aboutsummaryrefslogtreecommitdiff
path: root/id.server/data/abnahme-test/xmldata/A300
diff options
context:
space:
mode:
Diffstat (limited to 'id.server/data/abnahme-test/xmldata/A300')
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml25
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml121
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml37
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml133
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml28
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml124
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml40
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml136
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml25
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml52
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml25
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml52
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml28
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml52
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml62
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml13
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml59
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml65
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml65
-rw-r--r--id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml94
38 files changed, 2298 insertions, 0 deletions
diff --git a/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml
new file mode 100644
index 000000000..03b1fbd3f
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A301/AuthenticationData.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml
new file mode 100644
index 000000000..39d9a864b
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A301/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml
new file mode 100644
index 000000000..db46fb127
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A302/AuthenticationData.xml
@@ -0,0 +1,121 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM
+A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a
+f2daYYuO8dycQw3xg6U=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp
+AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn
+pIpdAwR9sw5xnIvTySc=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute></saml:AttributeStatement>
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz
+5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP
+3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w
+MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU
+ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3
++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0
+lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY
+hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB
+ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy
+IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII
+NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ
+etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2
+fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN
+aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0
+Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w
+MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU
+ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia
+2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S
+BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB
+AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC
+MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl
+aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB
+BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ
+BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl
+ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv
+7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx
+MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK
+FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh
+bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg
+UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk
+QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW
+nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e
+vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB
+/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB
+MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg
+VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj
+v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp
+lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv
+RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr
+BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7
+kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml
new file mode 100644
index 000000000..804a27e92
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A302/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml
new file mode 100644
index 000000000..12cfbb668
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A303/AuthenticationData.xml
@@ -0,0 +1,37 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml
new file mode 100644
index 000000000..2067a40c7
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A303/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="true" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml
new file mode 100644
index 000000000..7e05dbfe1
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A304/AuthenticationData.xml
@@ -0,0 +1,133 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM
+A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a
+f2daYYuO8dycQw3xg6U=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp
+AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn
+pIpdAwR9sw5xnIvTySc=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute></saml:AttributeStatement>
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz
+5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP
+3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w
+MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU
+ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3
++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0
+lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY
+hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB
+ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy
+IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII
+NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ
+etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2
+fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN
+aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0
+Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w
+MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU
+ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia
+2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S
+BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB
+AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC
+MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl
+aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB
+BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ
+BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl
+ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv
+7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx
+MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK
+FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh
+bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg
+UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk
+QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW
+nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e
+vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB
+/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB
+MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg
+VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj
+v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp
+lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv
+RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr
+BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7
+kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml
new file mode 100644
index 000000000..bc1bc17ce
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A304/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="true" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml
new file mode 100644
index 000000000..124f7e5d0
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A305/AuthenticationData.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml
new file mode 100644
index 000000000..7a2ed2017
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A305/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml
new file mode 100644
index 000000000..9b39890d1
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A306/AuthenticationData.xml
@@ -0,0 +1,124 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM
+A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a
+f2daYYuO8dycQw3xg6U=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp
+AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn
+pIpdAwR9sw5xnIvTySc=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute></saml:AttributeStatement>
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz
+5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP
+3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w
+MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU
+ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3
++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0
+lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY
+hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB
+ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy
+IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII
+NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ
+etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2
+fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN
+aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0
+Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w
+MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU
+ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia
+2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S
+BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB
+AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC
+MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl
+aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB
+BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ
+BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl
+ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv
+7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx
+MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK
+FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh
+bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg
+UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk
+QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW
+nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e
+vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB
+/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB
+MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg
+VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj
+v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp
+lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv
+RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr
+BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7
+kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml
new file mode 100644
index 000000000..3750de781
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A306/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="false" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml
new file mode 100644
index 000000000..499a3908e
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A307/AuthenticationData.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml
new file mode 100644
index 000000000..7400f791a
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A307/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml
new file mode 100644
index 000000000..32b3d31f9
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A308/AuthenticationData.xml
@@ -0,0 +1,136 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData><saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' MajorVersion='1' MinorVersion='0' Issuer='Hermann Muster' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:8443/auth</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName='Geschäftsbereich' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='OA' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion><saml:Assertion AssertionID="zmr.bmi.gv.at-AssertionID-2003-02-12T20:28:34.474" IssueInstant="2003-02-12T20:28:34.474" Issuer="http://zmr.bmi.gv.at/zmra/names#Issuer" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData>
+ <pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person>
+ </saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>0v1Ftf7WXgoexx0Jo/GrlExHOHnQIEQ5FFSjptLRd5BN1mZYRg2S9KfOMbHSCsiPm8AwjAEwE5EM
+A6P18Z/YyTIuP7fNGzckbB5PYIgNMHL8/TYJhHA8CjamsBrEfYDXivE8iAvALg5I9RMLZADmzL7a
+f2daYYuO8dycQw3xg6U=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="http://www.buergerkarte.at/namespaces/personenbindung/20020506#">
+ <saml:AttributeValue>
+ <dsig:RSAKeyValue xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+ <dsig:Modulus>i2qa56X4fpYeXqFLXAcQljGU3+DWnVgNrAxI9gn2bMeFWtLXE2SFa6qvl9EymUl0noBlFn0q9DWp
+AsyeLnRhzCAXJeSxiwsUEloOvcQCV0DfW2UVq0Y9bVlJ8KifJ2AS+5BxZ21mkc/VYx5Qz6EYjPrn
+pIpdAwR9sw5xnIvTySc=</dsig:Modulus>
+ <dsig:Exponent>AQAB</dsig:Exponent>
+ </dsig:RSAKeyValue>
+ </saml:AttributeValue>
+ </saml:Attribute></saml:AttributeStatement>
+<dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>s7TfoZrYo36OMdlxGxuIfAw/wr8=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"><dsig:XPath>ancestor-or-self::dsig:Manifest</dsig:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>dO+RSn4xLHT3cuq8uopFtZyUBqo=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>MFbZ5wA5cq0UezYFDXted5uqXubWFxxRwZawGh73XEAGxAbJsT/IEQmrTQThPRHNWW5RPGxVlPDz
+5BmjberdaWlgJlbyKf3b/WpNNJYptQ7ijrXlsQoCzjfiQy37NEfvHEcxHQOA6sa42C+dFKsKIvmP
+3mZkRYWJDxxsVzI7E+Y=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDaDCCAtWgAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTE5NDRaFw0w
+MzEyMzEyMjU5MzBaMIGOMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxGzAZBgNVBAMTEk1PQSBU
+ZXN0IENBIC0gUm9vdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAjHuFphE3
++UkTe2OcIFWUDLzhPl1j2dH4sMPAhDK09/0i+aWrdtQW9yHktu/7+LTiCiPeevT0
+lGMGDcWMSoSm66tYmpxei6YojCFIaVdJFtXZ7x1o7e7jTDVRLMfdZ5lI1sQ7loIY
+hOE0OmlYOkn4AI6xMtJtsca45rV8wW7qm8kCAwEAAaOB2zCB2DAPBgNVHRMBAf8E
+BTADAQH/MA4GA1UdDwEB/wQEAwIBBjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAnsB
+ATBCMEAGCCsGAQUFBwICMDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxy
+IFRlc3R6d2Vja2UgZ2VlaWduZXQuMB0GA1UdDgQWBBRDC612dCgZetTmAKyV6DII
+NkOoYTAWBgcqKAAKAQEBBAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZ
+etTmAKyV6DIINkOoYTAJBgUrDgMCHQUAA4GBAHj0xBNWGYLijaocjOX1AkL+r+G2
+fZsX4z3S/2eEvtUp+EUHaOPMLTS0MIP1nwj5f4ZluAIrDLXihqMdi4xRv0W6QYbN
+aDxICNz3/QbrzMlFPeC8odesdRlT+GGswX0ZGUtVIZm1HVhxRk5ZEW2pr2afo5c0
+Btxup/kgjGMnnS7C</dsig:X509Certificate><dsig:X509Certificate>MIIDiTCCAvagAwIBAgIBADAJBgUrDgMCHQUAMIGOMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+GzAZBgNVBAMTEk1PQSBUZXN0IENBIC0gUm9vdDAeFw0wMzAyMTExNTI1MTRaFw0w
+MzEyMzEyMjU5MzBaMIGZMQswCQYDVQQGEwJBVDE9MDsGA1UEChQ0QnVuZGVzbWlu
+aXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5nIHVuZCBTcG9ydDEjMCEG
+A1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMxJjAkBgNVBAMTHU1PQSBU
+ZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCB
+iQKBgQCw7ULOYSNji09Ein7Ar4j3Rjxjq05spBmZDmbSomEZMnGEtVTyIRzKc8ia
+2kcXUMz5MEoFaVmvqRim31m20T21uvHFIs86gqzC/prOAz7V7HWok5F+9M/5gR1S
+BvpdqiEAXYeRXFPiOe8XSmpwhic7+n2jfuoBeYiRBEMGoP1DkwIDAQABo4HxMIHu
+MBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgHGMBEGCWCGSAGG+EIB
+AQQEAwIBAjBdBgNVHSAEVjBUMFIGDCsGAQQBlRIBAgMBATBCMEAGCCsGAQUFBwIC
+MDQaMkRpZXNlcyBaZXJ0aWZpa2F0IGlzdCBudXIgZvxyIFRlc3R6d2Vja2UgZ2Vl
+aWduZXQuMB0GA1UdDgQWBBSeRWvUfxEjKZSfxImJr/fpBDtMmTAWBgcqKAAKAQEB
+BAsMCUJNT0xTLUlLVDAfBgNVHSMEGDAWgBRDC612dCgZetTmAKyV6DIINkOoYTAJ
+BgUrDgMCHQUAA4GBAIMa4C2z3SbkcjEiMNAsHKaKUCJkBbMtNaab6U/cwwYmG6nl
+ga7xyEmbfY2SKzOqkcIwuv83Tma3rcr1f+OLUeGUaGLHt2Pl1a/s8BZGQZHWvLXv
+7hV4RceEUHzVGAfvDD8iBJqBmfq/z/fBPFsgSup4nO1YECkDYfQ+sqCIP4ik</dsig:X509Certificate><dsig:X509Certificate>MIIDZzCCAtSgAwIBAgIBADAJBgUrDgMCHQUAMIGZMQswCQYDVQQGEwJBVDE9MDsG
+A1UEChQ0QnVuZGVzbWluaXN0ZXJpdW0gZvxyIPZmZmVudGxpY2hlIExlaXN0dW5n
+IHVuZCBTcG9ydDEjMCEGA1UECxMaSUtULVN0YWJzc3RlbGxlIGRlcyBCdW5kZXMx
+JjAkBgNVBAMTHU1PQSBUZXN0IENBIC0gU2lnbmF0dXJkaWVuc3RlMB4XDTAzMDIx
+MTE1MzI0NVoXDTAzMDgxMTE0MzI0NVowgYUxCzAJBgNVBAYTAkFUMSYwJAYDVQQK
+FB1CdW5kZXNtaW5pc3Rlcml1bSBm/HIgSW5uZXJlczEgMB4GA1UECxMXWmVudHJh
+bGVzIE1lbGRlcmVnaXN0ZXIxLDAqBgNVBAMTI1Rlc3QgU2lnbmF0dXJkaWVuc3Qg
+UGVyc29uZW5iaW5kdW5nMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEzkpk
+QjbGjZwssN1+vMBE/ALMcA8LWFcILI3uxXaTSWGfTiLo9ECfzjuwYJG7FjEaeWrW
+nPEcp4VfMNocrm3T7Hw/ikpE5/+FsfTzD4MpIwwUPd/CUfA5vDNXK5CiP7qKKR1e
+vATO2s6lfDul+CS/eEbwzKmUQvZGrJggxg2m5wIDAQABo4HYMIHVMAwGA1UdEwEB
+/wQCMAAwDgYDVR0PAQH/BAQDAgbAMF0GA1UdIARWMFQwUgYMKwYBBAGVEgECAwEB
+MEIwQAYIKwYBBQUHAgIwNBoyRGllc2VzIFplcnRpZmlrYXQgaXN0IG51ciBm/HIg
+VGVzdHp3ZWNrZSBnZWVpZ25ldC4wHQYDVR0OBBYEFIpEyv43H3EtiGr4I7Z34bWj
+v2z6MBYGByooAAoBAQEECwwJQk1PTFMtSUtUMB8GA1UdIwQYMBaAFJ5Fa9R/ESMp
+lJ/EiYmv9+kEO0yZMAkGBSsOAwIdBQADgYEAfMBJRy/kp8HQa0lGIBfFrWNpxVPv
+RsIu+N4IiFrswrsoQoMAh6IqNyzSdq7rJC08xsDkXe5HOwkb+2zGKYoC3aQ/J/zr
+BGkg6ec4tOaS/VSdEQeTL1L30r2faTffWLUV3GrzL7pM7jN470hB1w8F6Hc3LCI7
+kFfp23o/juVtJNw=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object><dsig:Manifest><dsig:Reference URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>BqzfCB7dNg4G3u4YaxpD1tALdKI=</dsig:DigestValue></dsig:Reference></dsig:Manifest></dsig:Object></dsig:Signature></saml:Assertion></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+ <pr:Identification>
+ <pr:Value>123456789012</pr:Value>
+ <pr:Type>http://reference.e-government.gv.at/names/persondata/20020228#zmr-zahl</pr:Type>
+ </pr:Identification>
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>true</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml
new file mode 100644
index 000000000..b6b42f267
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A308/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml
new file mode 100644
index 000000000..b3e27002e
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A309/AuthenticationData.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>false</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml
new file mode 100644
index 000000000..9e523773a
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A309/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..184615e91
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A309/CreateXMLSignatureResponse.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>DlzOL10xqFzEPMGWmenuvyqB3+c=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>Mx68y1JK5jtEyp10w/9p5FYq0Ro5JsjOHQREag5DAfMW5Mf+6qapTjvO+eDZXYub
+Vjzph+QgxIhwfFQtrrM9M9ftuHWtD+HeVaexWNkApOBzijdTjZAS4lph4WM5wJ3M
+/vUhCJzQzC1scg7xRdNGd+aszMtksWKJpPw4oI0PayE=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID1zCCA0SgAwIBAgIGAPMkfTU7MAkGBSsOAwIdBQAwgawxCzAJBgNVBAYTAkFU
+MSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UE
+CxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBh
+bmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAsTDElBSUsgVGVzdCBDQTEVMBMGA1UE
+AxMMSUFJSyBUZXN0IENBMB4XDTAzMDIwMzE2MjA1NVoXDTAzMTIzMDIyNTkzMFow
+gZgxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD
+SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp
+b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGDAWBgNVBAMUD0lzb2xk
+ZSBC/HJnZXJpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA53m0qng6O9zV
+IAuJ22Ps91X+pddhMiA9P0QusMexQ+QEkfe43nEFIToUZ3uuoAQFd+n4MXM6D68t
+ZctGU5O4W5Aq/bEjI4efIHS0EThzgNAymqmT9Z9IIEhqm/1jhQ4SXTW33y3Xn3lx
+26DiTeApftuQB388YlV+Rs+rTyF9iRUCAwEAAaOCARwwggEYMAwGA1UdEwEB/wQC
+MAAwDgYDVR0PAQH/BAQDAgbAMBEGCWCGSAGG+EIBAQQEAwIFIDBnBgNVHSAEYDBe
+MFwGDCsGAQQBlRIBAnsBATBMMEoGCCsGAQUFBwICMD4aPFRoaXMgY2VydGlmaWNh
+dGUgb25seSBtYXkgYmUgdXNlZCBmb3IgZGVtb25zdHJhdGlvbiBwdXJwb3NlczA8
+BgNVHR8ENTAzMDGgL6AthitodHRwOi8vd3d3LmlhaWsuYXQvdGVzdENBL2lhaWtf
+dGVzdF9zaWcuY3JsMB0GA1UdDgQWBBQoOuoIxS8M1o/DTZkJUs0lnN5A7TAfBgNV
+HSMEGDAWgBRMILBWAgz3iAqWiKUUtFHMOrXyvzAJBgUrDgMCHQUAA4GBACY81o8m
+zb8YCuTMgeplySm5nAkxjsv1T5n/Hzz1cLfSDJZ0HyNTVx/GDszY+Dx28MdW+6DL
+o9nWPSE/4P+k9HXJe/wEyAv44OrjvpzGGKjqoc3X8v4rzMo6MBRNluu0m3y1pktT
+V/q4aiWD/nbGXdrn/AoKAvOSAQ3Qe6X+dT/1</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:37</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>dL59VDpBsujcngd207z0ohPl1/U=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1044289238331</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+ </saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml
new file mode 100644
index 000000000..b3e27002e
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A310/AuthenticationData.xml
@@ -0,0 +1,25 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>false</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml
new file mode 100644
index 000000000..9e523773a
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A310/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..e004eb74c
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A310/CreateXMLSignatureResponse.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>Q2VhPYhMbwz4beILYjMDmBsurLQ=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>lr5L9hxi1rvdm5vT9WpG8yYKv1TIjPrONJUv6O4lTUyC4E8L4nwx8mMFPd8Q7jNb
+WmMmaDCl0uZYOATdu/x2t5wYOYreBUpka3J3wPTIJhMJQwaMMu3rHM3Ewn+1Wlsw
+6VED3ZWKAmI+12Mto5RLbD5BU6757Tx42YuCkw9glZM=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIID5zCCA1SgAwIBAgIGAPR8iAdPMAkGBSsOAwIdBQAwgawxCzAJBgNVBAYTAkFU
+MSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVDSE5PTE9HWTFHMEUGA1UE
+CxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRpb24gUHJvY2Vzc2luZyBh
+bmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAsTDElBSUsgVGVzdCBDQTEVMBMGA1UE
+AxMMSUFJSyBUZXN0IENBMB4XDTAzMDQxMTExNDIwNVoXDTAzMTIzMDIyNTkzMFow
+gZgxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD
+SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp
+b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxGDAWBgNVBAMUD0lzb2xk
+ZSBC/HJnZXJpbjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0bdQqA5YFf32
+OjaZo01tpAsP/Kgor6sWGLQj2uBrQDOAOymVkIPtv4C9XQ1tH8EUexgbYI1QpE9V
+ODvoo49Bi6u9hYnlDFj+8EgQoDCmqFSy/jzwLVnRL7jwN96uAyU5WymEdPWgHRpT
+6oDxYs36MJ7+iWQISA6nl3/QTI4wnJcCAwEAAaOCASwwggEoMAwGA1UdEwEB/wQC
+MAAwDgYDVR0PAQH/BAQDAgbAMBEGCWCGSAGG+EIBAQQEAwIFIDBnBgNVHSAEYDBe
+MFwGDCsGAQQBlRIBAnsBATBMMEoGCCsGAQUFBwICMD4aPFRoaXMgY2VydGlmaWNh
+dGUgb25seSBtYXkgYmUgdXNlZCBmb3IgZGVtb25zdHJhdGlvbiBwdXJwb3NlczA8
+BgNVHR8ENTAzMDGgL6AthitodHRwOi8vd3d3LmlhaWsuYXQvdGVzdENBL2lhaWtf
+dGVzdF9zaWcuY3JsMB0GA1UdDgQWBBTehKfLADylQ4B6DyYKvUG1+pHZzzAOBgcq
+KAAKAQEBBAMBAf8wHwYDVR0jBBgwFoAUTCCwVgIM94gKloilFLRRzDq18r8wCQYF
+Kw4DAh0FAAOBgQBw2mE3PxdtcSDwCTglkNt7ww4IGmWnUCYUiV8x/lcwWdXhcnRM
+lsjmOYi0vFiV8ne6x8fI6WMQLmHQMTfra+tEBrsHOlhISz5F5VGVfj/w6DcTC2HH
+wGaIkTqAu6GZ+bu8OpXYSIZEy4ZSMTWWnomses0LyrXqmWNWh1InVjAPiw==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:39</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>YrSnK0/o4nCtqxK1IpJF2Qy4ZQc=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1050061309775</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+ </saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml b/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml
new file mode 100644
index 000000000..8a66f40cf
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A311/AuthenticationData.xml
@@ -0,0 +1,28 @@
+<?xml version="1.0" encoding="UTF-8" ?>
+<saml:Assertion xmlns:saml='urn:oasis:names:tc:SAML:1.0:assertion' xmlns:pr='http://reference.e-government.gv.at/namespace/persondata/20020228#' xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' MajorVersion='1' MinorVersion='0' Issuer='https://localhost:8443/auth' >
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier NameQualifier='http://reference.e-government.gv.at/names/vpk/20020221#'>kp6hOq6LRAkLtrqm6EvDm6bMwJw=</saml:NameIdentifier>
+ <saml:SubjectConfirmation>
+ <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+ <saml:SubjectConfirmationData></saml:SubjectConfirmationData>
+ </saml:SubjectConfirmation>
+ </saml:Subject>
+ <saml:Attribute AttributeName='PersonData' AttributeNamespace='http://reference.e-government.gv.at/namespace/persondata/20020228#'>
+ <saml:AttributeValue><pr:Person xsi:type="pr:PhysicalPersonType">
+
+ <pr:Name>
+ <pr:GivenName>Hermann</pr:GivenName>
+ <pr:FamilyName primary="undefined">Muster</pr:FamilyName>
+ </pr:Name>
+ <pr:DateOfBirth>1968-10-22</pr:DateOfBirth>
+ </pr:Person></saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isQualifiedCertificate' AttributeNamespace='http://reference.e-government.gv.at/namespace/moa/20020822#'>
+ <saml:AttributeValue>false</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName='isPublicAuthority' AttributeNamespace='urn:oid:1.2.40.0.10.1.1.1'>
+ <saml:AttributeValue>Musterbehörde</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement>
+</saml:Assertion> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml
new file mode 100644
index 000000000..9e523773a
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A311/Configuration.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <BKUSelection BKUSelectionAlternative="HTMLSelect">
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ </ConnectionParameter>
+ </BKUSelection>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Isolde B\C3\BCrgerin,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</X509SubjectName>
+ <X509SubjectName>CN=Max Mustermann,O=Musterorganisation,STREET=Mustergasse 1,L=Wien,ST=Wien,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="AuthComponentURL">
+ <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore>
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20" loginParameterResolverImpl="StringloginParameterResolverImpl2" connectionBuilderImpl="StringconnectionBuilderImpl2">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="authenticationSessionTimeOut" value="600"/>
+ <GenericConfiguration name="authenticationDataTimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..f7346ad2b
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A311/CreateXMLSignatureResponse.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-23T09:52:28+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://moatestlinux:18443/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-1-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='OA']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName='Geschäftsbereich']/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ue7o7gdb1tN1eNQ/PTK2zBa4tzc=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id('etsi-signed-1-1')/child::etsi:QualifyingProperties/child::etsi:SignedProperties)"><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>nSqJkplafvE6SpfL0JP5Tbanh3Y=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>V5m5I1QA+NXzhU64G/I1vT8LAoWqaoHm2Ck807U8SVG668NmjH4wrfTln+Shx0HD
++q4c2NAb6ZFzTUQ190RlRgvEM0cvtCSpn7/AcJaBd5WuUYPRLPEmP8ca4xhLGi1t
+XZQCTpTLLnRI+5Yf5HJqc1lfs5Pkv9hQZ9W55eJgmiA=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIDwTCCAy6gAwIBAgIVAOn21xTCfievvs3qbq8HRBHjXjNPMAkGBSsOAwIdBQAw
+gZUxCzAJBgNVBAYTAkFUMSYwJAYDVQQKEx1HUkFaIFVOSVZFUlNJVFkgT0YgVEVD
+SE5PTE9HWTFHMEUGA1UECxM+SW5zaXR1dGUgZm9yIEFwcGxpZWQgSW5mb3JtYXRp
+b24gUHJvY2Vzc2luZyBhbmQgQ29tbXVuaWNhdGlvbnMxFTATBgNVBAMTDElBSUsg
+VGVzdCBDQTAeFw0wMjExMTUwOTQwNTBaFw0wMzEyMzEyMjU5MzBaMHkxCzAJBgNV
+BAYTAkFUMQ0wCwYDVQQIEwRXaWVuMQ0wCwYDVQQHEwRXaWVuMRYwFAYDVQQJEw1N
+dXN0ZXJnYXNzZSAxMRswGQYDVQQKExJNdXN0ZXJvcmdhbmlzYXRpb24xFzAVBgNV
+BAMTDk1heCBNdXN0ZXJtYW5uMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDw
+Dxgoc53OFRWuZcGRkuZYYHxTeM7tLoH+9eFpqtokWHruFNn49JNWNdU2PMPeXezO
+6eYwz/214/EB/SvCx5ZRlLC7GikqUX0UyK/r36zq9Q5nOMFfSoG48hEIjzAUWnc4
+FIePYW7hdb0/nW+1CKVdpmsGHChJoN7SCiVvY0eyAQIDAQABo4IBLjCCASowDAYD
+VR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCB4AwZwYDVR0gBGAwXjBcBgwrBgEEAZUS
+AQIDAQEwTDBKBggrBgEFBQcCAjA+GjxUaGlzIGNlcnRpZmljYXRlIG1heSBiZSB1
+c2VkIGZvciBkZW1vbnN0cmF0aW9uIHB1cnBvc2VzIG9ubHkwLwYDVR0RBCgwJoEk
+bWF4Lm11c3Rlcm1hbm5AbXVzdGVyb3JnYW5pc2F0aW9uLmF0MB0GA1UdDgQWBBTp
+9tcUwn4nr77N6m6vB0MgXEvH5TAbBgcqKAAKAQEBBBAMDk11c3RlcmJlaMO2cmRl
+MBMGA1UdJQQMMAoGCCsGAQUFBwMEMB8GA1UdIwQYMBaAFOtWHOnph3q+vzHzdX8q
+/qzlQNOOMAkGBSsOAwIdBQADgYEALbC1Ibymb3DWwB+pEezrt87+r3xi+JGFxkt0
+tw0tOoe+ejSY8AhSuY3LseLdPNDnTtlg/GlkzijCFxBHPgUKhGokA91qIoV++fZt
+3/pxjSVxl+elGDCx9WcrXB5L7m5mxSMgYGOZH2UUlFZQvtKXxU4KrXCXkQVTsg9g
+RWizwj4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="etsi-signed-1-1"><etsi:QualifyingProperties Target="#signature-1-1" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-25T10:36:40</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>pMBCPXFi69dO65GgzApHN4TxtvM=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=IAIK Test CA,OU=Insitute for Applied Information Processing and Communications,O=GRAZ UNIVERSITY OF TECHNOLOGY,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>1335699569126441074835341742398412708010421793615</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-1-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+ </saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..b9e0e0f9c
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A355/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="A" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..4ef49034c
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A356/CreateXMLSignatureResponse.xml
@@ -0,0 +1,62 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost2:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..4fe3c4b2b
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A357/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="gb" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..4736c5dc3
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A358/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://wrong.namespace.com">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://wrong.namespace.com">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..7664fbe33
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A359/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>noTarget</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..a7ef7a637
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A360/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="noOA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..4736c5dc3
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A361/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://wrong.namespace.com">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://wrong.namespace.com">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..6e8393033
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A362/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>WRONG</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..96032998a
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A363/CreateXMLSignatureResponse.xml
@@ -0,0 +1,13 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8080/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement></saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..ba2749cda
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A364/CreateXMLSignatureResponse.xml
@@ -0,0 +1,59 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-04-02T14:55:27+02:00" Issuer="Hermann Muster" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>http://localhost:8081/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>https://localhost:9443/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+<html>
+<body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+<table border="1">
+<tr><td><b>Name:</b></td><td><xsl:value-of select="//@Issuer"/></td></tr>
+<tr><td><b>Zeit:</b></td><td><xsl:value-of select="//@IssueInstant"/></td></tr>
+<tr><td><b>Applikation:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Geschäftsbereich:</b></td><td><xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/></td></tr>
+<tr><td><b>Anmeldeserver:</b></td><td><xsl:value-of select="//saml:NameIdentifier"/></td></tr>
+</table>
+</body>
+</html>
+</xsl:template>
+</xsl:stylesheet></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>us9gT0wkEOgg2KCLGT5Z4i0tW30=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>c/r6XEssLoHZerXUdQQUKvZ/aVY=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>fCl9QrTFBxygAnRFEJZU/mHuKNgQip50IrjBJKI79+L2XBR1W0M41akciraauQ0n
+FkIJPL4wnoupoXeWrpt7ycp9xMHVdZUNYXiPStHhi0ElhFppPjaN6Mn+1W25ofy0
+YRapLXeDdGIxe5wSgTTBhAWbJAgusQ8bQY9vZnyW8TU=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTcwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzIwNThaFw0wNjAyMTAxMzIwNThaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTQgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BNDEVMBMGA1UEBRMMNzkwMTg3NDYxNjMz
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDS/UW1/tZeCh7HHQmj8auUTEc4
+edAgRDkUVKOm0tF3kE3WZlhGDZL0p84xsdIKyI+bwDCMATATkQwDo/Xxn9jJMi4/
+t80bNyRsHk9giA0wcvz9NgmEcDwKNqawGsR9gNeK8TyIC8AuDkj1EwtkAObMvtp/
+Z1phi47x3JxDDfGDpQIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECE4DxL9ky4M+MA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uNEBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAioVvsZN+NnQxXMTGdjKveTBMRTYzHflkSC8lI9XXltP5+mjIuoB2
+Tn6voovA8dXz9jTsnQt8f8ye0CL2bSS9UVD1jv8So3bavquW+HlkZBAZvL39APNL
+PjUUnWn0QOnrQAJ6W47UwGAUgEw3KcBcJaEa4Xb/8kUj618xGzWl6X0mKsVpxkrf
++5Cj+nmwDqChll08/90MmhSY4M5FrvmQ9GjAN5FHVsk0FPp02tKCRzoBJtzpB1DW
+KHlgiDHUAXy5eD0XI7PXebPNZ4InvY/jC/IH8PRLdJT249YQmUxZ4neTtFDvb8C1
+Qh6k725fh3hVxqX8ZwwWj9+iGQVk53K3CA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-04-02T12:55:33Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>Frhu1o4mL4gQHdJcU0xSA/h4COE=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6455</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file
diff --git a/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml
new file mode 100644
index 000000000..9a358e434
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A366/Configuration.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile2</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <!--<X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>-->
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="http://localhost:9080/moa-id-auth/services/GetAuthenticationData">
+ <!-- <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> -->
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="http://localhost:9080/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfBasicAuth.xml" sessionTimeOut="10">
+ <ConnectionParameter URL="ProxyComponentURL">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="data/test/certs/cert-store-root"/>
+ <GenericConfiguration name="TLSTrustedCACertificates" value="file:c:/java/id.server/data/test/certs/ca-certs"/>
+ <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/>
+ <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml
new file mode 100644
index 000000000..5aade8185
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A367/Configuration.xml
@@ -0,0 +1,65 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<!-- edited with XMLSPY v5 U (http://www.xmlspy.com) by Jack (-none-) -->
+<MOA-IDConfiguration xmlns="http://www.buergerkarte.at/namespaces/moaconfig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:sl10="http://www.buergerkarte.at/namespaces/securitylayer/20020225#" xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#">
+ <AuthComponent>
+ <SecurityLayer>
+ <TransformsInfo filename="file:data/abnahme-test/conf/transforms/TransformsInfosHTML.xml"/>
+ </SecurityLayer>
+ <MOA-SP>
+ <ConnectionParameter URL="http://localhost:8080/moa-spss/services/">
+ <AcceptedServerCertificates>http://AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="Keystore Pass">URLtoClientKeystoreAUTH</ClientKeyStore>
+ </ConnectionParameter>
+ <VerifyIdentityLink>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ </VerifyIdentityLink>
+ <VerifyAuthBlock>
+ <TrustProfileID>TrustProfile1</TrustProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile1MOAID</VerifyTransformsInfoProfileID>
+ <VerifyTransformsInfoProfileID>TransformsInfoProfile3MOAID</VerifyTransformsInfoProfileID>
+ </VerifyAuthBlock>
+ </MOA-SP>
+ <IdentityLinkSigners>
+ <X509SubjectName>CN=Test Signaturdienst Personenbindung,OU=Zentrales Melderegister,O=Bundesministerium f\C3\BCr Inneres,C=AT</X509SubjectName>
+ <X509SubjectName>CN=MOA Test CA - Signaturdienste,OU=IKT-Stabsstelle des Bundes,O=Bundesministerium für öffentliche Leistung und Sport,C=AT</X509SubjectName>
+ <!--<X509SubjectName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</X509SubjectName>-->
+ <X509SubjectName>serialNumber=790187461633,givenName=Testperson MOA4,SN=BRZ,CN=Testperson MOA4 BRZ,C=AT</X509SubjectName>
+ </IdentityLinkSigners>
+ </AuthComponent>
+ <ProxyComponent>
+ <AuthComponent>
+ <ConnectionParameter URL="http://localhost:9080/moa-id-auth/services/GetAuthenticationData">
+ <!-- <AcceptedServerCertificates>http://www.altova.com</AcceptedServerCertificates>
+ <ClientKeyStore password="String">http://www.altova.com</ClientKeyStore> -->
+ </ConnectionParameter>
+ </AuthComponent>
+ </ProxyComponent>
+ <OnlineApplication publicURLPrefix="http://localhost:8080/moa-id-proxy/">
+ <AuthComponent provideZMRZahl="false" provideAUTHBlock="false" provideIdentityLink="false"/>
+ <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfBasicAuth.xml" sessionTimeOut="10">
+ <ConnectionParameter URL="ProxyComponentURL">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss">URL:toClientKeystoreOA</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <OnlineApplication publicURLPrefix="https://localhost:9443/">
+ <AuthComponent provideZMRZahl="true" provideAUTHBlock="true" provideIdentityLink="true"/>
+ <ProxyComponent configFileURL="file:data/abnahme-test/conf/OAConfHeaderAuth.xml" sessionTimeOut="20">
+ <ConnectionParameter URL="ProxyComponentURL2">
+ <AcceptedServerCertificates>url:AcceptedServerCertificates2</AcceptedServerCertificates>
+ <ClientKeyStore password="ClientKeystoreOAPAss2">URL:toClientKeystoreOA2</ClientKeyStore>
+ </ConnectionParameter>
+ </ProxyComponent>
+ </OnlineApplication>
+ <ChainingModes systemDefaultMode="pkix">
+ <TrustAnchor mode="chaining">
+ <dsig:X509IssuerName>CN=A-Trust-nQual-0,OU=A-Trust-nQual-0,O=A-Trust,C=AT</dsig:X509IssuerName>
+ <dsig:X509SerialNumber>536</dsig:X509SerialNumber>
+ </TrustAnchor>
+ </ChainingModes>
+ <GenericConfiguration name="DirectoryCertStoreParameters.RootDir" value="data/test/certs/cert-store-root"/>
+ <GenericConfiguration name="TLSTrustedCACertificates" value="file:c:/java/id.server/data/test/certs/ca-certs"/>
+ <GenericConfiguration name="AuthenticationSession.TimeOut" value="600"/>
+ <GenericConfiguration name="AuthenticationData.TimeOut" value="120"/>
+</MOA-IDConfiguration>
diff --git a/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml b/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml
new file mode 100644
index 000000000..ec8cefe99
--- /dev/null
+++ b/id.server/data/abnahme-test/xmldata/A300/A367/CreateXMLSignatureResponse.xml
@@ -0,0 +1,94 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<sl11:CreateXMLSignatureResponse xmlns:sl11="http://www.buergerkarte.at/namespaces/securitylayer/20020831#"><saml:Assertion AssertionID="any" IssueInstant="2003-05-20T10:30:56+02:00" Issuer="Monika Bürger" MajorVersion="1" MinorVersion="0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+ <saml:AttributeStatement>
+ <saml:Subject>
+ <saml:NameIdentifier>https://localhost:8443/moa-id-auth/</saml:NameIdentifier>
+ </saml:Subject>
+ <saml:Attribute AttributeName="Geschäftsbereich" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>gb</saml:AttributeValue>
+ </saml:Attribute>
+ <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+ <saml:AttributeValue>http://localhost:8080/moa-id-proxy/</saml:AttributeValue>
+ </saml:Attribute>
+ </saml:AttributeStatement><dsig:Signature Id="HS_signature" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference Id="reference-data-1" URI=""><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/><dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116"><xsl:stylesheet version="1.0" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+ <xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+ <html>
+ <body>
+Bitte bestätigen Sie mit Ihrer Unterschrift folgende Angaben:
+<br/>
+ <table border="1">
+ <tr>
+ <td>
+ <b>Name:</b>
+ </td>
+ <td>
+ <xsl:value-of select="//@Issuer"/>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <b>Zeit:</b>
+ </td>
+ <td>
+ <xsl:value-of select="//@IssueInstant"/>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <b>Applikation:</b>
+ </td>
+ <td>
+ <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OA&apos;]/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <b>Geschäftsbereich:</b>
+ </td>
+ <td>
+ <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;Geschäftsbereich&apos;]/saml:AttributeValue"/>
+ </td>
+ </tr>
+ <tr>
+ <td>
+ <b>Anmeldeserver:</b>
+ </td>
+ <td>
+ <xsl:value-of select="//saml:NameIdentifier"/>
+ </td>
+ </tr>
+ </table>
+ </body>
+ </html>
+ </xsl:template>
+ </xsl:stylesheet></dsig:Transform><dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>Vmmkctd+R7lkSKftZO1UnenfWi0=</dsig:DigestValue></dsig:Reference><dsig:Reference Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#refetsi"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2002/06/xmldsig-filter2"><xf2:XPath Filter="intersect" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#" xmlns:xf2="http://www.w3.org/2002/06/xmldsig-filter2">id(&apos;refetsi&apos;)/etsi:QualifyingProperties/etsi:SignedProperties</xf2:XPath></dsig:Transform></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>vfTksPSWSacTaSWnvybsm8iV80o=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>wIqspNC5KqReKNMNO7PIemxSKwGId1HIp5r6FFtuj099C304xR5fZoCoC2Zyk6di
+bnoh+rRk9oZFeGoWvhb/JADGgtia7VUO4qc3suCNVpikRgiG5K8LXMGS3w+1wUFb
+JIkDKLuDxmXApG+BEEQXmE07zfwAzRbVBmunpWnG/us=</dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIFJTCCBA2gAwIBAgICGTkwDQYJKoZIhvcNAQEFBQAwgaExCzAJBgNVBAYTAkFU
+MUgwRgYDVQQKEz9BLVRydXN0IEdlcy4gZi4gU2ljaGVyaGVpdHNzeXN0ZW1lIGlt
+IGVsZWt0ci4gRGF0ZW52ZXJrZWhyIEdtYkgxIzAhBgNVBAsTGmEtc2lnbi1URVNU
+LVByZW1pdW0tRW5jLTAxMSMwIQYDVQQDExphLXNpZ24tVEVTVC1QcmVtaXVtLUVu
+Yy0wMTAeFw0wMzAyMTAxMzI0MTlaFw0wNjAyMTAxMzI0MjBaMGoxCzAJBgNVBAYT
+AkFUMRwwGgYDVQQDExNUZXN0cGVyc29uIE1PQTEgQlJaMQwwCgYDVQQEEwNCUlox
+GDAWBgNVBCoTD1Rlc3RwZXJzb24gTU9BMTEVMBMGA1UEBRMMMjI1NjUyMzkyMTA0
+MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDmURpYSNb7j/plynhMIDHgoPCu
+Go0KfBI6XJYGAC8dmzntKDaHeUBM/ZImO6PMyK3LEj+vlcVKM2UPsEOaXiGrLs/Z
+GjTP8QMpYKj5UyNlLYMoxRagHi75A6Ci8dcxwH+Sjo3QxLBDEPG6zsusnZphPYad
+pLW7r/NQuOSfeuE6MwIDAQABo4ICHzCCAhswEwYDVR0jBAwwCoAIS7OAw3GTPNgw
+JwYIKwYBBQUHAQMBAf8EGDAWMAgGBgQAjkYBATAKBggrBgEFBQcLATCBggYIKwYB
+BQUHAQEEdjB0MCkGCCsGAQUFBzABhh1odHRwOi8vd3d3LmEtdHJ1c3QuYXQ6ODIv
+b2NzcDBHBggrBgEFBQcwAoY7aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Et
+c2lnbi1URVNULVByZW1pdW0tU2lnLTAxYS5jcnQwgZQGA1UdIASBjDCBiTB9BgYq
+KAARAQQwczA1BggrBgEFBQcCARYpaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3Mv
+Y3AvYS1zaWduLVRFU1QwOgYIKwYBBQUHAgIwLhosRGllc2VzIFplcnRpZmlrYXQg
+ZGllbnQgbnVyIHp1IFRlc3R6d2Vja2VuICEwCAYGBACLMAEBMG8GA1UdHwRoMGYw
+ZKBioGCGXmxkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLVRFU1QtUHJl
+bWl1bS1FbmMtMDEsbz1BLVRydXN0LGM9QVQ/Y2VydGlmaWNhdGVyZXZvY2F0aW9u
+bGlzdD8wEQYDVR0OBAoECEp3ZWggbV5MMA4GA1UdDwEB/wQEAwIGwDAgBgNVHREE
+GTAXgRV0ZXN0cGVyc29uMkBicnouZ3YuYXQwCQYDVR0TBAIwADANBgkqhkiG9w0B
+AQUFAAOCAQEAIuyADBvzJmE7yCCAilQrFl4U+HjMNF5NwbbUqjtVxCj7JliOFJBd
+en46ekG8w57tLHOhg/5N9xdmObX2jgzGZy7uJC7eDnszWjvvfsFev87MwZFy3Pm/
+wdu1+7/+RLDcrOViDn1x2n/JDvkqZJ5WFor2R76wnBIESNeHOqDW9nXHP5F5ERLI
+Ug3tVhIHCkxkBvHJkQOwMD+BhKGh/1jSBRloyrVD/5QUcbQE5wmOjv1I6LLOZRbq
+eXk8cQhwGH+K6p0BdwQc6rg3CXFqTTzP4GuUhnxfJsYtKw7qAfVSf3VRqbeVHX4M
+xDtbjTi15+0lWfB15L4jukJl10D9cFMsWA==</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo><dsig:Object Id="refetsi"><etsi:QualifyingProperties Target="#HS_signature" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#"><etsi:SignedProperties><etsi:SignedSignatureProperties><etsi:SigningTime>2003-05-20T08:31:06Z</etsi:SigningTime><etsi:SigningCertificate><etsi:Cert><etsi:CertDigest><etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><etsi:DigestValue>A6PySg7S5iw8pJEX0i5lwp43lZY=</etsi:DigestValue></etsi:CertDigest><etsi:IssuerSerial><dsig:X509IssuerName>CN=a-sign-TEST-Premium-Enc-01,OU=a-sign-TEST-Premium-Enc-01,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName><dsig:X509SerialNumber>6457</dsig:X509SerialNumber></etsi:IssuerSerial></etsi:Cert></etsi:SigningCertificate><etsi:SignaturePolicyIdentifier><etsi:SignaturePolicyImplied/></etsi:SignaturePolicyIdentifier></etsi:SignedSignatureProperties><etsi:SignedDataObjectProperties><etsi:DataObjectFormat ObjectReference="#reference-data-1"><etsi:MimeType>text/html</etsi:MimeType></etsi:DataObjectFormat></etsi:SignedDataObjectProperties></etsi:SignedProperties></etsi:QualifyingProperties></dsig:Object></dsig:Signature>
+</saml:Assertion></sl11:CreateXMLSignatureResponse> \ No newline at end of file