untested, but without dependency problems

7 files changed, 92 insertions, 102 deletions

diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
index f6c8cb6e3..7ab222fa0 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataAssertionBuilder.java
@@ -32,7 +32,6 @@ import java.util.List;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1AuthenticationData;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
@@ -41,7 +40,7 @@ import at.gv.egovernment.moa.util.StringUtils;
 
 /**
  * Builder for the authentication data <code>&lt;saml:Assertion&gt;</code>
- * to be provided by the MOA ID Auth component.
+ * to be provided by the MOA ID Auth component. 
  *
  * @author Paul Ivancsics
  * @version $Id$
@@ -277,8 +276,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     	if (!useCondition) {
     		assertion = MessageFormat.format(AUTH_DATA, new Object[] {
     		        authData.getAssertionID(), 
-    		        authData.getIssuer(), 
-    		        authData.getIssueInstantString(), 
+    		        authData.getAuthenticationIssuer(), 
+    		        authData.getAuthenticationIssueInstantString(), 
     		        pkType,
     		        pkValue, 
     		        StringUtils.removeXMLDeclaration(xmlAuthBlock), 
@@ -302,8 +301,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		
     		assertion = MessageFormat.format(AUTH_DATA_WITH_CONDITIONS, new Object[] {
     		        authData.getAssertionID(), 
-    		        authData.getIssuer(), 
-    		        authData.getIssueInstantString(), 
+    		        authData.getAuthenticationIssuer(), 
+    		        authData.getAuthenticationIssueInstantString(), 
     		        notBefore,
     		        notOnOrAfter,
     		        pkType,
@@ -400,8 +399,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     	if (!useCondition) {
     		assertion = MessageFormat.format(AUTH_DATA_MANDATE, new Object[] {
     		        authData.getAssertionID(), 
-    		        authData.getIssuer(), 
-    		        authData.getIssueInstantString(), 
+    		        authData.getAuthenticationIssuer(), 
+    		        authData.getAuthenticationIssueInstantString(), 
     		        pkType,
     		        pkValue, 
     		        StringUtils.removeXMLDeclaration(xmlAuthBlock), 
@@ -426,8 +425,8 @@ public class AuthenticationDataAssertionBuilder extends AuthenticationAssertionB
     		
     		assertion = MessageFormat.format(AUTH_DATA_MANDATE_WITH_CONDITIONS, new Object[] {
     		        authData.getAssertionID(), 
-    		        authData.getIssuer(), 
-    		        authData.getIssueInstantString(),
+    		        authData.getAuthenticationIssuer(), 
+    		        authData.getAuthenticationIssueInstantString(),
     		        notBefore,
     		        notOnOrAfter,
     		        pkType,
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 99d5d9063..3452da003 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -28,15 +28,15 @@ import javax.servlet.http.HttpServletResponse;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAction;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.slo.SLOInformationInterface;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.servlet.RedirectServlet;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
-import at.gv.egovernment.moa.id.data.IAuthData;
 import at.gv.egovernment.moa.id.data.SLOInformationImpl;
-import at.gv.egovernment.moa.id.data.SLOInformationInterface;
-import at.gv.egovernment.moa.id.moduls.IAction;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 import at.gv.egovernment.moa.util.URLEncoder;
@@ -49,9 +49,9 @@ public class GetArtifactAction implements IAction {
 	public SLOInformationInterface processRequest(IRequest req, HttpServletRequest httpReq,
 			HttpServletResponse httpResp, IAuthData obj) throws AuthenticationException {
 			
-		String oaURL = (String) req.getOAURL();
+		String oaURL = (String) req.getSPEntityId();
 		
-		String sourceID = null;
+		String sourceID = null; 
 		if (req instanceof SAML1RequestImpl) {
 			SAML1RequestImpl saml1req = (SAML1RequestImpl) req;
 			sourceID = saml1req.getSourceID();
@@ -68,7 +68,7 @@ public class GetArtifactAction implements IAction {
 		}
 					
 		try {
-			IOAAuthParameters oaParam = req.getOnlineApplicationConfiguration();
+			IOAAuthParameters oaParam = req.getServiceProviderConfiguration(IOAAuthParameters.class);
 								
 			//TODO: add eIDAS to SAML1 protocol if it is really necessary
 			
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
index 13df30862..85e2107c6 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetAuthenticationDataService.java
@@ -72,15 +72,14 @@ import org.xml.sax.SAXException;
 
 import com.google.common.net.MediaType;
 
+import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractController;
+import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.frontend.velocity.VelocityProvider;
-import at.gv.egovernment.moa.id.auth.servlet.AbstractController;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.ErrorResponseUtils;
-import at.gv.egovernment.moa.id.util.HTTPUtils;
-import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
@@ -98,7 +97,7 @@ import at.gv.egovernment.moa.util.XPathUtils;
  * since SAML1 is deprecated MOA-ID >= 2.0.0 
  * 
  * @author tlenz
- */
+ */ 
 @Controller
 public class GetAuthenticationDataService extends AbstractController implements Constants {
 
@@ -280,9 +279,7 @@ public class GetAuthenticationDataService extends AbstractController implements
 					try {
 						Throwable error = saml1AuthServer.getErrorResponse(samlArtifact);
 						statusCode = "samlp:Responder";
-						
-						ErrorResponseUtils errorUtils = ErrorResponseUtils.getInstance();
-						
+												
 						if (error instanceof MOAIDException) {
 							statusMessageCode = ((MOAIDException)error).getMessageId();
 							statusMessage = StringEscapeUtils.escapeXml(((MOAIDException)error).getMessage());
@@ -291,8 +288,9 @@ public class GetAuthenticationDataService extends AbstractController implements
 							statusMessage = StringEscapeUtils.escapeXml(error.getMessage());
 							
 						}							
-						subStatusCode = errorUtils.getResponseErrorCode(error);
-															
+						subStatusCode = statusMessager.getResponseErrorCode(error);
+											
+						
 					} catch (Exception e) {
 						//no authentication data for given SAML artifact
 						statusCode = "samlp:Requester";
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index bf4a55e46..1be3e3daa 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -43,6 +43,11 @@ import org.xml.sax.SAXException;
 
 import at.gv.e_government.reference.namespace.mandates._20040701_.Mandate;
 import at.gv.e_government.reference.namespace.mandates._20040701_.Mandator;
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
 import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
@@ -57,17 +62,12 @@ import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
-import at.gv.egovernment.moa.id.commons.api.IRequest;
 import at.gv.egovernment.moa.id.commons.api.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
-import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.data.IAuthData;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
 import at.gv.egovernment.moa.id.data.Pair;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
-import at.gv.egovernment.moa.id.storage.ITransactionStorage;
-import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.Base64Utils;
 import at.gv.egovernment.moa.util.Constants;
@@ -86,7 +86,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 		
 	@Autowired private ITransactionStorage authenticationDataStore;
 	
-	/**
+	/** 
 	 * time out in milliseconds used by {@link cleanup} for authentication data
 	 * store
 	 */
@@ -103,8 +103,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 		}
 		Throwable error = null;
 		try {
-			error = authenticationDataStore
-					.get(samlArtifact, Throwable.class);
+			error = authenticationDataStore.get(samlArtifact, Throwable.class);
 			
 			if (error == null) {
 				Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
@@ -114,7 +113,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 				
 			authenticationDataStore.remove(samlArtifact);
 				
-		} catch (MOADatabaseException e) {
+		} catch (EAAFException e) {
 			Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
 			throw new AuthenticationException("1206", new Object[] { samlArtifact });
 		}
@@ -189,7 +188,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			}
 				
 				
-		} catch (MOADatabaseException e) {
+		} catch (EAAFException e) {
 			Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
 			throw new AuthenticationException("1206", new Object[] { samlArtifact });
 		}		
@@ -201,10 +200,10 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	}
 	
 	public String BuildErrorAssertion(Throwable error, IRequest protocolRequest) 
-			throws BuildException, MOADatabaseException {
+			throws EAAFException {
 		
 		String samlArtifact = new SAMLArtifactBuilder().build(
-				protocolRequest.getOAURL(), protocolRequest.getRequestID(),
+				protocolRequest.getSPEntityId(), protocolRequest.getPendingRequestId(),
 				null);
 		
 		authenticationDataStore.put(samlArtifact, error, authDataTimeOut);
@@ -428,7 +427,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			//authData.setSamlAssertion(samlAssertion);
 				
 			String samlArtifact = new SAMLArtifactBuilder().build(
-			authData.getIssuer(), Random.nextRandom(),
+			authData.getAuthenticationIssuer(), Random.nextRandom(),
 			sourceID);
 			
 			storeAuthenticationData(samlArtifact, samlAssertion);
@@ -443,7 +442,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 
 	}
 
-	private String generateMandateDate(IOAAuthParameters oaParam, AuthenticationData authData
+	private String generateMandateDate(IOAAuthParameters oaParam, MOAAuthenticationData authData
 			) throws AuthenticationException, BuildException,
 			ParseException, ConfigurationException, ServiceException,
 			ValidateException {
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 8dfe10268..54b137ce1 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -37,8 +37,10 @@ import org.springframework.web.bind.annotation.RequestMethod;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.IModulInfo;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
-import at.gv.egiz.eaaf.core.exceptions.ProtocolNotActiveException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.exception.WrongParametersException;
@@ -47,7 +49,6 @@ import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.logging.Logger;
@@ -60,7 +61,7 @@ import at.gv.egovernment.moa.util.URLEncoder;
  * @deprecated
  * @author tlenz
  *
- */
+ */ 
 
 @Controller
 public class SAML1Protocol extends AbstractAuthProtocolModulController implements IModulInfo {
@@ -99,15 +100,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 
 	
 	@RequestMapping(value = "/StartAuthentication", method = {RequestMethod.POST, RequestMethod.GET})
-	public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws MOAIDException, IOException {		
-		if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
-			Logger.info("SAML1 is deaktivated!");
-			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
-			
-		}
+	public void SAML1AuthnRequest(HttpServletRequest req, HttpServletResponse resp) throws IOException, EAAFException {		
+//		if (!AuthConfigurationProviderFactory.getInstance().getAllowedProtocols().isSAML1Active()) {
+//			Logger.info("SAML1 is deaktivated!");
+//			throw new ProtocolNotActiveException("auth.22", new Object[] { "SAML 1" });
+//			
+//		}
 		
 		SAML1RequestImpl pendingReq = applicationContext.getBean(SAML1RequestImpl.class);
-		pendingReq.initialize(req);
+		pendingReq.initialize(req, authConfig);
 		pendingReq.setModule(NAME);
 	
 		revisionsLogger.logEvent(MOAIDEventConstants.SESSION_CREATED, pendingReq.getUniqueSessionIdentifier());
@@ -128,15 +129,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 	
 	
 	public void preProcess(HttpServletRequest request,
-			HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException {
+			HttpServletResponse response, SAML1RequestImpl pendingRequest) throws MOAIDException, InvalidProtocolRequestException, EAAFConfigurationException, EAAFStorageException {
 		try {	
-			String oaURL = (String) request.getParameter(PARAM_OA);
+			String oaURL = (String) request.getParameter(MOAIDAuthConstants.PARAM_OA);
 			//oaURL = StringEscapeUtils.escapeHtml(oaURL);
 			
-			String target = (String) request.getParameter(PARAM_TARGET);
+			String target = (String) request.getParameter(MOAIDAuthConstants.PARAM_TARGET);
 			target = StringEscapeUtils.escapeHtml(target);
 			
-			String sourceID = request.getParameter(PARAM_SOURCEID);
+			String sourceID = request.getParameter(MOAIDAuthConstants.PARAM_SOURCEID);
 			sourceID = StringEscapeUtils.escapeHtml(sourceID);
 			
 			//the target parameter is used to define the OA in SAML1 standard
@@ -147,35 +148,35 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 			
 			if (MiscUtil.isEmpty(oaURL)) {
 				Logger.info("Receive SAML1 request with no OA parameter. Authentication STOPPED!");
-				throw new WrongParametersException("StartAuthentication", PARAM_OA,
+				throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_OA,
 						"auth.12");
 				
 			}
 			
 			if (!ParamValidatorUtils.isValidOA(oaURL))
-				throw new WrongParametersException("StartAuthentication", PARAM_OA,
+				throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_OA,
 						"auth.12");
 			
-			pendingRequest.setOAURL(oaURL);
+			pendingRequest.setSPEntityId(oaURL);
 			
 			Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
 			
 		    if (!ParamValidatorUtils.isValidSourceID(sourceID))
-	            throw new WrongParametersException("StartAuthentication", PARAM_SOURCEID, "auth.12");
+	            throw new WrongParametersException("StartAuthentication", MOAIDAuthConstants.PARAM_SOURCEID, "auth.12");
 			
 			
 			//load Target only from OA config
-			IOAAuthParameters oaParam = authConfig.getOnlineApplicationParameter(oaURL);
+			IOAAuthParameters oaParam = authConfig.getServiceProviderConfiguration(oaURL, IOAAuthParameters.class);
 			
 			if (oaParam == null)
 				throw new InvalidProtocolRequestException("auth.00",
-						new Object[] { null });
+						new Object[] { null }, "No Online-Application configuration found");
 					
 			SAML1ConfigurationParameters saml1 = oaParam.getSAML1Parameter();
 			if (saml1 == null || !(saml1.isIsActive() != null && saml1.isIsActive()) ) {
 				Logger.info("Online-Application " + oaURL + " can not use SAML1 for authentication.");
 				throw new InvalidProtocolRequestException("auth.00",
-						new Object[] { null });
+						new Object[] { null }, "OA: " + oaURL + " can not used with SAML1");
 			}
 			pendingRequest.setOnlineApplicationConfiguration(oaParam);
 			
@@ -213,7 +214,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 			pendingRequest.setAction(GetArtifactAction.class.getName());
 			
 		} catch (WrongParametersException e) {
-			throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters());
+			throw new InvalidProtocolRequestException(e.getMessageId(), e.getParameters(), "SAML1 parameter validation FAILED");
 			
 		} catch (InvalidProtocolRequestException e) {
 			throw e;
@@ -226,15 +227,15 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 			HttpServletRequest request, HttpServletResponse response,
 			IRequest protocolRequest) 
 					throws Throwable{
-		if (!protocolRequest.getOnlineApplicationConfiguration().getSAML1Parameter().isProvideAllErrors())
+		if (!protocolRequest.getServiceProviderConfiguration(IOAAuthParameters.class).getSAML1Parameter().isProvideAllErrors())
 			return false;
 		
 		else {	
 			String samlArtifactBase64 = saml1AuthServer.BuildErrorAssertion(e, protocolRequest);
 		
 			String url = protocolRequest.getAuthURL() + "/RedirectServlet";
-			url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getOAURL(), "UTF-8"));
-			url = addURLParameter(url, PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
+			url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(protocolRequest.getSPEntityId(), "UTF-8"));
+			url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 			url = response.encodeRedirectURL(url);
 		
 			response.setContentType("text/html");
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
index 1d3525626..4d3e60dd7 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1RequestImpl.java
@@ -22,18 +22,11 @@
  */
 package at.gv.egovernment.moa.id.protocols.saml1;
 
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
 import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 
-import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
-import at.gv.egovernment.moa.id.moduls.RequestImpl;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
 
 /**
  * @author tlenz
@@ -45,7 +38,7 @@ public class SAML1RequestImpl extends RequestImpl {
 
 	private static final long serialVersionUID = -4961979968425683115L;
 	
-	private String sourceID = null;
+	private String sourceID = null; 
 	private String target = null;
 	
 	/**
@@ -78,29 +71,29 @@ public class SAML1RequestImpl extends RequestImpl {
 		this.target = target;
 	}
 
-	/* (non-Javadoc)
-	 * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
-	 */
-	@Override
-	public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
-		
-		List<String> reqAttr = new ArrayList<String>();
-		reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION);
-		
-		SAML1ConfigurationParameters saml1 = this.getOnlineApplicationConfiguration().getSAML1Parameter();
-		if (saml1 != null) {
-			if (saml1.isProvideAUTHBlock())
-				reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME);
-			
-			if (saml1.isProvideCertificate())
-				reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME);
-			
-			if (saml1.isProvideFullMandatorData())
-				reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME);
-		}
-				
-		return reqAttr;
-		
-	}
+//	/* (non-Javadoc)
+//	 * @see at.gv.egovernment.moa.id.moduls.RequestImpl#getRequestedAttributes()
+//	 */
+//	@Override
+//	public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider) {
+//		
+//		List<String> reqAttr = new ArrayList<String>();
+//		reqAttr.addAll(SAML1Protocol.DEFAULTREQUESTEDATTRFORINTERFEDERATION);
+//		
+//		SAML1ConfigurationParameters saml1 = this.getOnlineApplicationConfiguration().getSAML1Parameter();
+//		if (saml1 != null) {
+//			if (saml1.isProvideAUTHBlock())
+//				reqAttr.add(PVPConstants.EID_AUTH_BLOCK_NAME);
+//			
+//			if (saml1.isProvideCertificate())
+//				reqAttr.add(PVPConstants.EID_SIGNER_CERTIFICATE_NAME);
+//			
+//			if (saml1.isProvideFullMandatorData())
+//				reqAttr.add(PVPConstants.MANDATE_FULL_MANDATE_NAME);
+//		}
+//				
+//		return reqAttr;
+//		
+//	}
 
 }
diff --git a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
index 961c8d0b5..4591e456f 100644
--- a/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
+++ b/id/server/modules/moa-id-modules-saml1/src/test/java/test/at/gv/egovernment/moa/id/auth/parser/SAMLArtifactParserTest.java
@@ -46,9 +46,9 @@
 
 package test.at.gv.egovernment.moa.id.auth.parser;
 
+import at.gv.egiz.eaaf.core.impl.utils.Random;
 import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
 import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
-import at.gv.egovernment.moa.id.util.Random;
 import test.at.gv.egovernment.moa.id.UnitTestCase;
 
 /*
@@ -63,7 +63,7 @@ public class SAMLArtifactParserTest extends UnitTestCase {
   public SAMLArtifactParserTest(String name) {
     super(name);
   }
-
+ 
   public void testParseTypeCode() throws Exception {
     String sessionID = Random.nextRandom();
     String samlArtifact = new SAMLArtifactBuilder().build(URL1, sessionID, null);