From e4fa532f93f10115e1f39c97cc96e5950a048884 Mon Sep 17 00:00:00 2001 From: Thomas Lenz Date: Wed, 11 Dec 2019 16:01:38 +0100 Subject: update to EAAF-Components 1.0.13.1 Enforce E-ID authentication based on Service-Provider configuration --- id/server/doc/handbook/protocol/protocol.html | 12 ++--- .../id/auth/modules/BKUSelectionModuleImpl.java | 3 +- .../modules/SingleSignOnConsentsModuleImpl.java | 3 +- .../pvp2x/metadata/MOAMetadataProvider.java | 6 +-- .../moa/id/commons/api/ConfigurationProvider.java | 4 +- .../moa/id/commons/utils/MOAIDMessageProvider.java | 6 +++ ...roviderSpecificGUIFormBuilderConfiguration.java | 3 +- .../DefaultGUIFormBuilderConfiguration.java | 7 +-- .../internal/DefaultCitizenCardAuthModuleImpl.java | 3 +- .../EidasCentralAuthModuleImpl.java | 3 +- .../eidproxyauth/EIDProxyAuthModuleImpl.java | 52 +++++++++++++--------- .../bkamobileauthtests/BKAMobileAuthModule.java | 3 +- ...strianAuthWitheID4UAuthenticationModulImpl.java | 29 +++--------- .../eidas/eIDASAuthenticationModulImpl.java | 3 +- .../engine/MOAeIDASChainingMetadataProvider.java | 6 +-- .../tasks/CollectAddtionalAttributesTask.java | 6 ++- .../elgamandates/ELGAMandatesAuthModuleImpl.java | 5 ++- .../oauth20/protocol/OAuth20BaseRequest.java | 3 +- .../sl20_auth/SL20AuthenticationModulImpl.java | 9 ++-- .../sl20_auth/tasks/CreateQualeIDRequestTask.java | 3 +- .../ssotransfer/SSOTransferAuthModuleImpl.java | 3 +- .../FederatedAuthenticationModuleImpl.java | 3 +- .../tasks/CreateAuthnRequestTask.java | 4 +- .../tasks/ReceiveAuthnResponseTask.java | 6 ++- pom.xml | 14 +++--- 25 files changed, 107 insertions(+), 92 deletions(-) diff --git a/id/server/doc/handbook/protocol/protocol.html b/id/server/doc/handbook/protocol/protocol.html index 2b3dbff98..dc55dda3b 100644 --- a/id/server/doc/handbook/protocol/protocol.html +++ b/id/server/doc/handbook/protocol/protocol.html @@ -123,12 +123,12 @@ Redirect Binding OpenID Connect Authentifizierungsrequest
(AuthCode-Request) - https://<host>:<port>/moa-id-auth/oauth3/auth + https://<host>:<port>/moa-id-auth/oauth2/auth OpenID Connect

AccessToken-Request

- https://<host>:<port>/moa-id-auth/oauth3/token + https://<host>:<port>/moa-id-auth/oauth2/token SAML 1 @@ -1320,8 +1320,8 @@ https://<host>:<port>/moa-id-auth/pvp2/metadata

3.2 Zugangspunkte

Zur Verwendung von OpenID Connect stellt das Modul MOA-ID-Auth zwei Zugangspunkte zur Kommunikation mit der Online-Applikation zur Verfügung. Diese Zugangspunkte bezeichnen die URLs unter welchen das Modul MOA-ID-Auth die entsprechenden OpenID Connect Nachrichten entgegennimmt.

3.3 Beschreibung der Nachrichten

Dieser Abschnitt beschreibt die einzelnen OpenID Connect spezifischen Nachrichten, welche zwischen der Online-Applikation und dem Modul MOA-ID-Auth während eines Authentifizierungsvorgangs ausgetauscht werden. Hierbei wird auch auf das Sequenzdiagramm aus Abschnitt 3.1 Bezug genommen.

@@ -1376,7 +1376,7 @@ Folgende Parameter müssen mit dem AuthCode-Request mitgesendet werden, wobe

 

Nachfolgend ein Beispiel für einen OpenID Connect Authentifizierungsrequest an das Modul MOA-ID-Auth.

-
<form method="get" action="https://demo.egiz.gv.at/demoportal_moaid-2.0/oauth3/auth">
+
<form method="get" action="https://demo.egiz.gv.at/demoportal_moaid-2.0/oauth2/auth">
   <input type="hidden" value="code" name="response_type">
   <input type="hidden" value="https://demo.egiz.gv.at/demoportal-openID_demo" name="client_id">
   <input type="hidden" value="https://demo.egiz.gv.at/demoportal-openID_demo/securearea.action" name="redirect_uri">
@@ -1442,7 +1442,7 @@ Folgende Parameter müssen mit dem AuthCode-Request mitgesendet werden, wobe
 
 

 

Nachfolgend ein Beispiel für einen AccessToken Request

-
<form method="POST" action="https://demo.egiz.gv.at/demoportal_moaid-2.0/oauth3/token">
+
<form method="POST" action="https://demo.egiz.gv.at/demoportal_moaid-2.0/oauth2/token">
   <input type="hidden" value="authorization_code" name="grant_type">
   <input type="hidden" value="https://demo.egiz.gv.at/demoportal-openID_demo" name="client_id">
   <input type="hidden" value="https://demo.egiz.gv.at/demoportal-openID_demo/securearea.action" name="redirect_uri">
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
index bd183d906..6426e0e0c 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/BKUSelectionModuleImpl.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.auth.modules;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -50,7 +51,7 @@ public class BKUSelectionModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		boolean performBKUSelection = false;
 		Object performBKUSelectionObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION);
 		if (performBKUSelectionObj != null && performBKUSelectionObj instanceof Boolean)
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java
index b624e13ef..e8ce0f9c1 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/SingleSignOnConsentsModuleImpl.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.auth.modules;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 
@@ -46,7 +47,7 @@ public class SingleSignOnConsentsModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		Object evaluationObj = context.get(PARAM_SSO_CONSENTS_EVALUATION);
 		if (evaluationObj != null && evaluationObj instanceof Boolean) {
 			boolean evaluateSSOConsents = (boolean) evaluationObj;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index ff5379498..0be49a23e 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -64,7 +64,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider {
 		
 	@Override
 	protected String getMetadataURL(String entityId) throws EAAFConfigurationException {
-		ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(entityId);
+		ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(entityId);
 		if (oaParam != null)
 			return oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL);
 		
@@ -78,7 +78,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider {
 	
 	@Override
 	protected MetadataProvider createNewMetadataProvider(String entityId) throws EAAFConfigurationException, IOException, CertificateException {
-		ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(entityId);
+		ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(entityId);
 		if (oaParam != null) {
 			String metadataURL = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL);		
 			String certBase64 = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_CERTIFICATE);
@@ -117,7 +117,7 @@ public class MOAMetadataProvider extends AbstractChainingMetadataProvider {
 			while (oaInterator.hasNext()) {
 				Entry oaKeyPair = oaInterator.next();
 				
-				ISPConfiguration oaParam = authConfig.getServiceProviderConfiguration(oaKeyPair.getValue());
+				ISPConfiguration oaParam = moaAuthConfig.getServiceProviderConfiguration(oaKeyPair.getValue());
 				if (oaParam != null) {
 					String metadataurl = oaParam.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_PROTOCOLS_PVP2X_URL);
 					if (MiscUtil.isNotEmpty(metadataurl))
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
index 12b9517a6..2873b17ef 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/ConfigurationProvider.java
@@ -22,14 +22,14 @@
  */
 package at.gv.egovernment.moa.id.commons.api;
 
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 
 /**
  * @author tlenz
  *
  */
-public interface ConfigurationProvider extends IConfiguration{
+public interface ConfigurationProvider extends IConfigurationWithSP{
 
 	  /** 
 	   * The name of the system property which contains the file name of the 
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java
index f4143e434..f9b43c193 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/MOAIDMessageProvider.java
@@ -146,4 +146,10 @@ public String mapInternalErrorToExternalError(String intErrorCode) {
 	return extErrorCode;
 }
 
+@Override
+public String getMessageWithoutDefault(String messageId, Object[] parameters) {
+  return getMessage(messageId, parameters);
+  
+}
+
 }
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
index 6645b24bc..23b8dcd84 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
@@ -31,6 +31,7 @@ import java.util.Map.Entry;
 import org.apache.commons.lang.StringEscapeUtils;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.GroupDefinition;
 import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration;
 import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration;
 import at.gv.egovernment.moa.id.auth.frontend.utils.FormBuildUtils;
@@ -116,7 +117,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration
 	}
 	
 	@Override
-	protected final String getFromGroup() {
+	protected final GroupDefinition getFromGroup() {
 		return null;
 		
 	}
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java
index 7965f3c85..e14558d29 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/DefaultGUIFormBuilderConfiguration.java
@@ -30,6 +30,7 @@ import java.util.Map.Entry;
 import org.apache.commons.lang.StringEscapeUtils;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.gui.GroupDefinition;
 import at.gv.egiz.eaaf.core.api.gui.IVelocityGUIBuilderConfiguration;
 import at.gv.egiz.eaaf.core.api.gui.ModifyableGuiBuilderConfiguration;
 import at.gv.egiz.eaaf.core.impl.gui.AbstractGUIFormBuilderConfiguration;
@@ -78,7 +79,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo
 	 * @see at.gv.egovernment.moa.id.auth.frontend.builder.ModifyableGuiBuilderConfiguration#putCustomParameterWithOutEscaption(java.lang.String, java.lang.Object)
 	 */
 	@Override
-	public void putCustomParameterWithOutEscaption(String group, String key, Object value) {
+	public void putCustomParameterWithOutEscaption(GroupDefinition group, String key, Object value) {
 		if (customParameters == null)
 			customParameters = new HashMap();
 		
@@ -89,7 +90,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo
 	 * @see at.gv.egovernment.moa.id.auth.frontend.builder.ModifyableGuiBuilderConfiguration#putCustomParameter(java.lang.String, java.lang.String)
 	 */
 	@Override
-	public void putCustomParameter(String group, String key, String value) {
+	public void putCustomParameter(GroupDefinition group, String key, String value) {
 		if (customParameters == null)
 			customParameters = new HashMap();
 		
@@ -143,7 +144,7 @@ public class DefaultGUIFormBuilderConfiguration extends AbstractGUIFormBuilderCo
 	}
 
 	@Override
-	protected final String getFromGroup() {
+	protected final GroupDefinition getFromGroup() {
 		return null;
 		
 	}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
index 1962d6c82..82fb42c32 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/DefaultCitizenCardAuthModuleImpl.java
@@ -3,6 +3,7 @@ package at.gv.egovernment.moa.id.auth.modules.internal;
 
 import org.apache.commons.lang3.StringUtils;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -18,7 +19,7 @@ public class DefaultCitizenCardAuthModuleImpl implements AuthModule {
 	}
  
 	@Override
-	public String selectProcess(ExecutionContext context) {		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {		
 		//select process if BKU is selected and it is no STORK authentication
 		
 		boolean performBKUSelection = false;
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
index 821a200c7..53b3f3e1a 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/EidasCentralAuthModuleImpl.java
@@ -29,6 +29,7 @@ import javax.annotation.PostConstruct;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
@@ -64,7 +65,7 @@ public class EidasCentralAuthModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		Serializable paramObj = context.get(EidasCentralAuthConstants.HTTP_PARAM_CENTRAL_EIDAS_AUTH_SELECTION);
 		if (paramObj != null ) {
 			if (paramObj instanceof String) {		
diff --git a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
index f4c27e047..85d9d0f76 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-E-ID_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidproxyauth/EIDProxyAuthModuleImpl.java
@@ -29,9 +29,11 @@ import javax.annotation.PostConstruct;
 import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.logging.Logger;
 
@@ -66,27 +68,37 @@ public class EIDProxyAuthModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		
-		if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, false)) {
-			Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
-			if (paramObj != null ) {
-				if (paramObj instanceof String) {		
-					String param = (String)paramObj;
-					if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
-						Logger.debug("Manually selected E-ID authentication process  ");
-						return AUTH_PROCESS_NAME;
-					}
-				}
-			}
-			
-			return null;
-
-		}
-
-		Logger.trace("Select E-ID authentication process ... ");		
-		return AUTH_PROCESS_NAME;		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		
+	  if (Boolean.parseBoolean(
+          pendingReq.getServiceProviderConfiguration().getConfigurationValue(
+              MOAIDConfigurationConstants.SERVICE_AUTH_AUSTRIAN_EID_DEMO_MODE, 
+              String.valueOf(false)))) {
+	    Logger.debug("SP: " + pendingReq.getSPEntityId() + " activates E-ID mode.");
+	    return AUTH_PROCESS_NAME;
+	    
+	  } else {	  
+  		if (authConfig.getBasicConfigurationBoolean(EIDProxyAuthConstants.CONFIG_PROPS_DISABLE_PROCESS_ENFORCEMENT, true)) {
+  		  Logger.trace("Disable E-ID enforcment is 'true' ");
+  			Serializable paramObj = context.get(EIDProxyAuthConstants.HTTP_PARAM_EIDPROXY_AUTH_SELECTION);
+  			if (paramObj != null ) {
+  				if (paramObj instanceof String) {		
+  					String param = (String)paramObj;
+  					if (StringUtils.isNotEmpty(param) && Boolean.parseBoolean(param)) {
+  						Logger.debug("Manually selected E-ID authentication process  ");
+  						return AUTH_PROCESS_NAME;
+  					}
+  				}
+  			}
+  			
+  			return null;
+  
+  		} else {
+  		  Logger.trace("Select E-ID authentication process ... ");		
+  		  return AUTH_PROCESS_NAME;
+	    
+  		}
+	  }		
 	}
 
 	/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
index b17f0c121..50f675c6e 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/BKAMobileAuthModule.java
@@ -29,6 +29,7 @@ import javax.annotation.PostConstruct;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
@@ -95,7 +96,7 @@ public class BKAMobileAuthModule implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {		
 		String spEntityID = (String) context.get(EAAFConstants.PROCESS_ENGINE_SERVICE_PROVIDER_ENTITYID);
 		String sl20ClientTypeHeader = (String) context.get("SL2ClientType".toLowerCase());
 		String sl20VDATypeHeader = (String)  context.get("X-MOA-VDA".toLowerCase());				
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
index 6efa55ac8..daaf6a0f5 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/AustrianAuthWitheID4UAuthenticationModulImpl.java
@@ -23,17 +23,13 @@
 package at.gv.egovernment.moa.id.auth.modules.eidas;
 
 
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.IRequestStorage;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
 import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
 import at.gv.egovernment.moa.id.protocols.eidas.EIDASData;
-import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
@@ -64,29 +60,14 @@ public class AustrianAuthWitheID4UAuthenticationModulImpl extends DefaultCitizen
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		String selectedProcessID = super.selectProcess(context);
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+		String selectedProcessID = super.selectProcess(context, pendingReq);
 		if (MiscUtil.isNotEmpty(selectedProcessID)) {
-			String pendingReqId = (String)context.get(EAAFConstants.PROCESS_ENGINE_PENDINGREQUESTID);
-			
-			if (StringUtils.isEmpty(pendingReqId))
-				Logger.warn("Process execution context contains NO 'pendingReqId'. Looks very suspect!");
-			
-			else {
-				IRequest pendingReq;
-				try {
-					pendingReq = requestStore.getPendingRequest(pendingReqId);
-					if (pendingReq != null && pendingReq instanceof EIDASData) {
-						return "eID4UAttributCollectionAuthentication";
+		  if (pendingReq != null && pendingReq instanceof EIDASData) {
+		    return "eID4UAttributCollectionAuthentication";
 					
-					}
-					
-				} catch (PendingReqIdValidationException e) {
-					Logger.warn("Validation of PendingRequestId FAILED. Reason: " + e.getMessage());
-					
-				}
-				
 			}
+		  
 		}	
 		
 		return selectedProcessID;
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
index ec042949a..cf9a5cc60 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/eIDASAuthenticationModulImpl.java
@@ -24,6 +24,7 @@ package at.gv.egovernment.moa.id.auth.modules.eidas;
 
 import org.apache.commons.lang3.StringUtils;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 
@@ -52,7 +53,7 @@ public class eIDASAuthenticationModulImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		if (StringUtils.isNotBlank((String) context.get("ccc")) || 
 				StringUtils.isNotBlank((String) context.get("CCC"))) 
 			return "eIDASAuthentication";
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
index a1d6bb225..e879fd95b 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/engine/MOAeIDASChainingMetadataProvider.java
@@ -32,7 +32,7 @@ import org.springframework.stereotype.Service;
 import at.gv.egiz.components.spring.api.IDestroyableObject;
 import at.gv.egiz.eaaf.core.api.IGarbageCollectorProcessing;
 import at.gv.egiz.eaaf.core.api.IPostStartupInitializable;
-import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.metadata.IRefreshableMetadataProvider;
 import at.gv.egiz.eaaf.modules.pvp2.impl.metadata.MetadataFilterChain;
@@ -52,7 +52,7 @@ import eu.eidas.auth.engine.AbstractProtocolEngine;
 public class MOAeIDASChainingMetadataProvider extends SimpleMetadataProvider implements ObservableMetadataProvider, 
 	IGarbageCollectorProcessing, IDestroyableObject, IRefreshableMetadataProvider, IPostStartupInitializable{
 
-	@Autowired(required=true) IConfiguration basicConfig;
+	@Autowired(required=true) IConfigurationWithSP basicConfig;
 	
 	private Timer timer = null; 
 	
@@ -82,7 +82,7 @@ public class MOAeIDASChainingMetadataProvider extends SimpleMetadataProvider imp
 	
 	protected void initializeEidasMetadataFromFileSystem() throws ConfigurationException {
 		try {
-			Map metadataToLoad = authConfig.getBasicConfigurationWithPrefix(Constants.CONIG_PROPS_EIDAS_METADATA_URLS_LIST_PREFIX);
+			Map metadataToLoad = basicConfig.getBasicConfigurationWithPrefix(Constants.CONIG_PROPS_EIDAS_METADATA_URLS_LIST_PREFIX);
 			if (!metadataToLoad.isEmpty()) {
 				Logger.info("Load static configurated eIDAS metadata ... ");			
 				for (String metaatalocation : metadataToLoad.values()) {
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
index ab4179981..3b976b99e 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CollectAddtionalAttributesTask.java
@@ -12,6 +12,7 @@ import org.springframework.stereotype.Component;
 import com.google.common.collect.UnmodifiableIterator;
 
 import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.api.storage.ITransactionStorage;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
@@ -43,6 +44,7 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask {
 	@Autowired private OAuth20AuthAction openIDAuthAction; 
 	@Autowired private ITransactionStorage transactionStorage;
 	@Autowired private AuthenticationDataBuilder authDataBuilder;
+	@Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
 	
 	@Override
 	public void execute(ExecutionContext context, HttpServletRequest httpReq, HttpServletResponse httpResp)
@@ -102,10 +104,10 @@ public class CollectAddtionalAttributesTask extends AbstractAuthServletTask {
 					
 					//generate fake OpenID_Connect request
 					OAuth20AuthRequest fakeOpenIDReq = new OAuth20AuthRequest();
-					fakeOpenIDReq.initialize(httpReq, authConfig);
+					fakeOpenIDReq.initialize(httpReq, authConfigWithSp);
 					fakeOpenIDReq.setSPEntityId(uniqueID);
 					fakeOpenIDReq.setModule(OAuth20Protocol.NAME);
-					fakeOpenIDReq.setOnlineApplicationConfiguration(authConfig.getServiceProviderConfiguration(uniqueID));
+					fakeOpenIDReq.setOnlineApplicationConfiguration(authConfigWithSp.getServiceProviderConfiguration(uniqueID));
 					fakeOpenIDReq.setScope("openId profile");
 										
 					//populate with SessionData
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
index 0d460f293..a0aa45794 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/ELGAMandatesAuthModuleImpl.java
@@ -25,6 +25,7 @@ package at.gv.egovernment.moa.id.auth.modules.elgamandates;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
@@ -52,8 +53,8 @@ public class ELGAMandatesAuthModuleImpl extends DefaultCitizenCardAuthModuleImpl
 	}
 	
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		String selectedProcessID = super.selectProcess(context);
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+		String selectedProcessID = super.selectProcess(context, pendingReq);
 	
 		//check if BKU authentication is selected and ELGA-MandateService is configurated
 		if (MiscUtil.isNotEmpty(selectedProcessID)) {
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 9cceea7d5..8ef33381f 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -32,6 +32,7 @@ import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang.StringUtils;
 
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
@@ -60,7 +61,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 		return param;
 	}
 	
-	protected void populateParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
+	protected void populateParameters(final HttpServletRequest request, IConfigurationWithSP authConfig) throws OAuth20Exception {
 		
 		// moa id - load oa with client id!
 		try {
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 9c2d47ca7..9142210c8 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -29,7 +29,7 @@ import javax.annotation.PostConstruct;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
@@ -77,11 +77,8 @@ public class SL20AuthenticationModulImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
-		ISPConfiguration spConfig = (ISPConfiguration) context.get(EAAFConstants.PROCESSCONTEXT_SP_CONFIG);
-//		if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
-//			spConfig = (IOAAuthParameters)spConfigObj;
-					
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+		ISPConfiguration spConfig = pendingReq.getServiceProviderConfiguration();					
 		String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
 		String sl20VDATypeHeader = (String)  context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index a0b759ced..9c74a3cdb 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -55,6 +55,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 	@Autowired(required=true) private IJOSETools joseTools;
 	@Autowired private AuthConfiguration moaAuthConfig;
 	
+	
 	@Override 
 	public void execute(ExecutionContext executionContext, HttpServletRequest request, HttpServletResponse response)
 			throws TaskExecutionException {
@@ -211,7 +212,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 			
 	private String extractVDAURLForSpecificOA(ISPConfiguration oaConfig, ExecutionContext executionContext) {		
 		String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);		
-		Map endPointMap = authConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+		Map endPointMap = moaAuthConfig.getBasicConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
 		if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
 			endPointMap.putAll(KeyValueUtils.convertListToMap(
 							KeyValueUtils.getListOfCSVValues(
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
index b9d08a20f..2d7e209ca 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/SSOTransferAuthModuleImpl.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.auth.modules.ssotransfer;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 
@@ -53,7 +54,7 @@ public class SSOTransferAuthModuleImpl implements AuthModule{
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {		
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {		
 		Object restoreSSOSessionObj = context.get("restoreSSOSession");
 		if (restoreSSOSessionObj != null && restoreSSOSessionObj instanceof String) {
 			boolean restoreSSOSession = (boolean) Boolean.parseBoolean((String)restoreSSOSessionObj);
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
index 4068d2d99..e50836712 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/FederatedAuthenticationModuleImpl.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.auth.modules.federatedauth;
 
+import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
@@ -45,7 +46,7 @@ public class FederatedAuthenticationModuleImpl implements AuthModule {
 	 * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.egovernment.moa.id.process.api.ExecutionContext)
 	 */
 	@Override
-	public String selectProcess(ExecutionContext context) {
+	public String selectProcess(ExecutionContext context, IRequest pendingReq) {
 		//select interfederation authentication if PERFORM_INTERFEDERATION_AUTH flag is set
 		Object performfedAuthObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH);
 		if (performfedAuthObj != null && performfedAuthObj instanceof Boolean) {
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index d0d97e9e8..a798679d7 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -36,6 +36,7 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import at.gv.egiz.eaaf.core.api.data.ILoALevelMapper;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
@@ -64,6 +65,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
 	@Autowired FederatedAuthCredentialProvider credential;
 	@Autowired(required=true) MOAMetadataProvider metadataProvider;
 	@Autowired(required=true) ILoALevelMapper loaMapper; 
+	@Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
 	
 	/* (non-Javadoc)
 	 * @see at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.egovernment.moa.id.process.api.ExecutionContext, javax.servlet.http.HttpServletRequest, javax.servlet.http.HttpServletResponse)
@@ -82,7 +84,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
 			}
 			
 			//load IDP configuration from MOA-ID Configuration
-			IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
+			IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(idpEntityID, IOAAuthParameters.class);
 			//validate IDP
 			if (!idpConfig.isInderfederationIDP() || !idpConfig.isInboundSSOInterfederationAllowed()) {
 				Logger.info("Requested interfederation IDP " + idpEntityID + " is not valid for interfederation.");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index 6b6d1a196..7dce22d81 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -42,6 +42,7 @@ import org.opensaml.xml.security.SecurityException;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
@@ -94,6 +95,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 	@Autowired private AuthenticationDataBuilder authDataBuilder;
 	@Autowired(required=true) MOAMetadataProvider metadataProvider;
 	@Autowired(required=true) protected IAuthenticationSessionStoreage authenticatedSessionStorage;
+	@Autowired(required=true) protected IConfigurationWithSP authConfigWithSp;
 	
 	
 	/* (non-Javadoc)
@@ -150,7 +152,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			PVPSProfileResponse processedMsg = preProcessAuthResponse((PVPSProfileResponse) msg);
 			
 			//load IDP and SP configuration
-			IOAAuthParameters idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+			IOAAuthParameters idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
 			IOAAuthParameters spConfig = pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class);
 			
 			//check if response Entity is valid
@@ -224,7 +226,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			if (msg != null) {
 				IOAAuthParameters idpConfig = null;
 				try {					
-					idpConfig = authConfig.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
+					idpConfig = authConfigWithSp.getServiceProviderConfiguration(msg.getEntityID(), IOAAuthParameters.class);
 					//remove federated IDP from SSO session if exists
 					ssoManager.removeInterfederatedSSOIDP(msg.getEntityID(), request);
 					
diff --git a/pom.xml b/pom.xml
index f705d2e52..73432a4db 100644
--- a/pom.xml
+++ b/pom.xml
@@ -26,15 +26,15 @@
 
 			
 			0.3
-			1.0.8							
-			5.1.7.RELEASE
-			2.1.8.RELEASE
-			2.1.8.RELEASE
+			1.0.13.1							
+			5.2.2.RELEASE
+			2.2.3.RELEASE
+			2.2.3.RELEASE
 			2.22.0		
 			
 			2.3.1
 			2.3.0.1
-			27.1-jre
+			28.1-jre
 			
 			2.6.6 
 			1.5.6
@@ -46,8 +46,8 @@
 			5.4.3.Final
 			2.6.0 
 						
-			3.3.2			
-			2.5.20 
+			3.3.4			
+			2.5.22 
 			
 			2.0.0
 			
-- 
cgit v1.2.3