Assertion Database updated

  - update get with correct class type
  - create clean method with timeout
Remove unused code for SAML1 Assertion generation

9 files changed, 64 insertions, 417 deletions

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index afd25dcad..9ffd72cda 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -114,6 +114,7 @@ import at.gv.egovernment.moa.id.config.stork.CPEPS;
 import at.gv.egovernment.moa.id.config.stork.STORKConfig;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.moduls.AuthenticationSessionStore;
+import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
 import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
 import at.gv.egovernment.moa.id.util.Random;
@@ -152,8 +153,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	private static AuthenticationServer instance;
 	/** session data store (session ID -> AuthenticationSession) */
 	private static Map sessionStore = new HashMap();
-	/** authentication data store (assertion handle -> AuthenticationData) */
-	private static Map authenticationDataStore = new HashMap();
+
 	/**
 	 * time out in milliseconds used by {@link cleanup} for session store
 	 */
@@ -2372,7 +2372,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	 * @throws BuildException
 	 *             while building the <code>&lt;saml:Assertion&gt;</code>
 	 */
-	private AuthenticationData buildAuthenticationData(
+	protected static AuthenticationData buildAuthenticationData(
 			AuthenticationSession session,
 			VerifyXMLSignatureResponse verifyXMLSigResp, boolean useUTC, boolean isForeigner)
 			throws ConfigurationException, BuildException {
@@ -2486,92 +2486,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 	}
 
 	/**
-	 * Retrieves <code>AuthenticationData</code> indexed by the SAML artifact.
-	 * The <code>AuthenticationData</code> is deleted from the store upon end of
-	 * this call.
-	 * 
-	 * @return <code>AuthenticationData</code>
-	 */
-	public AuthenticationData getAuthenticationData(String samlArtifact)
-			throws AuthenticationException {
-		String assertionHandle;
-		try {
-			assertionHandle = new SAMLArtifactParser(samlArtifact)
-					.parseAssertionHandle();
-		} catch (ParseException ex) {
-			throw new AuthenticationException("1205", new Object[] {
-					samlArtifact, ex.toString() });
-		}
-		AuthenticationData authData = null;
-		synchronized (authenticationDataStore) {
-			// System.out.println("assertionHandle: " + assertionHandle);
-			authData = (AuthenticationData) authenticationDataStore
-					.get(assertionHandle);
-			if (authData == null) {
-				Logger.error("Assertion not found for SAML Artifact: "
-						+ samlArtifact);
-				throw new AuthenticationException("1206",
-						new Object[] { samlArtifact });
-			}
-			boolean keepAssertion = false;
-			try {
-				String boolStr = AuthConfigurationProvider.getInstance()
-						.getGenericConfigurationParameter(
-								"AuthenticationServer.KeepAssertion");
-				if (null != boolStr && boolStr.equalsIgnoreCase("true"))
-					keepAssertion = true;// Only allowed for debug purposes!!!
-			} catch (ConfigurationException ex) {
-				throw new AuthenticationException("1205", new Object[] {
-						samlArtifact, ex.toString() });
-			}
-			if (!keepAssertion) {
-				authenticationDataStore.remove(assertionHandle);
-			}
-		}
-		long now = new Date().getTime();
-		if (now - authData.getTimestamp().getTime() > authDataTimeOut)
-			throw new AuthenticationException("1207",
-					new Object[] { samlArtifact });
-		Logger.debug("Assertion delivered for SAML Artifact: " + samlArtifact);
-		return authData;
-	}
-
-	/**
-	 * Stores authentication data indexed by the assertion handle contained in
-	 * the given saml artifact.
-	 * 
-	 * @param samlArtifact
-	 *            SAML artifact
-	 * @param authData
-	 *            authentication data
-	 * @throws AuthenticationException
-	 *             when SAML artifact is invalid
-	 */
-	private void storeAuthenticationData(String samlArtifact,
-			AuthenticationData authData) throws AuthenticationException {
-
-		try {
-			SAMLArtifactParser parser = new SAMLArtifactParser(samlArtifact);
-			// check type code 0x0001
-			byte[] typeCode = parser.parseTypeCode();
-			if (typeCode[0] != 0 || typeCode[1] != 1)
-				throw new AuthenticationException("auth.06",
-						new Object[] { samlArtifact });
-			String assertionHandle = parser.parseAssertionHandle();
-			synchronized (authenticationDataStore) {
-				Logger.debug("Assertion stored for SAML Artifact: "
-						+ samlArtifact);
-				authenticationDataStore.put(assertionHandle, authData);
-			}
-		} catch (AuthenticationException ex) {
-			throw ex;
-		} catch (Throwable ex) {
-			throw new AuthenticationException("auth.06",
-					new Object[] { samlArtifact });
-		}
-	}
-
-	/**
 	 * Creates a new session and puts it into the session store.
 	 * 
 	 * @param id
@@ -2637,20 +2551,10 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				}
 			}
 		}
-		synchronized (authenticationDataStore) {
-			Set keys = new HashSet(authenticationDataStore.keySet());
-			for (Iterator iter = keys.iterator(); iter.hasNext();) {
-				String samlAssertionHandle = (String) iter.next();
-				AuthenticationData authData = (AuthenticationData) authenticationDataStore
-						.get(samlAssertionHandle);
-				if (now - authData.getTimestamp().getTime() > authDataTimeOut) {
-					Logger.info(MOAIDMessageProvider.getInstance().getMessage(
-							"cleaner.03",
-							new Object[] { authData.getAssertionID() }));
-					authenticationDataStore.remove(samlAssertionHandle);
-				}
-			}
-		}
+		
+		//clean AssertionStore
+		AssertionStorage assertionstore = AssertionStorage.getInstance();
+		assertionstore.clean(now, authDataTimeOut);
 	}
 
 	/**
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
deleted file mode 100644
index b5c72ef9f..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GetAuthenticationDataService.java
+++ /dev/null
@@ -1,164 +0,0 @@
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.servlet;
-
-import java.util.Calendar;
-
-import org.apache.axis.AxisFault;
-import org.w3c.dom.Element;
-
-import org.w3c.dom.NodeList;
-
-import at.gv.egovernment.moa.id.AuthenticationException;
-import at.gv.egovernment.moa.id.MOAIDException;
-import at.gv.egovernment.moa.id.auth.AuthenticationServer;
-import at.gv.egovernment.moa.id.auth.builder.SAMLResponseBuilder;
-import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.util.MOAIDMessageProvider;
-import at.gv.egovernment.moa.id.util.Random;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DOMUtils;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.XPathUtils;
-
-/**
- * Web service for picking up authentication data created in the MOA-ID Auth component.
- * 
- * @author Paul Ivancsics
- * @version $Id$
- * @see at.gv.egovernment.moa.id.auth.AuthenticationServer#getAuthenticationData
- */
-public class GetAuthenticationDataService implements Constants {
-
-  /**
-   * Constructor for GetAuthenticationDataService.
-   */
-  public GetAuthenticationDataService() {
-    super();
-  }
-
-	/**
-	 * Takes a <code>lt;samlp:Request&gt;</code> containing a 
-	 * <code>SAML artifact</code> and returns the corresponding 
-	 * authentication data <code>lt;saml:Assertion&gt;</code> 
-	 * (obtained from the <code>AuthenticationServer</code>),
-	 * enclosed in a <code>lt;samlp:Response&gt;</code>.
-	 * <br/>Bad requests are mapped into various <code>lt;samlp:StatusCode&gt;</code>s,
-	 * possibly containing enclosed sub-<code>lt;samlp:StatusCode&gt;</code>s.
-	 * The status codes are defined in the SAML specification.
-	 * 
-	 * @param requests request elements of type <code>lt;samlp:Request&gt;</code>;
-	 * 				 only 1 request element is allowed
-	 * @return response element of type <code>lt;samlp:Response&gt;</code>,
-	 * 				  packed into an <code>Element[]</code>
-	 * @throws AxisFault thrown when an error occurs in assembling the 
-	 * 					<code>lt;samlp:Response&gt;</code>
-	 */
-  public Element[] Request(Element[] requests) 
-  	throws AxisFault {
-  		
-		Element request = requests[0];
-    Element[] responses = new Element[1];
-		String requestID = "";
-		String statusCode = "";
-		String subStatusCode = null;
-		String statusMessageCode = null;
-    String statusMessage = null;
-		String samlAssertion = "";
-		boolean useUTC = false;
-		if (requests.length > 1) {
-			// more than 1 request given as parameter
-			statusCode = "samlp:Requester";
-			subStatusCode = "samlp:TooManyResponses";
-			statusMessageCode = "1201";
-		}
-		else {
-			try {
-				DOMUtils.validateElement(request, ALL_SCHEMA_LOCATIONS, null);
-				NodeList samlArtifactList = XPathUtils.selectNodeList(request, "samlp:AssertionArtifact");
-				if (samlArtifactList.getLength() == 0) {
-					// no SAML artifact given in request
-					statusCode = "samlp:Requester";
-					statusMessageCode = "1202";
-				}
-				else if (samlArtifactList.getLength() > 1) {
-					// too many SAML artifacts given in request
-					statusCode = "samlp:Requester";
-					subStatusCode = "samlp:TooManyResponses";
-					statusMessageCode = "1203";
-				}
-				else {
-					Element samlArtifactElem = (Element)samlArtifactList.item(0);
-                    requestID = request.getAttribute("RequestID");
-					String samlArtifact = DOMUtils.getText(samlArtifactElem);
-					try {
-						
-            AuthenticationData authData = AuthenticationServer.getInstance().
-  						getAuthenticationData(samlArtifact);
-                        
-            useUTC = authData.getUseUTC();
-            // success
-            samlAssertion = authData.getSamlAssertion();
-            statusCode = "samlp:Success";
-            statusMessageCode = "1200";
-          }
-          catch (AuthenticationException ex) {
-						// no authentication data for given SAML artifact
-						statusCode = "samlp:Requester";
-						subStatusCode = "samlp:ResourceNotRecognized";
-						statusMessage = ex.toString();
-					}
-				}
-			}
-	    catch (Throwable t) {
-	    	// invalid request format
-				statusCode = "samlp:Requester";
-				statusMessageCode = "1204";
-	    }
-		}
-    try {
-			String responseID = Random.nextRandom();			
-			String issueInstant = DateTimeUtils.buildDateTime(Calendar.getInstance(), useUTC);
-      if (statusMessage == null)
-			  statusMessage = MOAIDMessageProvider.getInstance().getMessage(statusMessageCode, null);
-	    responses[0] = new SAMLResponseBuilder().build(
-	    	responseID, requestID, issueInstant, statusCode, subStatusCode, statusMessage, samlAssertion);
-    
-  	}
-    catch (MOAIDException e) {
-	    AxisFault fault = AxisFault.makeFault(e);
-	    fault.setFaultDetail(new Element[] { e.toErrorResponse()});
-	    throw fault;
-    } 
-    catch (Throwable t) {
-	    MOAIDException e = new MOAIDException("1299", null, t);
-	    AxisFault fault = AxisFault.makeFault(e);
-	    fault.setFaultDetail(new Element[] { e.toErrorResponse()});
-	    throw fault;
-    }
-    return responses;
-  }
-  	
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
index 5f59b6f9a..e15d8f908 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/StartAuthenticationServlet.java
@@ -117,6 +117,7 @@ public class StartAuthenticationServlet extends AuthServlet {
     String modul = request.requestedModule();//req.getParameter(PARAM_MODUL);
     String action = request.requestedAction();//req.getParameter(PARAM_ACTION);
     request.getOAURL();
+    
     // escape parameter strings
     //TODO: use URLEncoder.encode!!
     target = StringEscapeUtils.escapeHtml(target);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index b21bfdacb..d1f44d55c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -285,7 +285,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 			} catch (MalformedURLException t) {
 				throw new ConfigurationException("config.03", null, t);
 		  }
-
 			
 		//Initial Hibernate Framework
 		//TODO: Full update to new MOA-ID configuration!!! 	
@@ -300,7 +299,6 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 			fis = new FileInputStream(propertiesFile);
 			props.load(fis);
 			
-			
 			// initialize hibernate
 			synchronized (AuthConfigurationProvider.class) {
 				Configuration hibernateConfig = new Configuration();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
index a61dc53be..2e2f75b94 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVPAssertionStorage.java
@@ -44,7 +44,7 @@ public class PVPAssertionStorage implements SAMLArtifactMap {
 
 	public SAMLArtifactMapEntry get(String artifact) {
 		try {
-			return (SAMLArtifactMapEntry) assertions.get(artifact);
+			return assertions.get(artifact, SAMLArtifactMapEntry.class);
 			
 		} catch (MOADatabaseException e) {
 			// TODO Insert Error Handling, if Assertion could not be read
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
index d22993030..9f47123ab 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1AuthenticationServer.java
@@ -1,25 +1,16 @@
 package at.gv.egovernment.moa.id.protocols.saml1;
 
-import iaik.x509.X509Certificate;
-
 import java.io.File;
 import java.io.IOException;
-import java.util.Calendar;
 import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
 
 import at.gv.egovernment.moa.id.AuthenticationException;
 import at.gv.egovernment.moa.id.BuildException;
 import at.gv.egovernment.moa.id.ParseException;
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataAssertionBuilder;
-import at.gv.egovernment.moa.id.auth.builder.BPKBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
 import at.gv.egovernment.moa.id.auth.builder.SAMLArtifactBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
-import at.gv.egovernment.moa.id.auth.data.IdentityLink;
-import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.validator.parep.ParepUtils;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
@@ -28,144 +19,21 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
-import at.gv.egovernment.moa.id.util.Random;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.Constants;
-import at.gv.egovernment.moa.util.DateTimeUtils;
-import at.gv.egovernment.moa.util.StringUtils;
 
 public class SAML1AuthenticationServer extends AuthenticationServer {
-
-	// TODO: for clustering we have to replicate this data to other servers
-	// We might need to introduce a openEJB to accomplish this
-	/** authentication data store (assertion handle -> AuthenticationData) */
-	@SuppressWarnings("rawtypes")
-	
 	
 	//private static Map authenticationDataStore = new HashMap();
 	private static AssertionStorage authenticationDataStore =  AssertionStorage.getInstance();
 	
 	
+	//TODO: make this time configurable
 	/**
 	 * time out in milliseconds used by {@link cleanup} for authentication data
 	 * store
 	 */
 	private static final long authDataTimeOut = 2 * 60 * 1000; // default 2 minutes
-	
-	private static AuthenticationData buildAuthenticationData(
-			AuthenticationSession session,
-			VerifyXMLSignatureResponse verifyXMLSigResp, boolean useUTC, boolean isForeigner)
-			throws ConfigurationException, BuildException {
-
-		IdentityLink identityLink = session.getIdentityLink();
-		AuthenticationData authData = new AuthenticationData();
-		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
-				.getOnlineApplicationParameter(session.getPublicOAURLPrefix());
-		boolean businessService = oaParam.getBusinessService();
-		authData.setMajorVersion(1);
-		authData.setMinorVersion(0);
-		authData.setAssertionID(Random.nextRandom());
-		authData.setIssuer(session.getAuthURL());
-		authData.setIssueInstant(DateTimeUtils.buildDateTime(Calendar
-				.getInstance(), useUTC));
-		authData.setIdentificationType(identityLink.getIdentificationType());
-		authData.setGivenName(identityLink.getGivenName());
-		authData.setFamilyName(identityLink.getFamilyName());
-		authData.setDateOfBirth(identityLink.getDateOfBirth());
-		authData.setQualifiedCertificate(verifyXMLSigResp
-				.isQualifiedCertificate());
-		authData.setPublicAuthority(verifyXMLSigResp.isPublicAuthority());
-		authData.setPublicAuthorityCode(verifyXMLSigResp
-				.getPublicAuthorityCode());
-		authData.setBkuURL(session.getBkuURL());
-		authData.setUseUTC(oaParam.getUseUTC());
-		boolean provideStammzahl = oaParam.getProvideStammzahl();
-		if (provideStammzahl) {
-			authData.setIdentificationValue(identityLink
-					.getIdentificationValue());
-		}
-		String prPerson = new PersonDataBuilder().build(identityLink,
-				provideStammzahl);
-
-		try {
-			String signerCertificateBase64 = "";
-			if (oaParam.getProvideCertifcate()) {
-				X509Certificate signerCertificate = verifyXMLSigResp
-						.getX509certificate();
-				if (signerCertificate != null) {
-					signerCertificateBase64 = Base64Utils
-							.encode(signerCertificate.getEncoded());
-				} else {
-					Logger
-							.info("\"provideCertificate\" is \"true\", but no signer certificate available");
-				}
-			}
-			authData.setSignerCertificate(signerCertificateBase64);
-			if(!isForeigner) {
-				//we have Austrian citizen
-				if (businessService) {
-					authData.setWBPK(identityLink.getIdentificationValue());
-				} else {
-					authData.setBPK(identityLink.getIdentificationValue());
-	
-					// BZ.., calculation of bPK already before sending AUTHBlock
-					/*
-					 * if(identityLink.getIdentificationType().equals(Constants.
-					 * URN_PREFIX_BASEID)) { // only compute bPK if online
-					 * application is a public service and we have the Stammzahl
-					 * String bpkBase64 = new BPKBuilder().buildBPK(
-					 * identityLink.getIdentificationValue(), session.getTarget());
-					 * authData.setBPK(bpkBase64); }
-					 */
-	
-				}
-			} else {
-				//we have foreigner, thus we have to calculate bPK and wbPK now (after receiving identity link from SZR-GW
-				if (businessService) {
-					//since we have foreigner, wbPK is not calculated in BKU
-					if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { 						 
-						 String wbpkBase64 = new BPKBuilder().buildWBPK(identityLink.getIdentificationValue(), session.getDomainIdentifier());
-						 authData.setWBPK(wbpkBase64); 
-					 }										
-					
-				} else {
-					
-					 if(identityLink.getIdentificationType().equals(Constants.URN_PREFIX_BASEID)) { 
-						 // only compute bPK if online application is a public service and we have the Stammzahl
-						 String bpkBase64 = new BPKBuilder().buildBPK(identityLink.getIdentificationValue(), session.getTarget());
-						 authData.setBPK(bpkBase64); 
-					 }
-					
-	
-				}
-				
-			}
-			String ilAssertion = oaParam.getProvideIdentityLink() ? identityLink
-					.getSerializedSamlAssertion()
-					: "";
-			if (!oaParam.getProvideStammzahl()) {
-				ilAssertion = StringUtils.replaceAll(ilAssertion, identityLink
-						.getIdentificationValue(), "");
-			}
-			String authBlock = oaParam.getProvideAuthBlock() ? session
-					.getAuthBlock() : "";
-
-			session.setAssertionAuthBlock(authBlock);
-			session.setAssertionAuthData(authData);
-			session.setAssertionBusinessService(businessService);
-			session.setAssertionIlAssertion(ilAssertion);
-			session.setAssertionPrPerson(prPerson);
-			session.setAssertionSignerCertificateBase64(signerCertificateBase64);
-
-			return authData;
-
-		} catch (Throwable ex) {
-			throw new BuildException("builder.00", new Object[] {
-					"AuthenticationData", ex.toString() }, ex);
-		}
-	}
-	
+		
 	/**
 	 * Retrieves <code>AuthenticationData</code> indexed by the SAML artifact.
 	 * The <code>AuthenticationData</code> is deleted from the store upon end of
@@ -175,10 +43,8 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	 */
 	public static AuthenticationData getSaml1AuthenticationData(String samlArtifact)
 			throws AuthenticationException {
-		String assertionHandle;
 		try {
-			assertionHandle = new SAMLArtifactParser(samlArtifact)
-					.parseAssertionHandle();
+			new SAMLArtifactParser(samlArtifact).parseAssertionHandle();
 		} catch (ParseException ex) {
 			throw new AuthenticationException("1205", new Object[] {
 					samlArtifact, ex.toString() });
@@ -188,15 +54,15 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			// System.out.println("assertionHandle: " + assertionHandle);
 						
 			try {
-				authData = (AuthenticationData) authenticationDataStore
-						.get(assertionHandle);
+				authData = authenticationDataStore
+						.get(samlArtifact, AuthenticationData.class);
 				
 			} catch (MOADatabaseException e) {
 				Logger.error("Assertion not found for SAML Artifact: " + samlArtifact);
 				throw new AuthenticationException("1206", new Object[] { samlArtifact });
-			}
-				
+			}		
 		}
+		
 		boolean keepAssertion = false;
 		try {
 			String boolStr = AuthConfigurationProvider.getInstance()
@@ -210,7 +76,7 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 					samlArtifact, ex.toString() });
 		}
 		if (!keepAssertion) {
-			authenticationDataStore.remove(assertionHandle);
+			authenticationDataStore.remove(samlArtifact);
 		}
 		
 		long now = new Date().getTime();
@@ -283,7 +149,6 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 	 * @throws AuthenticationException
 	 *             when SAML artifact is invalid
 	 */
-	@SuppressWarnings("unchecked")
 	private static void storeAuthenticationData(String samlArtifact,
 			AuthenticationData authData) throws AuthenticationException {
 
@@ -294,12 +159,12 @@ public class SAML1AuthenticationServer extends AuthenticationServer {
 			if (typeCode[0] != 0 || typeCode[1] != 1)
 				throw new AuthenticationException("auth.06",
 						new Object[] { samlArtifact });
-			String assertionHandle = parser.parseAssertionHandle();
+			parser.parseAssertionHandle();
 			
 			synchronized (authenticationDataStore) {
 				Logger.debug("Assertion stored for SAML Artifact: "
 						+ samlArtifact);
-				authenticationDataStore.put(assertionHandle, authData);
+				authenticationDataStore.put(samlArtifact, authData);
 			}
 			
 		} catch (AuthenticationException ex) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
index 93cd43651..6692f61c5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/AssertionStorage.java
@@ -62,7 +62,7 @@ public class AssertionStorage {
 		
 	}
 	 
-	public Object get(String artifact) throws MOADatabaseException {
+	public <T> T get(String artifact, final Class<T> clazz) throws MOADatabaseException {
 	 
 	  AssertionStore element = searchInDatabase(artifact);
 	  
@@ -71,7 +71,8 @@ public class AssertionStorage {
 	  
 	  //check if assertion has the correct class type 
 	  try {
-		Object test = Class.forName(element.getType()).cast(data);
+		  @SuppressWarnings("unchecked")
+		T test = (T) Class.forName(element.getType()).cast(data);
 		return test;
 		
 	  } catch (Exception e) {
@@ -80,6 +81,31 @@ public class AssertionStorage {
 	  }
 	}
 	
+	public void clean(long now, long authDataTimeOut) {
+		Date expioredate = new Date(now - authDataTimeOut);		
+		
+		Session session = HibernateUtil.getCurrentSession();
+		session.beginTransaction();
+		Query query = session.getNamedQuery("getAssertionWithTimeOut");
+		query.setTimestamp("timeout", expioredate);		
+		List<AssertionStore> results = query.list();
+		session.getTransaction().commit();
+		
+		if (results.size() != 0) {
+			for(AssertionStore result : results) {
+				try { 
+					HibernateUtil.delete(result);
+					Logger.info("Remove Assertion with Artifact=" + result.getArtifact() 
+							+ " after assertion timeout.");
+				
+				} catch (HibernateException e){
+					Logger.warn("Assertion with Artifact=" + result.getArtifact() 
+							+ " not removed after timeout! (Error during Database communication)", e);
+				}
+
+			}	
+		}	
+	}
 	 
 	public void remove(String artifact) {
 		
@@ -106,6 +132,9 @@ public class AssertionStorage {
 		  query.setString("artifact", artifact);
 		  List result = query.list();
 		  
+		  //send transaction
+		  session.getTransaction().commit();
+		  
 		  Logger.trace("Found entries: " + result.size());
 		  
 		  //Assertion requires an unique artifact
diff --git a/id/server/moa-id-commons/.classpath b/id/server/moa-id-commons/.classpath
index 9fc2de7b0..3cb77b9e0 100644
--- a/id/server/moa-id-commons/.classpath
+++ b/id/server/moa-id-commons/.classpath
@@ -30,6 +30,7 @@
 	<classpathentry kind="con" path="org.eclipse.m2e.MAVEN2_CLASSPATH_CONTAINER">
 		<attributes>
 			<attribute name="maven.pomderived" value="true"/>
+			<attribute name="org.eclipse.jst.component.nondependency" value=""/>
 		</attributes>
 	</classpathentry>
 	<classpathentry kind="output" path="target/classes"/>
diff --git a/id/server/moa-id-commons/.project b/id/server/moa-id-commons/.project
index fea8c6ede..d109c42c5 100644
--- a/id/server/moa-id-commons/.project
+++ b/id/server/moa-id-commons/.project
@@ -6,18 +6,31 @@
 	</projects>
 	<buildSpec>
 		<buildCommand>
+			<name>org.eclipse.wst.common.project.facet.core.builder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
 			<name>org.eclipse.jdt.core.javabuilder</name>
 			<arguments>
 			</arguments>
 		</buildCommand>
 		<buildCommand>
+			<name>org.eclipse.wst.validation.validationbuilder</name>
+			<arguments>
+			</arguments>
+		</buildCommand>
+		<buildCommand>
 			<name>org.eclipse.m2e.core.maven2Builder</name>
 			<arguments>
 			</arguments>
 		</buildCommand>
 	</buildSpec>
 	<natures>
+		<nature>org.eclipse.jem.workbench.JavaEMFNature</nature>
+		<nature>org.eclipse.wst.common.modulecore.ModuleCoreNature</nature>
 		<nature>org.eclipse.jdt.core.javanature</nature>
 		<nature>org.eclipse.m2e.core.maven2Nature</nature>
+		<nature>org.eclipse.wst.common.project.facet.core.nature</nature>
 	</natures>
 </projectDescription>