11 files changed, 195 insertions, 605 deletions
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
index 4dda4c736..a787cea00 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/AuthConfiguration.java
@@ -29,35 +29,7 @@ public interface AuthConfiguration extends ConfigurationProvider{
 	public Map<String, String> getConfigurationWithPrefix(final String Prefix);
 	
 	public String getConfigurationWithKey(final String key);
-	
-	/**
-	 * Get a configuration value from basic file based MOA-ID configuration
-	 * 
-	 * @param key configuration key 
-	 * @return configuration value or null if it is not found
-	 */
-	public String getBasicMOAIDConfiguration(final String key);
-	
-	
-	/**
-	 * Get a configuration value from basic file based MOA-ID configuration
-	 * 
-	 * @param key configuration key 
-	 * @param defaultValue Default value if no value with this key is found
-	 * @return configuration value 
-	 */
-	public String getBasicMOAIDConfiguration(final String key, final String defaultValue);
-	
-	/**
-	 * Get a set of configuration values from basic file based MOA-ID configuration that starts with this prefix
-	 * <br><br>
-	 * <b>Important:</b> The configuration values must be of type String! 
-	 * 
-	 * @param prefix Prefix of the configuration key
-	 * @return Map<String, String> without prefix, but never null
-	 */
-	public Map<String, String> getBasicMOAIDConfigurationWithPrefix(final String prefix);
-	
+		
 	public int getTransactionTimeOut();
 	public int getSSOCreatedTimeOut();
 	public int getSSOUpdatedTimeOut();
@@ -66,15 +38,13 @@ public interface AuthConfiguration extends ConfigurationProvider{
 
 	public List<String> getLegacyAllowedProtocols();
 
-	public IOAAuthParameters getOnlineApplicationParameter(String oaURL);
-
 	public String getMoaSpAuthBlockTrustProfileID(boolean useTestTrustStore) throws ConfigurationException;
 
 	public List<String> getMoaSpAuthBlockVerifyTransformsInfoIDs() throws ConfigurationException;
 
 	public ConnectionParameterInterface getMoaSpConnectionParameter() throws ConfigurationException;
  
-	public ConnectionParameterInterface getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException;
+//	public ConnectionParameterInterface getForeignIDConnectionParameter(IOAAuthParameters oaParameters) throws ConfigurationException;
 
 	/**
 	 * Get parameters to connect the Online Mandate-Service (MIS)
@@ -205,12 +175,4 @@ public interface AuthConfiguration extends ConfigurationProvider{
 	 */
 	public String[] getRevocationMethodOrder();
 
-	/**
-	 * Get a boolean value from basic MOA-ID configuration file
-	 * 
-	 * @param key Configuration key
-	 * @param defaultValue Default result
-	 * @return returns the value of the configuration key, or the default value if the key is not set
-	 */
-	public boolean getBasicMOAIDConfigurationBoolean(String key, boolean defaultValue);
 }
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
index e14f9c9ce..12b9517a6 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
@@ -22,11 +22,14 @@
  */
 package at.gv.egovernment.moa.id.commons.api;
 
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+
 /**
  * @author tlenz
  *
  */
-public interface ConfigurationProvider {
+public interface ConfigurationProvider extends IConfiguration{
 
 	  /** 
 	   * The name of the system property which contains the file name of the 
@@ -54,14 +57,15 @@ public interface ConfigurationProvider {
 		public static final String TRUST_MANAGER_REVOCATION_CHECKING =
 			"TrustManager.RevocationChecking";   
 		
-		public String getRootConfigFileDir();
-		
 		public String getDefaultChainingMode();
 	
 		public String getTrustedCACertificates();
 		
 		public boolean isTrustmanagerrevoationchecking();
 		
+		
+		public String getRootConfigFileDir() throws ConfigurationException;
+		
 		/**
 		 * Get active Spring profiles from file based configuration
 		 * 
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
index 1e1bfa94b..5df4a4163 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
@@ -22,11 +22,12 @@
  */
 package at.gv.egovernment.moa.id.commons.api;
 
+import java.io.Serializable;
 import java.security.PrivateKey;
 import java.util.Collection;
 import java.util.List;
-import java.util.Map;
 
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egovernment.moa.id.commons.api.data.CPEPS;
 import at.gv.egovernment.moa.id.commons.api.data.SAML1ConfigurationParameters;
 import at.gv.egovernment.moa.id.commons.api.data.StorkAttribute;
@@ -37,10 +38,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
  * @author tlenz
  *
  */
-public interface IOAAuthParameters {
-
-	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing";
-	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission";
+public interface IOAAuthParameters extends ISPConfiguration{
 	
 	public static final String THIRDBKU = "thirdBKU";
 	public static final String HANDYBKU = "handy";
@@ -53,20 +51,6 @@ public interface IOAAuthParameters {
 	public static final String EIDAS = "eIDAS";
 	public static final String AUTHTYPE_OTHERS = "others";
 
-	/**
-	 * Get the full key/value configuration for this online application
-	 * 
-	 * @return an unmodifiable map of key/value pairs
-	 */
-	public Map<String, String> getFullConfiguration();
-	
-	  /**
-	   * Get a configuration value from online application key/value configuration
-	   * 
-	   * @param key: The key identifier of a configuration value   * 
-	   * @return The configuration value {String} or null if the key does not exist
-	   */  
-	public String getConfigurationValue(String key);
 	
 	public String getFriendlyName();
 	
@@ -80,9 +64,9 @@ public interface IOAAuthParameters {
 	 * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs
 	 * 
 	 * @return true if there is a restriction, otherwise false
-	 * @throws ConfigurationException In case of online-application configuration has public and private identifies
 	 */
-	public boolean hasBaseIdInternalProcessingRestriction() throws ConfigurationException;
+	@Override
+	public boolean hasBaseIdInternalProcessingRestriction();
 	
 	
 	/**
@@ -93,21 +77,11 @@ public interface IOAAuthParameters {
 	 * 'urn:publicid:gv.at:cdid+' is allowed to receive baseIDs
 	 * 
 	 * @return true if there is a restriction, otherwise false
-	 * @throws ConfigurationException In case of online-application configuration has public and private identifies
 	 */
-	public boolean hasBaseIdTransferRestriction() throws ConfigurationException;
-	
-	
-	/**
-	 * Get the full area-identifier for this online application to calculate the 
-	 * area-specific unique person identifier (bPK, wbPK, eIDAS unique identifier, ...). 
-	 * This identifier always contains the full prefix 
-	 * 
-	 * @return area identifier with prefix
-	 * @throws ConfigurationException In case of online-application configuration has public and private identifies  
-	 */
-	public String getAreaSpecificTargetIdentifier() throws ConfigurationException;
+	@Override
+	public boolean hasBaseIdTransferRestriction();
 	
+		
 	/**
 	 * Get a friendly name for the specific area-identifier of this online application
 	 * 
@@ -254,4 +228,11 @@ public interface IOAAuthParameters {
 	
 	public List<Integer> getReversionsLoggingEventCodes();
 	
+	/**
+	 * Get a List of sectors for that this service provider requires foreign bPKs
+	 * 
+	 * @return list of sectors, or null if no sectors are defined
+	 */
+	public List<String> foreignbPKSectorsRequested();
+	
 }
 \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java
deleted file mode 100644
index 88cd89319..000000000
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IRequest.java
+++ /dev/null
@@ -1,221 +0,0 @@
-/*******************************************************************************
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- *******************************************************************************/
-package at.gv.egovernment.moa.id.commons.api;
-
-import java.util.Collection;
-
-import org.opensaml.saml2.metadata.provider.MetadataProvider;
-
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
-import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
-
-public interface IRequest {
-		
-	/**
-	 * Indicates the module, which implements this authentication protocol.
-	 * The class, which is referenced, had to implement the 'IModulInfo' interface.
-	 * 
-	 * @return Full-qualified name of the class which implements this protocol
-	 */
-	public String requestedModule();
-	
-	/**
-	 * Indicates the protocol specific action, which should executed if the request is processed. 
-	 * The class, which is referenced, had to implement the 'IAction' interface.
-	 * 
-	 * @return Full-qualified name of the class which implements the action  
-	 */
-	public String requestedAction();
-	
-	/**
-	 * Unique identifier, which indicates the service provider. 
-	 * In case of SAML1 protocol, it is the OA http-GET parameter
-	 * 
-	 * @return Unique identifier for the service provider
-	 */
-	public String getOAURL();
-	
-	/**
-	 * Indicates the passive flag in authentication requests.
-	 * If the passive flag is set, the identification and authentication process 
-	 * failed if no active SSO session is found. 
-	 * 
-	 * @return true, if the is passive flag is set in authentication request, otherwise false
-	 */
-	public boolean isPassiv();
-	
-	/**
-	 * Indicates the force authentication flag in authentication request
-	 * If this flag is set, a new identification and authentication process
-	 * is carried out in any case.
-	 * 
-	 * @return true, if the force authentication flag is set, otherwise false
-	 */
-	public boolean forceAuth();
-	
-	
-	/**
-	 * Returns a generic request-data object with is stored with a specific identifier 
-	 * 
-	 * @param key The specific identifier of the request-data object
-	 * @return The request-data object or null if no data is found with this key
-	 */
-	public Object getGenericData(String key);
-	
-	/**
-	 * Returns a generic request-data object with is stored with a specific identifier 
-	 * 
-	 * @param key The specific identifier of the request-data object
-	 * @param clazz The class type which is stored with this key
-	 * @return The request-data object or null if no data is found with this key
-	 */
-	public <T> T getGenericData(String key, final Class<T> clazz);
-	
-	/** 
-	 * Store a generic data-object to request with a specific identifier
-	 * 
-	 * @param key Identifier for this data-object
-	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface
-	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic request-data storage
-	 */
-	public void setGenericDataToSession(String key, Object object) throws SessionDataStorageException;
-		
-	/**
-	 * Hold the identifier of this request object. 
-	 * This identifier can be used to load the request from request storage 
-	 * 
-	 * @return Request identifier
-	 */
-	public String getRequestID();
-	
-
-	/**
-	 * Hold the identifier of the SSO MOASession which is associated with this request
-	 * 
-	 * @return SSO MOASession identifier if a associated session exists, otherwise null
-	 */
-	public String getInternalSSOSessionIdentifier();
-
-	
-	/**
-	 * Hold the MOASession object of a pending request
-	 * This MOASession object is NOT stored to AuthenticationSession database, because it is only part of the pending request 
-	 * 
-	 * @return {@link IAuthenticationSession} AuthenticationSession data object of this pending request
-	 */
-	public IAuthenticationSession getMOASession();
-	
-	
-	/**
-	 * Populate the MOASession object of a pending request with information from an SSO session database
-	 * 
-	 * @param ssoSession
-	 */
-	public void populateMOASessionWithSSOInformation(IAuthenticationSession ssoSession);
-		
-	/**
-	 * Holds a unique transaction identifier, which could be used for looging
-	 * This transaction identifier is unique for a single identification and authentication process
-	 * 
-	 * @return Unique transaction identifier. 
-	 */
-	public String getUniqueTransactionIdentifier();
-	
-	/**
-	 * Holds a unique session identifier, which could be used for logging 
-	 * This session identifier is unique for the full Single Sign-On session time
-	 * 
-	 * @return Unique session identifier
-	 */
-	public String getUniqueSessionIdentifier();
-	
-	
-	/**
-	 * Hold the identifier if the process instance, which is associated with this request 
-	 * 
-	 * @return ProcessInstanceID if this request is associated with a authentication process, otherwise null
-	 */
-	public String getProcessInstanceId();
-	
-	
-	/**
-	 * get the IDP URL PreFix, which was used for authentication request
-	 * 
-	 * @return IDP URL PreFix <String>. The URL prefix always ends without /
-	 */
-	public String getAuthURL();
-	public String getAuthURLWithOutSlash();
-	
-	/**
-	 * Indicates if this pending request needs authentication
-	 * 
-	 * @return true if this request needs authentication, otherwise false
-	 */
-	public boolean isNeedAuthentication();
-	
-	/**
-	 * Indicates, if this pending request needs Single Sign-On (SSO) functionality 
-	 * 
-	 * @return true if this request needs SSO, otherwise false
-	 */
-	public boolean needSingleSignOnFunctionality();
-	public void setNeedSingleSignOnFunctionality(boolean needSSO);
-	
-	/**
-	 * Indicates, if this pending request is already authenticated
-	 * 
-	 * @return true if this request is already authenticated, otherwise false
-	 */
-	public boolean isAuthenticated();
-	public void setAuthenticated(boolean isAuthenticated);
-	
-	/**
-	 * Get get Service-Provider configuration which is associated with this request.
-	 * 
-	 * @return Service-Provider configuration
-	 */
-	public IOAAuthParameters getOnlineApplicationConfiguration();
-
-	/**
-	 * Indicates, if this pending-request is aborted by the user
-	 * 
-	 * @return true, if it is aborted, otherwise false
-	 */
-	public boolean isAbortedByUser();
-
-	/**
-	 * Set the 'isAboredByUser' flag of this pending-request
-	 * 
-	 * @param b true, if the user has abort the authentication process, otherwise false
-	 */
-	public void setAbortedByUser(boolean isAborted);
-	
-	/**
-	 * This method get a Set of PVP 2.1 attribute, which are request by this pending-request.
-	 * @param metadataProvider SAML2 Metadata Provider, or null if no metadata provider is required
-	 * 
-	 * @return A set of PVP attribute names or null if no attributes are requested 
-	 * 			or the Service Provider, which sends this request needs no attributes
-	 */
-	public Collection<String> getRequestedAttributes(MetadataProvider metadataProvider);
-}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
index db413b0f5..31a0573b6 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/AuthProzessDataConstants.java
@@ -22,40 +22,25 @@
  */
 package at.gv.egovernment.moa.id.commons.api.data;
 
+import at.gv.egiz.eaaf.core.api.idp.EAAFAuthProcessDataConstants;
+
 /**
  * @author tlenz
  *
  */
-public interface AuthProzessDataConstants {
-	
-	public static final String GENERIC_PREFIX 					= "generic_";
+public interface AuthProzessDataConstants extends EAAFAuthProcessDataConstants { 
 	
-	
-	public static final String FLAG_IS_FOREIGNER 				= "direct_flagIsForeigner";
-	public static final String FLAG_USE_MANDATE 				= "direct_flagUseMandate";
-	public static final String FLAG_IS_ORGANWALTER 				= "direct_flagOrganwalter";
-	public static final String FLAG_IS_AUTHENTICATED 			= "direct_flagIsAuth";
 	public static final String FLAG_SAMLATTRIBUTEGEBEORWBPK 	= "direct_SAMLAttributeGebeORwbpk";
 	
-	
-	public static final String VALUE_CREATED 					= "direct_created";
-	public static final String VALUE_ISSUEINSTANT 				= "direct_issueInstant";
-	public static final String VALUE_SESSIONID 					= "direct_sessionId";
 	public static final String VALUE_SIGNER_CERT 				= "direct_signerCert";
 	public static final String VALUE_IDENTITYLINK 				= "direct_idl";	
 	public static final String VALUE_BKUURL 					= "direct_bkuUrl";
 	public static final String VALUE_AUTHBLOCK 					= "direct_authBlock";
 	
 	public static final String VALUE_AUTNBLOCKTOKKEN 			= "direct_authblocktokken";
-	public static final String VALUE_QAALEVEL 					= "direct_qaaLevel";
-	public static final String VALUE_VERIFYSIGRESP 				= "direct_verifySigResp";
-	
+	public static final String VALUE_VERIFYSIGRESP 				= "direct_verifySigResp";	
 	public static final String VALUE_MISSESSIONID 				= "direct_MIS_SessionId";
 	public static final String VALUE_MISREFVALUE 				= "direct_MIS_RefValue";
-	public static final String VALUE_MISMANDATE 				= "direct_MIS_Mandate";
-	
-	
-
 	
 	@Deprecated
 	public static final String VALUE_EXTENTEDSAMLATTRAUTH 		= "direct_extSamlAttrAuth";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java
index cb81fe79e..5fec08053 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/BPKDecryptionParameters.java
@@ -34,8 +34,8 @@ import java.security.UnrecoverableKeyException;
 
 import org.apache.commons.lang3.SerializationUtils;
 
+import at.gv.egiz.eaaf.core.impl.utils.KeyStoreUtils;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.KeyStoreUtils;
 
 
 /**
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java
index 8bffceaed..1d54af7c8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IAuthenticationSession.java
@@ -22,22 +22,17 @@
  */
 package at.gv.egovernment.moa.id.commons.api.data;
 
-import java.util.Date;
 import java.util.List;
 import java.util.Map;
 
-import at.gv.egovernment.moa.id.commons.api.exceptions.SessionDataStorageException;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IAuthProcessDataContainer;
 import iaik.x509.X509Certificate;
 
 /**
  * @author tlenz
  *
  */
-public interface IAuthenticationSession {
-
-	boolean isAuthenticated();
-
-	void setAuthenticated(boolean authenticated);
+public interface IAuthenticationSession extends IAuthProcessDataContainer {
 
 	X509Certificate getSignerCertificate();
 
@@ -46,34 +41,20 @@ public interface IAuthenticationSession {
 	void setSignerCertificate(X509Certificate signerCertificate);
 
 	/**
-	 * Returns the identityLink.
-	 * 
-	 * @return IdentityLink
-	 */
-	IIdentityLink getIdentityLink();
-
-	/**
 	 * Returns the sessionID.
 	 * 
 	 * @return String
 	 */
-	String getSessionID();
-
-	/**
-	 * Sets the identityLink.
-	 * 
-	 * @param identityLink
-	 *            The identityLink to set
-	 */
-	void setIdentityLink(IIdentityLink identityLink);
+	String getSSOSessionID();
 
+	
 	/**
 	 * Sets the sessionID.
 	 * 
 	 * @param sessionId
 	 *            The sessionID to set
 	 */
-	void setSessionID(String sessionId);
+	void setSSOSessionID(String sessionId);
 
 	/**
 	 * Returns the BKU URL.
@@ -158,20 +139,6 @@ public interface IAuthenticationSession {
 	 */
 	void setSAMLAttributeGebeORwbpk(boolean samlAttributeGebeORwbpk);
 
-	/**
-	 * Returns the issuing time of the AUTH-Block SAML assertion.
-	 * 
-	 * @return The issuing time of the AUTH-Block SAML assertion.
-	 */
-	String getIssueInstant();
-
-	/**
-	 * Sets the issuing time of the AUTH-Block SAML assertion.
-	 * 
-	 * @param issueInstant
-	 *            The issueInstant to set.
-	 */
-	void setIssueInstant(String issueInstant);
 
 	/**
 	 * 
@@ -180,13 +147,6 @@ public interface IAuthenticationSession {
 	 */
 	void setUseMandate(String useMandate);
 
-	void setUseMandates(boolean useMandates);
-
-	/**
-	 * @return
-	 */
-	boolean isMandateUsed();
-
 	/**
 	 * 
 	 * @param misSessionID
@@ -212,9 +172,6 @@ public interface IAuthenticationSession {
 	 */
 	void setMandateReferenceValue(String mandateReferenceValue);
 
-	boolean isForeigner();
-
-	void setForeigner(boolean isForeigner);
 
 	IVerifiyXMLSignatureResponse getXMLVerifySignatureResponse();
 
@@ -225,17 +182,6 @@ public interface IAuthenticationSession {
 	void setMISMandate(IMISMandate mandate);
 
 	/**
-	 * @return the isOW
-	 */
-	boolean isOW();
-
-	/**
-	 * @param isOW
-	 *            the isOW to set
-	 */
-	void setOW(boolean isOW);
-
-	/**
 	 * @return the authBlockTokken
 	 */
 	String getAuthBlockTokken();
@@ -246,51 +192,12 @@ public interface IAuthenticationSession {
 	 */
 	void setAuthBlockTokken(String authBlockTokken);
 
+	
 	/**
-	 * eIDAS QAA level
+	 * Generates a Key / Value representation from Authenticated session
 	 * 
-	 * @return the qAALevel
+	 * @return A read-only version of all session information
 	 */
-	String getQAALevel();
-
-	/**
-	 * set QAA level in eIDAS form
-	 * 
-	 * @param qAALevel the qAALevel to set
-	 */
-	void setQAALevel(String qAALevel);
-
-	/**
-	 * @return the sessionCreated
-	 */
-	Date getSessionCreated();
-
-	Map<String, Object> getGenericSessionDataStorage();
-
-	/**
-	 * Returns a generic session-data object with is stored with a specific identifier 
-	 * 
-	 * @param key The specific identifier of the session-data object
-	 * @return The session-data object or null if no data is found with this key
-	 */
-	Object getGenericDataFromSession(String key);
-
-	/**
-	 * Returns a generic session-data object with is stored with a specific identifier 
-	 * 
-	 * @param key The specific identifier of the session-data object
-	 * @param clazz The class type which is stored with this key
-	 * @return The session-data object or null if no data is found with this key
-	 */
-	<T> T getGenericDataFromSession(String key, Class<T> clazz);
-
-	/**
-	 * Store a generic data-object to session with a specific identifier
-	 * 
-	 * @param key Identifier for this data-object
-	 * @param object Generic data-object which should be stored. This data-object had to be implement the 'java.io.Serializable' interface
-	 * @throws SessionDataStorageException Error message if the data-object can not stored to generic session-data storage
-	 */
-	void setGenericDataToSession(String key, Object object) throws SessionDataStorageException;
-
+	public Map<String, Object> getKeyValueRepresentationFromAuthSession();
+	
 }
 \ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java
deleted file mode 100644
index 3a0ccd7c9..000000000
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/data/IIdentityLink.java
+++ /dev/null
@@ -1,175 +0,0 @@
-/*
- * Copyright 2014 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-package at.gv.egovernment.moa.id.commons.api.data;
-
-import java.io.IOException;
-import java.security.PublicKey;
-
-import javax.xml.transform.TransformerException;
-
-import org.w3c.dom.Element;
-
-/**
- * @author tlenz
- *
- */
-public interface IIdentityLink {
-
-	/**
-	   * Returns the dateOfBirth.
-	   * @return Calendar
-	   */
-	String getDateOfBirth();
-
-	/**
-	   * Returns the familyName.
-	   * @return String
-	   */
-	String getFamilyName();
-
-	/**
-	   * Returns the givenName.
-	   * @return String
-	   */
-	String getGivenName();
-
-	/**
-	   * Returns the name.
-	   * @return The name.
-	   */
-	String getName();
-
-	/**
-	   * Returns the identificationValue.
-		 * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>.
-	   * @return String
-	   */
-	String getIdentificationValue();
-
-	/**
-	 * Returns the identificationType.
-	 * <code>"identificationType"</code> type of the identificationValue in the IdentityLink.
-	 * @return String
-	 */
-	String getIdentificationType();
-
-	/**
-	   * Sets the dateOfBirth.
-	   * @param dateOfBirth The dateOfBirth to set
-	   */
-	void setDateOfBirth(String dateOfBirth);
-
-	/**
-	   * Sets the familyName.
-	   * @param familyName The familyName to set
-	   */
-	void setFamilyName(String familyName);
-
-	/**
-	   * Sets the givenName.
-	   * @param givenName The givenName to set
-	   */
-	void setGivenName(String givenName);
-
-	/**
-	   * Sets the identificationValue.
-		 * <code>"identificationValue"</code> is the translation of <code>"Stammzahl"</code>.
-	   * @param identificationValue The identificationValue to set
-	   */
-	void setIdentificationValue(String identificationValue);
-
-	/**
-	 * Sets the Type of the identificationValue.
-	 * @param identificationType The type of identificationValue to set
-	 */
-	void setIdentificationType(String identificationType);
-
-	/**
-	   * Returns the samlAssertion.
-	   * @return Element
-	   */
-	Element getSamlAssertion();
-
-	/**
-	   * Returns the samlAssertion.
-	   * @return Element
-	   */
-	String getSerializedSamlAssertion();
-
-	/**
-	   * Sets the samlAssertion and the serializedSamlAssertion.
-	   * @param samlAssertion The samlAssertion to set
-	   */
-	void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException;
-
-	/**
-	   * Returns the dsigReferenceTransforms.
-	   * @return Element[]
-	   */
-	Element[] getDsigReferenceTransforms();
-
-	/**
-	   * Sets the dsigReferenceTransforms.
-	   * @param dsigReferenceTransforms The dsigReferenceTransforms to set
-	   */
-	void setDsigReferenceTransforms(Element[] dsigReferenceTransforms);
-
-	/**
-	   * Returns the publicKey.
-	   * @return PublicKey[]
-	   */
-	PublicKey[] getPublicKey();
-
-	/**
-	   * Sets the publicKey.
-	   * @param publicKey The publicKey to set
-	   */
-	void setPublicKey(PublicKey[] publicKey);
-
-	/**
-	   * Returns the prPerson.
-	   * @return Element
-	   */
-	Element getPrPerson();
-
-	/**
-	   * Sets the prPerson.
-	   * @param prPerson The prPerson to set
-	   */
-	void setPrPerson(Element prPerson);
-
-	/**
-	   * Returns the issuing time of the identity link SAML assertion.
-	   *
-	   * @return The issuing time of the identity link SAML assertion.
-	   */
-	String getIssueInstant();
-
-	/**
-	   * Sets the issuing time of the identity link SAML assertion.
-	   *
-	   * @param issueInstant The issueInstant to set.
-	   */
-	void setIssueInstant(String issueInstant);
-
-}
-\ No newline at end of file
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java
new file mode 100644
index 000000000..73617fb35
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/BKUException.java
@@ -0,0 +1,57 @@
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+package at.gv.egovernment.moa.id.commons.api.exceptions;
+
+public class BKUException extends MOAIDException {
+
+	private static final long serialVersionUID = -4646544256490397419L;
+
+	private String bkuErrorCode;
+	private String bkuErrorMessage;
+	
+	public BKUException(String messageId, Object[] parameters,
+			String bkuErrorCode, String bkuErrorMessage) {
+		super(messageId, parameters);
+		
+		this.bkuErrorCode = bkuErrorCode;
+		this.bkuErrorMessage = bkuErrorMessage;
+	}
+
+
+	/**
+	 * @return the bkuErrorCode
+	 */
+	public String getBkuErrorCode() {
+		return bkuErrorCode;
+	}
+
+
+	/**
+	 * @return the bkuErrorMessage
+	 */
+	public String getBkuErrorMessage() {
+		return bkuErrorMessage;
+	}
+
+	
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java
new file mode 100644
index 000000000..b8c78ab5c
--- /dev/null
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MISSimpleClientException.java
@@ -0,0 +1,90 @@
+package at.gv.egovernment.moa.id.commons.api.exceptions;
+/*******************************************************************************
+ * Copyright 2014 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ * 
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ * 
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ * 
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ ******************************************************************************/
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+public class MISSimpleClientException extends MOAIDException {
+
+	private static final long serialVersionUID = 1L;
+
+	private String misErrorCode;
+	private String misErrorMessage;
+	
+	public MISSimpleClientException() {
+		super("UNDEFINED ERROR", null);
+	}
+
+	public MISSimpleClientException(String message) {
+		super(message, null);
+	}
+	
+	public MISSimpleClientException(String message, String code, String text) {
+		super(message, new Object[] { code , text });
+		this.misErrorMessage = text;
+		this.misErrorCode = code;
+	}
+
+	public MISSimpleClientException(String message, Throwable cause) {
+		super(message, null, cause);
+	}
+
+	public MISSimpleClientException(String message, Object[] params, Throwable cause) {
+		super(message, params, cause);
+	}
+	
+	/**
+	 * @return the bkuErrorCode
+	 */
+	public String getMISErrorCode() {
+		return misErrorCode;
+	}
+
+
+	/**
+	 * @return the bkuErrorMessage
+	 */
+	public String getMISErrorMessage() {
+		return misErrorMessage;
+	}
+}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java
index 6841be92b..b5ae04c4e 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/exceptions/MOAIDException.java
@@ -49,7 +49,7 @@ package at.gv.egovernment.moa.id.commons.api.exceptions;
 import java.io.PrintStream;
 import java.io.PrintWriter;
 
-import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 
 /**
  * Base class of technical MOA exceptions.
@@ -60,17 +60,17 @@ import at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider;
  * @author Patrick Peck, Ivancsics Paul
  * @version $Id$
  */
-public class MOAIDException extends Exception {
+public class MOAIDException extends EAAFException {
   /**
 	 * 
 	 */
 	private static final long serialVersionUID = -1507246171708083912L;
-/** message ID */
-  private String messageId;
-  /** wrapped exception */
-  private Throwable wrapped;
+	/** message ID */
+	  private String messageId;
+	  /** wrapped exception */
+	  private Throwable wrapped;
 
-  private Object[] parameters;
+	  private Object[] parameters;
   
   /**
    * Create a new <code>MOAIDException</code>.
@@ -80,7 +80,7 @@ public class MOAIDException extends Exception {
    * @param parameters Additional message parameters.
    */
   public MOAIDException(String messageId, Object[] parameters) {
-    super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
+    super(messageId, parameters);
     this.messageId = messageId;
     this.parameters = parameters;
   }
@@ -99,7 +99,7 @@ public class MOAIDException extends Exception {
     Object[] parameters,
     Throwable wrapped) {
       
-    super(MOAIDMessageProvider.getInstance().getMessage(messageId, parameters));
+    super(messageId, parameters, wrapped);
     this.messageId = messageId;
     this.wrapped = wrapped;
     this.parameters = parameters;