
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state1 + "|", 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
new file mode 100644
index 000000000..69d17f8c3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
@@ -0,0 +1,107 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressZipAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.zip";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdAddressZipcodeAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String zip = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(
+//        zip,
+//        RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = RandomStringUtils.randomNumeric(4);
+//    String zip2 = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip1 + "|" + zip2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = null;
+//    String zip2 = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "|" + zip2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = RandomStringUtils.randomNumeric(4);
+//    String zip2 = null;
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip1 + "|", 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
new file mode 100644
index 000000000..66f1b5028
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
@@ -0,0 +1,47 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdFirstnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.firstname";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdFirstnameAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setFirstname(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getFirstname(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
new file mode 100644
index 000000000..db73f9191
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
@@ -0,0 +1,64 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.id";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdIdAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    InstanceIdentifier id = new InstanceIdentifier();
+    gdaInfo.setId(id );
+        
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+  
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    InstanceIdentifier id = new InstanceIdentifier();
+    id.setId(RandomStringUtils.randomAlphabetic(5));
+    gdaInfo.setId(id );
+        
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", id.getId(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
new file mode 100644
index 000000000..bce8924d9
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
@@ -0,0 +1,86 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdOtherIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.otherid";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdOtherIdAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkWrongId() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkValidRandom() throws EAAFStorageException, AttributeBuilderException {   
+//    String value = RandomStringUtils.randomAlphabetic(5);    
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.18:" + value);
+//
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", value,
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkValidBrzReal() throws EAAFStorageException, AttributeBuilderException {       
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.18:1234-12");
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.17:aabbccdd");
+//
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "1234-12",
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
new file mode 100644
index 000000000..af9e60cb7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdSurnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.surname";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdSurnameAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setSurname(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getSurname(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
new file mode 100644
index 000000000..2863c3508
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdTitelAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.title";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdTitelAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkTitelValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setTitle(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getTitle(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
new file mode 100644
index 000000000..624abff5f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -0,0 +1,159 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class PvpRoleAttributeBuilderTest {
+
+  @Autowired
+  private IConfiguration basicConfig;
+  
+  private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder();
+  private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();
+  private ISPConfiguration oaParam;
+
+   
+  @Before
+  public void initialize() {
+    oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);
+    
+  }
+  
+  @Test
+  public void checkAttributeRegistration() {
+    assertNotNull("Attribute: urn:oid:1.2.40.0.10.2.1.1.261.30 not registrated", 
+        PVPAttributeBuilder.getAttributeBuilder("urn:oid:1.2.40.0.10.2.1.1.261.30"));
+    
+  }
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName());
+    
+  }
+  
+  @Test
+  public void checkEmptyAttribute() {    
+    assertNull("wrong empty attr.", toTest.buildEmpty(g));
+    
+  }
+  
+  @Test
+  public void wrongAuthData() throws AttributeBuilderException {            
+    IAuthData authData = new AuthenticationData();       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void noRoles() throws AttributeBuilderException {            
+    IAuthData authData = generateAuthData(null);       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void emptyRoles() throws AttributeBuilderException {            
+    IAuthData authData = generateAuthData(Collections.emptyList());       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+
+  @Test
+  public void randomRoles() throws AttributeBuilderException {            
+    String role1 = RandomStringUtils.randomAlphabetic(5);
+    String role2 = RandomStringUtils.randomAlphabetic(5);
+    String role3 = RandomStringUtils.randomAlphabetic(5);
+    String role4 = RandomStringUtils.randomAlphabetic(5);
+    
+    IAuthData authData = generateAuthData(Arrays.asList(
+        new AuthenticationRole(role1, role1), 
+        new AuthenticationRole(role2, role2),
+        new AuthenticationRole(role3, role3 + "()"),
+        new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")")
+        ));       
+    
+    // perform test
+    String attrValue = toTest.build(oaParam, authData, g);
+    
+    // validate state
+    assertNotNull("wrong attr. value", attrValue);
+    assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+    
+    
+    String[] el = attrValue.split(";");
+    assertEquals("wrong role count", 4, el.length);
+    assertEquals("wrong 1. role", role1, el[0]);
+    assertEquals("wrong 2. role", role2, el[1]);
+    assertEquals("wrong 3. role", role3 + "()", el[2]);
+    assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]);
+    
+    
+  }
+  
+  @Test
+  public void brzProductionRole() throws AttributeBuilderException {            
+    
+    IAuthData authData = generateAuthData(Arrays.asList(
+        AuthenticationRoleFactory.buildFormPVPole("EPI-GDA()")));
+    
+    // perform test
+    String attrValue = toTest.build(oaParam, authData, g);
+    
+    // validate state
+    assertNotNull("wrong attr. value", attrValue);
+    assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+    
+    
+    String[] el = attrValue.split(";");
+    assertEquals("wrong role count", 1, el.length);
+    assertEquals("wrong 1. role", "EPI-GDA()", el[0]);
+    
+    assertEquals("wrong role attr. value", "EPI-GDA()", attrValue);
+    
+  }
+  
+  private IAuthData generateAuthData(List<AuthenticationRole> roles) {
+    MOAAuthenticationData authData = new MOAAuthenticationData(null);
+    if (roles != null) {
+      roles.forEach(el -> authData.addAuthenticationRole(el));
+      
+    }
+    
+    return authData;
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..865cf7157
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+  private Map<String, String> config = new HashMap<>();
+  
+  public DummyAuthConfigMap() {
+    
+  }
+  
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param configIs Property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(configIs);
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param path Path to property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final String path) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(this.getClass().getResourceAsStream(path));
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+
+  @Override
+  public String getBasicConfiguration(final String key) {
+    return config.get(key);
+
+  }
+
+  @Override
+  public String getBasicConfiguration(final String key, final String defaultValue) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return defaultValue;
+    } else {
+      return value;
+    }
+
+  }
+
+  @Override
+  public Boolean getBasicConfigurationBoolean(final String key) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return false;
+    } else {
+      return Boolean.valueOf(value);
+    }
+  }
+
+  @Override
+  public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+    return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+  }
+
+  @Override
+  public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+    return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+  }
+
+  @Override
+  public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public URI getConfigurationRootDirectory() {
+    return new java.io.File(".").toURI();
+
+  }
+
+  @Override
+  public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+    return null;
+  }
+
+  public void putConfigValue(final String key, final String value) {
+    config.put(key, value);
+  }
+
+  public void removeConfigValue(final String key) {
+    config.remove(key);
+
+  }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
new file mode 100644
index 000000000..9ab52a27e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
@@ -0,0 +1,150 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.security.PublicKey;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+
+public class TestUtils {
+
+  public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) {
+    return new IIdentityLink() {
+      
+      @Override
+      public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPublicKey(PublicKey[] publicKey) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPrPerson(Element prPerson) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIssueInstant(String issueInstant) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdentificationValue(String identificationValue) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdentificationType(String identificationType) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setGivenName(String givenName) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFamilyName(String familyName) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setDateOfBirth(String dateOfBirth) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String getSerializedSamlAssertion() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element getSamlAssertion() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public PublicKey[] getPublicKey() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element getPrPerson() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIssueInstant() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIdentificationValue() {
+        return baseId;
+        
+      }
+      
+      @Override
+      public String getIdentificationType() {
+        return baseIdType;
+        
+      }
+      
+      @Override
+      public String getGivenName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFamilyName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element[] getDsigReferenceTransforms() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getDateOfBirth() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+    };
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
new file mode 100644
index 000000000..8bccefc8d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
@@ -0,0 +1,171 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.net.SocketTimeoutException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.BeforeClass;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_qs_service_auth.beans.xml" })
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+public class InjectEhvdIdentityInformationQsSystemTest {
+
+  @Autowired
+  InjectEhvdInformationTask task;
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  IRequestStorage storage;
+
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+
+  @BeforeClass
+  public static void classInitializer() {
+    System.setProperty(
+        "https.cipherSuites",
+            //high secure RSA bases ciphers
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
+            ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
+        
+            //high secure ECC bases ciphers
+            ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" +
+            ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" +
+             
+            //secure backup chipers
+            ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" +
+            ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" +
+            ",TLS_RSA_WITH_AES_128_CBC_SHA" +
+            ",TLS_RSA_WITH_AES_256_CBC_SHA"                                   
+            );
+    
+  }
+  
+  @Before
+  public void initialize() throws EAAFParserException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+    final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+  }
+  
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    // inject identityLink
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+        "SUTFhJ/FXHmLGfTFchYnnWG/e3A=",
+        EAAFConstants.URN_PREFIX_CDID + "GH"));
+    
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSessionStored.isForeigner());
+    assertFalse("mandate", moaSessionStored.isMandateUsed());
+    assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    
+  }          
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
new file mode 100644
index 000000000..818a2c34b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -0,0 +1,1086 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.hamcrest.CoreMatchers.instanceOf;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class InjectEhvdIdentityInformationTaskTest {
+
+  @Autowired
+  InjectEhvdInformationTask task;
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  IRequestStorage storage;
+
+  @Rule
+  public final Soap12EndpointRule soap = Soap12EndpointRule.newInstance();
+
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+
+  private EHVD ehvdService;
+
+  @Before
+  public void initialize() throws EAAFParserException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+    final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+    // inject identityLink
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+        RandomStringUtils.randomAlphanumeric(10),
+        EAAFConstants.URN_PREFIX_BASEID));
+
+    // mock EHVD service
+    ehvdService = soap.mock(EHVD.class, "http://localhost:1234/ehvd");
+
+  }
+
+  @Test
+  public void noIdentityLinkInSession() {
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(null);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }
+  }
+
+  @Test
+  public void noActiveGda() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(false, Arrays.asList(role1)));
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.00", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void gdaGenericServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    when(ehvdService.getGDA(any())).thenThrow(new RuntimeException("No anwser from Service"));
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void gdaServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String msg = RandomStringUtils.randomAlphabetic(10);
+    SOAPFault fault = generateSoaFault(msg);    
+    SOAPFaultException error = new SOAPFaultException(fault );    
+    when(ehvdService.getGDA(any())).thenThrow(error);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void noGdaInfosInResponse() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response    
+    GdaIndexResponse gdaResponse = new GdaIndexResponse();
+    when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.03", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+
+  @Test
+  public void noValidGdaRole() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    String role2 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2)));
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  
+  @Test
+  public void validateStateWithRandomData() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    String role2 = "1.2.40.0.34.5.2:101";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        "EPI-GDA()", 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+    
+  }
+  
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = "1.2.40.0.33.5.2.101";
+    String role2 = "1.2.40.0.34.5.2:100";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        "EPI-GDA()", 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+    
+  }
+
+  @Test
+  public void validateStateSecondOid() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = "1.2.40.0.33.5.2.101";
+    String role2 = "1.2.40.0.34.5.2:158";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3));
+    when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        "EPI-GDA()", 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+        
+    assertNotNull("no full GDA response", 
+        moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX));
+    assertTrue("wrong GDA response type",
+        moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor);
+    
+    
+  }
+  
+  private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) {
+    GdaIndexResponse resp = new GdaIndexResponse();
+    GdaDescriptor gda = new GdaDescriptor();        
+    resp.setGda(gda);
+    
+    GDAStatus status = new GDAStatus();
+    gda.setStatus(status);
+    status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv");
+    
+    gda.setFirstname(RandomStringUtils.randomAlphabetic(5));
+    gda.setSurname(RandomStringUtils.randomAlphabetic(5));
+    gda.setTitle(RandomStringUtils.randomAlphabetic(5));
+    
+    InstanceIdentifier id = new InstanceIdentifier();
+    id.setId(RandomStringUtils.randomAlphabetic(5));
+    gda.setId(id);
+    
+    gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+    gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+    
+    gda.getAddress().add(generateAddress());
+    gda.getAddress().add(generateAddress());
+    
+    GDARoles gdaRoles = new GDARoles();
+    gda.setRoles(gdaRoles);
+    gdaRoles.getRole().addAll(roles);
+        
+    return resp;
+  }
+  
+  private GdaAddress generateAddress() {        
+    GdaAddress address = new GdaAddress();    
+    address.setZip(RandomStringUtils.randomNumeric(4));
+    address.setState(RandomStringUtils.randomAlphabetic(10));    
+    return address;
+    
+  }
+
+  private SOAPFault generateSoaFault(String msg) {
+    return new SOAPFault() {
+      
+      @Override
+      public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdAttributeNS(String namespaceURI, String localName, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdAttribute(String name, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Attr setAttributeNodeNS(Attr newAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr setAttributeNode(Attr newAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setAttributeNS(String namespaceURI, String qualifiedName, String value) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setAttribute(String name, String value) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Attr removeAttributeNode(Attr oldAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void removeAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void removeAttribute(String name) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean hasAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean hasAttribute(String name) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public String getTagName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public TypeInfo getSchemaTypeInfo() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getElementsByTagNameNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getElementsByTagName(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr getAttributeNodeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr getAttributeNode(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttribute(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Object setUserData(String key, Object data, UserDataHandler handler) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setTextContent(String textContent) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPrefix(String prefix) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setNodeValue(String nodeValue) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Node replaceChild(Node newChild, Node oldChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node removeChild(Node oldChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void normalize() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String lookupPrefix(String namespaceURI) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String lookupNamespaceURI(String prefix) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean isSupported(String feature, String version) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isSameNode(Node other) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isEqualNode(Node arg) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isDefaultNamespace(String namespaceURI) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Node insertBefore(Node newChild, Node refChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean hasChildNodes() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean hasAttributes() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Object getUserData(String key) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getTextContent() throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getPreviousSibling() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getPrefix() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getParentNode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Document getOwnerDocument() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNodeValue() throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public short getNodeType() {
+        // TODO Auto-generated method stub
+        return 0;
+      }
+      
+      @Override
+      public String getNodeName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getNextSibling() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNamespaceURI() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getLocalName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getLastChild() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getFirstChild() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Object getFeature(String feature, String version) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getChildNodes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getBaseURI() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NamedNodeMap getAttributes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public short compareDocumentPosition(Node other) throws DOMException {
+        // TODO Auto-generated method stub
+        return 0;
+      }
+      
+      @Override
+      public Node cloneNode(boolean deep) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node appendChild(Node newChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setValue(String value) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setParentElement(SOAPElement parent) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void recycleNode() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String getValue() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement getParentElement() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void detachNode() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setEncodingStyle(String encodingStyle) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public SOAPElement setElementQName(QName newName) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean removeNamespaceDeclaration(String prefix) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public void removeContents() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean removeAttribute(QName qname) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean removeAttribute(Name name) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Iterator getVisibleNamespacePrefixes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNamespaceURI(String prefix) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getNamespacePrefixes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getEncodingStyle() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName getElementQName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Name getElementName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements(QName qname) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements(Name name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeValue(QName qname) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeValue(Name name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getAllAttributesAsQNames() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getAllAttributes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName createQName(String localName, String prefix) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addTextNode(String text) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addNamespaceDeclaration(String prefix, String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName, String prefix, String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName, String prefix) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(SOAPElement element) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(QName qname) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(Name name) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addAttribute(QName qname, String value) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addAttribute(Name name, String value) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setFaultString(String faultString, Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultString(String faultString) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultRole(String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultNode(String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(String faultCode) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(QName faultCodeQName) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(Name faultCodeQName) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultActor(String faultActor) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void removeAllFaultSubcodes() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean hasDetail() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Iterator getFaultSubcodes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Locale getFaultStringLocale() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultString() {
+        return msg;
+        
+      }
+      
+      @Override
+      public String getFaultRole() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getFaultReasonTexts() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultReasonText(Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getFaultReasonLocales() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultNode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName getFaultCodeAsQName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Name getFaultCodeAsName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultCode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultActor() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Detail getDetail() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void appendFaultSubcode(QName subcode) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void addFaultReasonText(String text, Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Detail addDetail() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+    };
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
new file mode 100644
index 000000000..5ff8ffba7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.xml.ConfigurationException;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AttributeBuilderRegistrationTest {
+
+  @BeforeClass
+  public static void classInitializer() throws ConfigurationException {
+    EAAFDefaultSAML2Bootstrap.bootstrap();
+    
+  }
+  
+  @Test
+  public void checkRegistratedAttributeBuilder() {
+    
+    List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes();
+    
+    assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty());
+    assertTrue("No role attribute registrated", supportedAttributes.stream()
+        .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName()))
+        .findFirst()
+        .isPresent());
+        
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
new file mode 100644
index 000000000..6d39b926e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
@@ -0,0 +1,65 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AuthenticationRoleFactoryTest {
+
+  @Test
+  public void simpleRole() {    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", role, toCheck.getRawRoleString());
+    assertNull("wrong role attr", toCheck.getParams());
+       
+  }
+  
+  @Test
+  public void complexeRoleEmptyParams() {    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    String fullRole = role + "()";
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+    assertNull("wrong role attr", toCheck.getParams());
+       
+  }
+  
+  @Test
+  public void complexeRoleWithParams() {
+    String p1 = RandomStringUtils.randomAlphabetic(5);
+    String v1 = RandomStringUtils.randomAlphabetic(5);
+    String p2 = RandomStringUtils.randomAlphabetic(5);
+    String v2 = RandomStringUtils.randomAlphabetic(5);
+    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    String fullRole = role + "(\"" 
+        + p1 + "\"=\"" + v1 + "\"," 
+        + p2 + "\"=\"" + v2 + "\""
+        +")";
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+    assertNotNull("wrong role attr", toCheck.getParams());
+    assertEquals("wrong param size", 2, toCheck.getParams().size());
+           
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
new file mode 100644
index 000000000..387aca540
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"})
+public class MoaStatusMessagerTest {
+
+  @Autowired IStatusMessenger messager;
+  
+  
+  @Test
+  public void checkErrorCodeMapper() {        
+    assertEquals("default errorcode", "9199", 
+        messager.getResponseErrorCode(new NullPointerException()));
+
+    
+    assertEquals("new errorCode file", "aabbccdd", 
+        messager.mapInternalErrorToExternalError("test.01"));    
+    assertEquals("new errorCode file", "zzzyyyxxx", 
+        messager.mapInternalErrorToExternalError("test.02"));
+        
+    assertEquals("existing errorCode file", "4401", 
+        messager.mapInternalErrorToExternalError("auth.34"));
+    assertEquals("existing errorCode file", "1101", 
+        messager.mapInternalErrorToExternalError("parser.07"));
+          
+  }
+  
+  @Test
+  public void checkErrorMessages() {
+    assertEquals("new error msg", 
+        "Für den abgefragtem GDA liegt keine Berechtigung vor", messager.getMessage("ehvd.00", null));
+    assertEquals("new error msg", 
+        "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null));
+    
+    
+    assertEquals("existing error msg", 
+        "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null));
+    assertEquals("existing error msg", 
+        "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null));
+    
+  }
+  
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
new file mode 100644
index 000000000..547401cc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
@@ -0,0 +1,195 @@
+package com.github.skjolber.mockito.soap;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.ws.soap.SOAPBinding;
+import javax.xml.ws.spi.Provider;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.EndpointException;
+import org.apache.cxf.endpoint.ServerImpl;
+import org.apache.cxf.jaxws.EndpointImpl;
+import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
+import org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean;
+import org.apache.cxf.service.ServiceImpl;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.transport.ChainInitiationObserver;
+import org.apache.cxf.transport.Destination;
+import org.apache.cxf.transport.DestinationFactory;
+import org.apache.cxf.transport.DestinationFactoryManager;
+
+
+/**
+ * Fork of {@link SoapEndpointRule} that set <i>endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING)</i> 
+ * into {@link EndpointImpl}.
+ * 
+ * @author tlenz
+ *
+ */
+public class Soap12EndpointRule extends SoapServerRule {
+  private static final int PORT_RANGE_START = 1024 + 1;
+  private static final int PORT_RANGE_END = PortManager.PORT_RANGE_MAX;
+
+  public static Soap12EndpointRule newInstance() {
+    return new Soap12EndpointRule();
+  }
+
+  private final Map<String, EndpointImpl> endpoints = new HashMap<>();
+
+  private PortManager<Destination> portManager;
+
+  public Soap12EndpointRule() {
+    this(PORT_RANGE_START, PORT_RANGE_END);
+  }
+
+  public Soap12EndpointRule(String... portNames) {
+    this(PORT_RANGE_START, PORT_RANGE_END, portNames);
+  }
+
+  public Soap12EndpointRule(int portRangeStart, int portRangeEnd, String... portNames) {
+    portManager = new PortManager<Destination>(portRangeStart, portRangeEnd) {
+      @Override
+      public Destination reserve(int port) throws Exception {
+        return createDestination(port);
+      }
+
+      @Override
+      public void release(Destination destination) {
+        destination.shutdown();
+      }
+    };
+
+    portManager.add(portNames);
+  }
+
+  /**
+   * Returns the port number that was reserved for the given name.
+   *
+   * @param portName port name
+   * @return a valid port number if the port has been reserved, -1 otherwise
+   */
+  public int getPort(String portName) {
+    return portManager.getPort(portName);
+  }
+
+  /**
+   * Returns all port names and respective port numbers.
+   *
+   * @return a map of port name and port value (a valid port number if the port
+   *         has been reserved, or -1 otherwise)
+   */
+  public Map<String, Integer> getPorts() {
+    return portManager.getPorts();
+  }
+
+  /**
+   * Attempt to reserve a port by starting a server.
+   *
+   * @param port port to reserve
+   * @return destination if successful
+   * @throws IOException
+   * @throws EndpointException
+   */
+  private Destination createDestination(int port) throws IOException, EndpointException {
+    final JaxWsServiceFactoryBean jaxWsServiceFactoryBean = new JaxWsServiceFactoryBean();
+
+    final JaxWsServerFactoryBean serverFactoryBean = new JaxWsServerFactoryBean(jaxWsServiceFactoryBean);
+    final Bus bus = serverFactoryBean.getBus();
+
+    final String address = "http://localhost:" + port;
+    serverFactoryBean.setAddress(address);
+
+    final DestinationFactory destinationFactory = bus.getExtension(DestinationFactoryManager.class)
+        .getDestinationFactoryForUri(address);
+
+    final EndpointInfo ei = new EndpointInfo(null, Integer.toString(port));
+    ei.setAddress(address);
+
+    final Destination destination = destinationFactory.getDestination(ei, bus);
+
+    final ServiceImpl serviceImpl = new ServiceImpl();
+
+    final org.apache.cxf.endpoint.Endpoint endpoint = new org.apache.cxf.endpoint.EndpointImpl(bus,
+        serviceImpl, ei);
+    destination.setMessageObserver(new ChainInitiationObserver(endpoint, bus));
+    return destination;
+  }
+
+  @Override
+  public <T> void proxy(T target, Class<T> port, String address, String wsdlLocation,
+      List<String> schemaLocations, Map<String, Object> properties) {
+    assertValidParams(target, port, address);
+
+    if (endpoints.containsKey(address)) {
+      throw new IllegalArgumentException("Endpoint " + address + " already exists");
+    }
+
+    final T serviceInterface = SoapServiceProxy.newInstance(target);
+
+    final EndpointImpl endpoint = (EndpointImpl) Provider.provider().createEndpoint(null, serviceInterface);
+    endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING);
+
+    if (wsdlLocation != null) {
+      endpoint.setWsdlLocation(wsdlLocation);
+    }
+
+    if (schemaLocations != null) {
+      endpoint.setSchemaLocations(schemaLocations);
+    }
+
+    endpoint.setProperties(processProperties(properties, wsdlLocation, schemaLocations));
+
+    final Destination destination = portManager.getData(parsePort(address));
+    if (destination != null) {
+      final ServerImpl server = endpoint.getServer();
+      server.setDestination(destination);
+    }
+
+    endpoint.publish(address);
+
+    endpoints.put(address, endpoint);
+  }
+
+  @Override
+  protected void before() {
+    // reserve all ports
+    portManager.start();
+  }
+
+  @Override
+  protected void after() {
+    destroy();
+  }
+
+  /**
+   * Stop and remove endpoints, keeping port reservations.
+   */
+  public void clear() {
+    endpoints.values().forEach(EndpointImpl::stop);
+    endpoints.clear();
+  }
+
+  @Override
+  public void destroy() {
+    endpoints.values().forEach(endpoint -> {
+      endpoint.stop();
+      endpoint.getBus().shutdown(true);
+    });
+    endpoints.clear();
+    portManager.stop();
+  }
+
+  @Override
+  public void stop() {
+    endpoints.values().forEach(endpoint -> endpoint.getServer().stop());
+  }
+
+  @Override
+  public void start() {
+    // republish
+    endpoints.values().forEach(endpoint -> endpoint.getServer().start());
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..580af5559
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -0,0 +1,11 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=http://localhost:1234/ehvd
+#modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..4e666c204
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
@@ -0,0 +1,4 @@
+modules.ehvd.enabled=false
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
new file mode 100644
index 000000000..dc8fe54d5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
@@ -0,0 +1,12 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+#modules.ehvd.service.bpk.target=
+modules.ehvd.proxy.socks.port=12345
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
+#modules.ehvd.service.otherid.prefix=1.2.40.0.34.4.18:
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
new file mode 100644
index 000000000..0595d4eb4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+	<import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config_qs_service.properties" />
+	</bean>
+ 																												
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..b499ad395
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+	<import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config1.properties" />
+	</bean>
+ 																												
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
new file mode 100644
index 000000000..7116034b7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config2.properties" />
+	</bean>
+ 		
+	<beans default-lazy-init="true">
+		<bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+			<property name="priority" value="4" />
+		</bean>
+ 					 		
+    </beans>																								
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
new file mode 100644
index 000000000..5d8e03fb5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<bean id="testMsgProvider" 
+		  class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/>
+ 																												
+</beans>
\ No newline at end of file