From b53d2f387282b731ea72806ec7d410a1c27a878d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Tue, 12 Jun 2018 06:25:41 +0200
Subject: add foreign bPK generation into AuthenticationDataBuilder

---
 .../main/webapp/jsp/snippets/OA/targetConfiguration.jsp   | 15 +++++++++++++++
 1 file changed, 15 insertions(+)

(limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA')

diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
index b8bd1dc02..a61ce3053 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/targetConfiguration.jsp
@@ -111,5 +111,20 @@
 	 						</s:else>
 						</div>
 					</s:if>
+					
+					<div id="oa_config_foreignbPKArea" class="oa_config_block">
+						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.foreignbpk.header", request) %></h3>
+						<s:textarea name="targetConfig.foreignbPKTargets" 
+									value="%{targetConfig.foreignbPKTargets}" 
+									labelposition="left"
+									key="webpages.oaconfig.general.foreign.sectors"
+									cssClass="textfield_long"
+									rows="6"								
+									requiredLabel="true"
+									style="height:120px;">								
+						</s:textarea>
+					
+					</div>
+					
 
 </html>
\ No newline at end of file
-- 
cgit v1.2.3


From 30e324851d67bd900471457e3c30a19b4073ec77 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Mon, 25 Jun 2018 13:22:20 +0200
Subject: add SP specific configuration for SL2.0

---
 .../data/oa/OAAuthenticationData.java              | 55 +++++++++++++++-
 .../oa/OAAuthenticationDataValidation.java         | 61 ++++++++++++++++-
 .../resources/applicationResources_de.properties   |  8 +++
 .../resources/applicationResources_en.properties   |  8 +++
 .../main/webapp/jsp/snippets/OA/authentication.jsp | 21 ++++++
 .../ServicesAuthenticationInformationTask.java     | 76 ++++++++++++++++++++++
 .../moa/id/moduls/AuthenticationManager.java       |  4 +-
 .../moa/id/commons/MOAIDAuthConstants.java         |  1 +
 .../moa/id/commons/api/IOAAuthParameters.java      |  3 +-
 .../config/ConfigurationMigrationUtils.java        | 24 +++++++
 .../config/MOAIDConfigurationConstants.java        |  3 +
 .../db/dao/config/deprecated/AuthComponentOA.java  | 38 ++++++++---
 .../moa/id/commons/utils/KeyValueUtils.java        | 26 ++++++++
 .../moa/id/auth/modules/sl20_auth/Constants.java   |  5 +-
 .../sl20_auth/SL20AuthenticationModulImpl.java     | 43 +++++++++---
 .../sl20_auth/tasks/CreateQualeIDRequestTask.java  | 37 +++++------
 16 files changed, 366 insertions(+), 47 deletions(-)

(limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA')

diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
index ad99f5d22..2f51e68b4 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAAuthenticationData.java
@@ -85,6 +85,11 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 	private boolean useTestIDLValidationTrustStore = false;
 	private boolean useTestAuthblockValidationTrustStore = false;
 	
+	
+	//SL2.0
+	private boolean sl20Active = false;
+	private String sl20EndPoints = null;
+	
 	/**
 	 * 
 	 */
@@ -253,6 +258,29 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 			useTestIDLValidationTrustStore = oaauth.getTestCredentials().isUseTestIDLTrustStore();		
 		}
 		
+		//parse SL2.0 information
+		if (oaauth.isSl20Active()) {
+			//parse SL2.0 endpoint information
+			if (oaauth.getSl20EndPoints() != null) {
+				if (KeyValueUtils.isCSVValueString(oaauth.getSl20EndPoints()))
+					sl20EndPoints = KeyValueUtils.normalizeCSVValueString(oaauth.getSl20EndPoints());
+				
+				else {
+					if (oaauth.getSl20EndPoints().contains(KeyValueUtils.CSV_DELIMITER)) {
+						//remove trailing comma if exist
+						sl20EndPoints = oaauth.getSl20EndPoints().substring(0, 
+								oaauth.getSl20EndPoints().indexOf(KeyValueUtils.CSV_DELIMITER));
+													
+					} else
+						sl20EndPoints = oaauth.getSl20EndPoints();
+					
+				}
+			}
+			sl20Active = oaauth.isSl20Active();
+			
+		}
+		
+		
 		return null;
 		
 	}
@@ -392,7 +420,10 @@ public class OAAuthenticationData implements IOnlineApplicationData {
         testing.setUseTestIDLTrustStore(useTestIDLValidationTrustStore);
         
         
-        
+        //store SL2.0 information
+        authoa.setSl20Active(isSl20Active());        
+        authoa.setSl20EndPoints(getSl20EndPoints());
+                
         return null;
 	}
 
@@ -768,6 +799,28 @@ public class OAAuthenticationData implements IOnlineApplicationData {
 	public List<String> getSzrgwServicesList() {
 		return szrgwServicesList;
 	}
+
+	
+	public boolean isSl20Active() {
+		return sl20Active;
+	}
+
+	public void setSl20Active(boolean sl20Active) {
+		this.sl20Active = sl20Active;
+	}
+
+	public String getSl20EndPoints() {
+		return sl20EndPoints;
+	}
+
+	public void setSl20EndPoints(String sl20EndPoints) {
+		if (MiscUtil.isNotEmpty(sl20EndPoints))
+			this.sl20EndPoints = 
+				KeyValueUtils.removeAllNewlineFromString(sl20EndPoints);
+		else
+			this.sl20EndPoints = sl20EndPoints;
+	}
 		
 	
+	
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
index a758088b1..32ef4a6cc 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/oa/OAAuthenticationDataValidation.java
@@ -31,6 +31,7 @@ import javax.servlet.http.HttpServletRequest;
 import org.apache.log4j.Logger;
 
 import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.commons.validation.ValidationHelper;
 import at.gv.egovernment.moa.id.configuration.data.oa.OAAuthenticationData;
 import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
@@ -187,7 +188,65 @@ public class OAAuthenticationDataValidation {
 			
 			
 		}
-				
+		
+		if (form.isSl20Active()) {
+			if (MiscUtil.isNotEmpty(form.getSl20EndPoints())) {
+				log.debug("Validate SL2.0 configuration ... ");				
+				List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(form.getSl20EndPoints());
+				if (sl20Endpoints.size() == 1) {
+					String value = sl20Endpoints.get(0);
+					
+					if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+						log.warn("SL2.0 endpoint '" + value + "' has wrong format");
+						errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+							new Object[] {value}, request ));
+												
+					} else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							!value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) {
+						log.info("Find one SL2.0 endpoint without 'default='. Start update ... ");
+						form.setSl20EndPoints(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);	
+						
+					}
+					
+				} else {
+					boolean findDefault = false;
+					for (String el : sl20Endpoints) {
+						if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+							log.warn("SL2.0 endpoint '" + el + "' has wrong format");
+							errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+								new Object[] {el}, request ));
+							
+						} else {
+							if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
+								log.debug("Find default endpoint.");
+								findDefault = true;
+								
+							} else {
+								String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
+								try {	
+									Integer.valueOf(firstPart);
+									
+								} catch (NumberFormatException e) {
+									log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
+									errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", 
+											new Object[] {el}, request ));
+									
+								}																										
+							}							
+						}
+					}
+					
+					if (!findDefault) {
+						log.warn("SL2.0 endpoints contains NO default endpoint");
+						errors.add(LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", 
+								new Object[] {}, request ));
+						
+					}
+				}								
+			}			
+		}
+		
 		return errors;
 	}
 }
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
index 2006625ff..047d4b200 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
@@ -562,3 +562,11 @@ validation.general.form.appletredirecttarget=Der RedirectTarget beinhaltet einen
 validation.general.form.fonttype=Der BKU-Auswahl Schrifttyp enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
 validation.general.form.applet.width=Die Appleth\u00F6he ist keine g\\u00FCltige Zahl.
 validation.general.form.applet.height=Die Appletbreite ist keine g\\u00FCltige Zahl.
+
+
+###new
+webpages.oaconfig.general.sl20.header=Security Layer für mobile Authententifizierung
+webpages.oaconfig.general.sl20.enable=SL2.0 aktivieren
+webpages.oaconfig.general.sl20.endpoints=VDA Endpunkt URLs
+validation.general.sl20.endpoints.default=SL2.0 Endpunkt beinhaltet keinen 'default' Endpunkt.
+validation.general.sl20.endpoints.wrong=SL2.0 Endpunkt ist ung\\u00FCltig formatiert {0}.  
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
index 694294df7..43fa0f3ae 100644
--- a/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
+++ b/id/ConfigWebTool/src/main/resources/applicationResources_en.properties
@@ -559,3 +559,11 @@ validation.general.form.appletredirecttarget=RedirectTarget contains invalud val
 validation.general.form.fonttype=Font type for CCE selection contains forbidden characters. The following characters are not allowed\: {0}
 validation.general.form.applet.width=The height of applet is invalid number.
 validation.general.form.applet.height=The width of applet is invalid number.
+
+
+###new
+webpages.oaconfig.general.sl20.header=Security Layer for mobile Authentication
+webpages.oaconfig.general.sl20.enable=Activate SL2.0
+webpages.oaconfig.general.sl20.endpoints=VDA endPoint URLs
+validation.general.sl20.endpoints.default=SL2.0 endpoint contains NO 'default'.
+validation.general.sl20.endpoints.wrong=SL2.0 endpoint {0} is not valid.  
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
index 59661091b..d2668e264 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/authentication.jsp
@@ -67,6 +67,27 @@
 					</div>
 				</s:if>	
 
+				<div class="oa_config_block">
+						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.sl20.header", request) %></h3>
+						<s:checkbox name="authOA.sl20Active" 
+								value="%{authOA.sl20Active}"
+								labelposition="left"
+								key="webpages.oaconfig.general.sl20.enable"
+								cssClass="checkbox">
+						</s:checkbox>
+						
+						<s:textarea name="authOA.sl20EndPoints" 
+									value="%{authOA.sl20EndPoints}" 
+									labelposition="left"
+									key="webpages.oaconfig.general.sl20.endpoints"
+									cssClass="textfield_long"
+									rows="3"								
+									requiredLabel="true"
+									style="height:120px;">								
+						</s:textarea>							
+				</div>
+
+
 				<div class="oa_config_block">
 						<h3><%=LanguageHelper.getGUIString("webpages.oaconfig.general.testing.header", request) %></h3>
 						
diff --git a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
index 25855dcb6..956d07c44 100644
--- a/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
+++ b/id/moa-id-webgui/src/main/java/at/gv/egovernment/moa/id/config/webgui/validation/task/impl/ServicesAuthenticationInformationTask.java
@@ -279,6 +279,82 @@ public class ServicesAuthenticationInformationTask extends AbstractTaskValidator
 					LanguageHelper.getErrorString("validation.general.szrgw.url.valid", new Object[]{check})));
 		}
 		
+		
+		
+		
+		
+		
+		check = input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);
+		if (input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED) != null && 
+				Boolean.valueOf(input.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) {
+			if (MiscUtil.isNotEmpty(check)) {
+				log.debug("Validate SL2.0 configuration ... ");				
+				List<String> sl20Endpoints = KeyValueUtils.getListOfCSVValues(check);
+				if (sl20Endpoints.size() == 1) {
+					String value = sl20Endpoints.get(0);
+					
+					if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							value.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+						log.warn("SL2.0 endpoint '" + value + "' has wrong format");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+								"SL2.0 - EndPoint URLs",
+								LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{value})));
+																				
+					} else if (!value.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER) && 
+							!value.contains(KeyValueUtils.KEYVVALUEDELIMITER) ) {
+						log.info("Find one SL2.0 endpoint without 'default='. Start updateing ... ");
+						sl20Endpoints.remove(0);
+						sl20Endpoints.add(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER + value);	
+						
+					}
+					
+				} else {
+					boolean findDefault = false;
+					for (String el : sl20Endpoints) {
+						if (!el.contains(KeyValueUtils.KEYVVALUEDELIMITER)) {
+							log.warn("SL2.0 endpoint '" + el + "' has wrong format");
+							errors.add(new ValidationObjectIdentifier(
+									MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+									"SL2.0 - EndPoint URLs",
+									LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el})));
+							
+						} else {
+							if (el.startsWith(KeyValueUtils.DEFAULT_VALUE + KeyValueUtils.KEYVVALUEDELIMITER)) {
+								log.debug("Find default endpoint.");
+								findDefault = true;
+								
+							} else {
+								String firstPart = el.split(KeyValueUtils.KEYVVALUEDELIMITER)[0];
+								try {	
+									Integer.valueOf(firstPart);
+									
+								} catch (NumberFormatException e) {
+									log.warn("SL2.0 endpoint '" + el + "' has wrong format", e);
+									errors.add(new ValidationObjectIdentifier(
+											MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+											"SL2.0 - EndPoint URLs",
+											LanguageHelper.getErrorString("validation.general.sl20.endpoints.wrong", new Object[]{el})));
+									
+								}																										
+							}							
+						}
+					}
+					
+					if (!findDefault) {
+						log.warn("SL2.0 endpoints contains NO default endpoint");
+						errors.add(new ValidationObjectIdentifier(
+								MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, 
+								"SL2.0 - EndPoint URLs",
+								LanguageHelper.getErrorString("validation.general.sl20.endpoints.default", new Object[]{})));
+						
+					}
+				}								
+			}			
+		}
+		
+		
+		
 		if (!errors.isEmpty())
 			throw new ConfigurationTaskValidationException(errors);
 				
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index e093ce1e2..db0170e54 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -476,7 +476,9 @@ public class AuthenticationManager extends MOAIDAuthConstants {
 		try {
 			//put pending-request ID on execurtionContext
 			executionContext.put(MOAIDAuthConstants.PARAM_TARGET_PENDINGREQUESTID, pendingReq.getRequestID());			
-						
+			executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG, pendingReq.getOnlineApplicationConfiguration());
+			
+			
 			// create process instance
 			String processDefinitionId = ModuleRegistration.getInstance().selectProcess(executionContext);
 
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
index 6f6735d48..58f930590 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/MOAIDAuthConstants.java
@@ -190,6 +190,7 @@ public class MOAIDAuthConstants extends MOAIDConstants{
   public static final String PROCESSCONTEXT_ISLEGACYREQUEST = "isLegacyRequest";
   public static final String PROCESSCONTEXT_UNIQUE_OA_IDENTFIER = "uniqueSPId";
   public static final String PROCESSCONTEXT_SSL_CLIENT_CERTIFICATE = MOASESSION_DATA_HOLDEROFKEY_CERTIFICATE;
+  public static final String PROCESSCONTEXT_SP_CONFIG = "spConfig";
   
   //General protocol-request data-store keys
   public static final String AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE = "authProces_SecurityLayerTemplate";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
index 332764edf..4e697f099 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/api/IOAAuthParameters.java
@@ -22,6 +22,7 @@
  */
 package at.gv.egovernment.moa.id.commons.api;
 
+import java.io.Serializable;
 import java.security.PrivateKey;
 import java.util.Collection;
 import java.util.List;
@@ -37,7 +38,7 @@ import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
  * @author tlenz
  *
  */
-public interface IOAAuthParameters {
+public interface IOAAuthParameters extends Serializable{
 
 	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_INTERNAL = "configuration.restrictions.baseID.idpProcessing";
 	public static final String CONFIG_KEY_RESTRICTIONS_BASEID_TRANSMISSION = "configuration.restrictions.baseID.spTransmission";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
index 48d64225c..f42c1eb69 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/ConfigurationMigrationUtils.java
@@ -181,12 +181,26 @@ public class ConfigurationMigrationUtils {
 			else
 				result.put(MOAIDConfigurationConstants.SERVICE_AUTH_TARGET_FOREIGN, StringUtils.EMPTY);
 			
+						
 			//convert selected SZR-GW service
 			if (MiscUtil.isNotEmpty(oa.getSelectedSZRGWServiceURL()))
 				result.put(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL, oa.getSelectedSZRGWServiceURL());
 			
 	        AuthComponentOA oaauth = oa.getAuthComponentOA();
 			if (oaauth != null) {
+			
+				//convert SL20 infos
+				if (oaauth.isSl20Active() != null)
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, oaauth.isSl20Active().toString());
+				else
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED, Boolean.FALSE.toString());
+				
+				if (MiscUtil.isNotEmpty(oaauth.getSl20EndPoints()))
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, oaauth.getSl20EndPoints());
+				else
+					result.put(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS, StringUtils.EMPTY);
+				
+				
 				
 				//convert business identifier
 				IdentificationNumber idnumber = oaauth.getIdentificationNumber();
@@ -777,6 +791,16 @@ public class ConfigurationMigrationUtils {
 	        	
 	        }
 
+	        //set SL20 things
+	        if (MiscUtil.isNotEmpty(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)))
+	        	authoa.setSl20Active(Boolean.valueOf(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)));
+	        else 
+	        	authoa.setSl20Active(false);
+	        
+	        authoa.setSl20EndPoints(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS));
+	        
+	        
+	        
 	        dbOA.setSelectedSZRGWServiceURL(oa.get(MOAIDConfigurationConstants.SERVICE_EXTERNAL_SZRGW_SERVICE_URL));
 
 	        dbOA.setMandateServiceSelectionTemplateURL(oa.get(MOAIDConfigurationConstants.SERVICE_AUTH_TEMPLATES_ELGAMANDATESERVICESELECTION_URL));
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
index 8b52e4e0c..9d5553277 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/config/MOAIDConfigurationConstants.java
@@ -84,6 +84,9 @@ public final class MOAIDConfigurationConstants extends MOAIDConstants {
 	public static final String SERVICE_AUTH_BKU_AUTHBLOCKTEXT = AUTH + ".authblock.additionaltext";
 	public static final String SERVICE_AUTH_BKU_AUTHBLOCK_REMOVEBPK = AUTH + ".authblock.removebPK";
 
+	public static final String SERVICE_AUTH_SL20_ENABLED = AUTH + ".sl20.enabled";
+	public static final String SERVICE_AUTH_SL20_ENDPOINTS = AUTH + ".sl20.endpoints";
+	
 	private static final String SERVICE_AUTH_TEMPLATES = AUTH + "." + TEMPLATES;
 	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_DATA = SERVICE_AUTH_TEMPLATES + ".bkuselection.data";
 	public static final String SERVICE_AUTH_TEMPLATES_BKUSELECTION_PREVIEW = SERVICE_AUTH_TEMPLATES + ".bkuselection.preview";
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
index 04efb0afe..852df16e6 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/dao/config/deprecated/AuthComponentOA.java
@@ -11,23 +11,17 @@ package at.gv.egovernment.moa.id.commons.db.dao.config.deprecated;
 import java.io.Serializable;
 import java.util.ArrayList;
 import java.util.List;
+
 import javax.persistence.CascadeType;
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Inheritance;
-import javax.persistence.InheritanceType;
-import javax.persistence.JoinColumn;
 import javax.persistence.ManyToOne;
 import javax.persistence.OneToMany;
-import javax.persistence.Table;
 import javax.xml.bind.annotation.XmlAccessType;
 import javax.xml.bind.annotation.XmlAccessorType;
 import javax.xml.bind.annotation.XmlAttribute;
 import javax.xml.bind.annotation.XmlElement;
+import javax.xml.bind.annotation.XmlTransient;
 import javax.xml.bind.annotation.XmlType;
+
 import org.jvnet.jaxb2_commons.lang.Equals;
 import org.jvnet.jaxb2_commons.lang.EqualsStrategy;
 import org.jvnet.jaxb2_commons.lang.HashCode;
@@ -162,6 +156,13 @@ public class AuthComponentOA
     @XmlAttribute(name = "Hjid")
     protected Long hjid;
 
+    
+    @XmlTransient
+    protected Boolean sl20Active;    
+    @XmlTransient
+    protected String sl20EndPoints;
+    
+    
     /**
      * Gets the value of the bkuurls property.
      * 
@@ -522,11 +523,28 @@ public class AuthComponentOA
     
     
     
+    
     public Long getHjid() {
         return hjid;
     }
 
-    /**
+    public Boolean isSl20Active() {
+		return sl20Active;
+	}
+
+	public void setSl20Active(Boolean sl20Active) {
+		this.sl20Active = sl20Active;
+	}
+
+	public String getSl20EndPoints() {
+		return sl20EndPoints;
+	}
+
+	public void setSl20EndPoints(String sl20EndPoints) {
+		this.sl20EndPoints = sl20EndPoints;
+	}
+
+	/**
      * Sets the value of the hjid property.
      * 
      * @param value
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
index 40ef5a23a..a206c9125 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/KeyValueUtils.java
@@ -34,6 +34,7 @@ import java.util.Set;
 
 import org.apache.commons.lang3.StringUtils;
 
+import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
@@ -44,6 +45,8 @@ public class KeyValueUtils {
 	
 	public static final String KEY_DELIMITER = ".";
 	public static final String CSV_DELIMITER = ",";
+	public static final String KEYVVALUEDELIMITER = "=";
+	public static final String DEFAULT_VALUE = "default";
 	
 	/**
 	 * Convert Java properties into a Map<String, String>
@@ -327,6 +330,29 @@ public class KeyValueUtils {
 		return list;
 	}
 	
+	/**
+	 * Convert a List of String elements to a Map of Key/Value pairs
+	 * <br>
+	 * Every List element used as a key/value pair and the '=' sign represents the delimiter between key and value 
+	 * 
+	 * @param elements List of key/value elements
+	 * @return Map of Key / Value pairs, but never null
+	 */
+	public static Map<String, String> convertListToMap(List<String> elements) {
+		Map<String, String> map = new HashMap<String, String>();
+		for (String el : elements) {
+			if (el.contains(KEYVVALUEDELIMITER)) {
+				String[] split = el.split(KEYVVALUEDELIMITER);
+				map.put(split[0], split[1]);
+				
+			} else
+				Logger.debug("Key/Value Mapper: '" + el + "' contains NO '='. Ignore it.");
+			
+		}
+		
+		return map;
+	}
+	
 	/**
 	 * This method remove all newline delimiter (\n or \r\n) from input data
 	 * 
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
index 9fcb3aa58..f474461bf 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/Constants.java
@@ -6,7 +6,8 @@ public class Constants {
 	public static final String HTTP_ENDPOINT_RESUME = "/sl20/resume";
 	
 	public static final String CONFIG_PROP_PREFIX = "modules.sl20";
-	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID = CONFIG_PROP_PREFIX + ".vda.urls.qualeID.endpoint.";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT = "default";
 	public static final String CONFIG_PROP_VDA_AUTHBLOCK_ID = CONFIG_PROP_PREFIX + ".vda.authblock.id";
 	public static final String CONFIG_PROP_VDA_AUTHBLOCK_TRANSFORMATION_ID = CONFIG_PROP_PREFIX + ".vda.authblock.transformation.id";	
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_PATH = CONFIG_PROP_PREFIX + ".security.keystore.path";
@@ -16,7 +17,7 @@ public class Constants {
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_ALIAS = CONFIG_PROP_PREFIX + ".security.encryption.alias";;
 	public static final String CONFIG_PROP_SECURITY_KEYSTORE_KEY_ENCRYPTION_PASSWORD = CONFIG_PROP_PREFIX + ".security.encryption.password";
 	
-	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT + ".";
+	public static final String CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST = CONFIG_PROP_VDA_ENDPOINT_QUALeID;
 	public static final String CONFIG_PROP_SP_LIST = CONFIG_PROP_PREFIX + ".sp.entityIds.";
 	
 	public static final String CONFIG_PROP_DISABLE_EID_VALIDATION = CONFIG_PROP_PREFIX + ".security.eID.validation.disable";
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
index 367e7b604..2c106b52e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/SL20AuthenticationModulImpl.java
@@ -27,15 +27,18 @@ import java.util.List;
 
 import javax.annotation.PostConstruct;
 
-import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egovernment.moa.id.auth.modules.AuthModule;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20Constants;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * @author tlenz
@@ -75,23 +78,43 @@ public class SL20AuthenticationModulImpl implements AuthModule {
 	 */
 	@Override
 	public String selectProcess(ExecutionContext context) {
+		Object spConfigObj = context.get(MOAIDAuthConstants.PROCESSCONTEXT_SP_CONFIG);
+		IOAAuthParameters spConfig = null;
+		if (spConfigObj != null && spConfigObj instanceof IOAAuthParameters)
+			spConfig = (IOAAuthParameters)spConfigObj;
+					
 		String sl20ClientTypeHeader = (String) context.get(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE.toLowerCase());
 		String sl20VDATypeHeader = (String)  context.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		
-		if ( StringUtils.isNotBlank(sl20ClientTypeHeader) 
-//				&& (
-//						StringUtils.isNotBlank(sl20VDATypeHeader) 
-//						//&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
-//				   ) 
-				) {
-			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");			
+		if (spConfig != null && 
+				MiscUtil.isNotEmpty(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED)) &&
+					Boolean.valueOf(spConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENABLED))) {
+			Logger.debug("SL2.0 is enabled for " + spConfig.getPublicURLPrefix());
+			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  ": " + sl20ClientTypeHeader);			
+			Logger.trace(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE +  ": " + sl20VDATypeHeader);
 			return "SL20Authentication";
 			
 		} else {
-			Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");
+			Logger.trace("SL2.0 is NOT enabled for " + spConfig.getPublicURLPrefix());
 			return null;
 			
-		}		
+		}
+		
+		
+//		if ( StringUtils.isNotBlank(sl20ClientTypeHeader) 
+////				&& (
+////						StringUtils.isNotBlank(sl20VDATypeHeader) 
+////						//&& VDA_TYPE_IDS.contains(sl20VDATypeHeader.trim())
+////				   ) 
+//				) {
+//			Logger.trace(SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");			
+//			return "SL20Authentication";
+//			
+//		} else {
+//			Logger.trace("No '" + SL20Constants.HTTP_HEADER_SL20_CLIENT_TYPE +  "' header found");
+//			return null;
+//			
+//		}		
 	}
 
 	/* (non-Javadoc)
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index b87d614c5..883ae07f2 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -39,7 +39,9 @@ import at.gv.egovernment.moa.id.auth.modules.sl20_auth.sl20.SL20JSONExtractorUti
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.id.commons.utils.HttpClientWithProxySupport;
+import at.gv.egovernment.moa.id.commons.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.process.api.ExecutionContext;
 import at.gv.egovernment.moa.id.protocols.pvp2x.utils.SAML2Utils;
 import at.gv.egovernment.moa.id.util.SSLUtils;
@@ -202,30 +204,22 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 	}
 	
 	private String extractVDAURLForSpecificOA(IOAAuthParameters oaConfig, ExecutionContext executionContext) {		
+		String spSpecificVDAEndpoints = oaConfig.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_AUTH_SL20_ENDPOINTS);		
+		Map<String, String> endPointMap = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
+		if (MiscUtil.isNotEmpty(spSpecificVDAEndpoints)) {
+			endPointMap.putAll(KeyValueUtils.convertListToMap(
+							KeyValueUtils.getListOfCSVValues(
+								KeyValueUtils.normalizeCSVValueString(spSpecificVDAEndpoints))));
+			Logger.debug("Find OA specific SL2.0 endpoints. Updating endPoint list ... ");
+			
+		} 
+		
+		Logger.trace("Find #" + endPointMap.size() + " SL2.0 endpoints ... ");
 		
-		//selection based on EntityID
-//		Map<String, String> listOfVDAs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST);
-//		Map<String, String> listOfSPs = authConfig.getBasicMOAIDConfigurationWithPrefix(Constants.CONFIG_PROP_SP_LIST);
-//		
-//		for (Entry<String, String> el : listOfSPs.entrySet()) {
-//			List<String> spEntityIds = KeyValueUtils.getListOfCSVValues(el.getValue());
-//			if (spEntityIds.contains(oaConfig.getPublicURLPrefix())) {
-//				Logger.trace("Select VDA endPoint with Id: " + el.getKey());
-//				if (listOfVDAs.containsKey(el.getKey()))					
-//					return listOfVDAs.get(el.getKey());
-//				
-//				else
-//					Logger.info("No VDA endPoint with Id: " + el.getKey());
-//				
-//			} else
-//				Logger.trace("SP list: " + el.getKey() + " does not contain OAIdentifier: " + oaConfig.getPublicURLPrefix());
-//			
-//		}
-
 		//selection based on request Header
 		String sl20VDATypeHeader = (String)  executionContext.get(SL20Constants.HTTP_HEADER_SL20_VDA_TYPE.toLowerCase());
 		if (MiscUtil.isNotEmpty(sl20VDATypeHeader)) {
-			String vdaURL = authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_LIST + sl20VDATypeHeader);
+			String vdaURL = endPointMap.get(sl20VDATypeHeader);
 			if (MiscUtil.isNotEmpty(vdaURL))
 				return vdaURL.trim();
 			
@@ -235,7 +229,8 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 		}
 		
 		Logger.info("NO SP specific VDA endpoint found. Use default VDA");
-		return authConfig.getBasicMOAIDConfiguration(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
+		return endPointMap.getOrDefault(Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT,
+				Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID + Constants.CONFIG_PROP_VDA_ENDPOINT_QUALeID_DEFAULT);
 		
 	}
 
-- 
cgit v1.2.3


From 158d41705d0f8c67a858e84bda8d2c16377cf288 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Fri, 13 Jul 2018 15:48:17 +0200
Subject: some bug fixes

---
 .../src/main/webapp/jsp/snippets/OA/stork.jsp      |   3 +-
 .../conf/moa-id/htmlTemplates/css_template.css     |  84 +++++++++++++--------
 .../conf/moa-id/htmlTemplates/loginFormFull.html   |  68 ++++++++++-------
 id/server/idserverlib/pom.xml                      |   4 +-
 .../moa/id/advancedlogging/StatisticLogger.java    |  80 +++++++++++---------
 .../id/auth/builder/AuthenticationDataBuilder.java |  10 +--
 .../builder/CreateXMLSignatureRequestBuilder.java  |   2 +-
 .../moa/id/auth/data/AuthenticationSession.java    |  22 ++++--
 .../tasks/EvaluateSSOConsentsTaskImpl.java         |  16 ++--
 .../internal/tasks/UserRestrictionTask.java        |   2 +-
 .../StartAuthentificationParameterParser.java      |   8 +-
 .../moa/id/moduls/AuthenticationManager.java       |  11 +--
 .../gv/egovernment/moa/id/moduls/SSOManager.java   |  32 +++++---
 .../storage/DBAuthenticationSessionStoreage.java   |   3 +-
 .../resources/properties/id_messages_de.properties |   6 +-
 .../protocol_response_statuscodes_de.properties    |   2 +
 .../auth/data/AuthenticationDataBuilderTest.java   |   2 +-
 ...roviderSpecificGUIFormBuilderConfiguration.java |  12 ++-
 .../moa/id/auth/frontend/utils/FormBuildUtils.java |  18 ++---
 .../moa/id/auth/AuthenticationServer.java          |  10 +--
 .../AuthenticationBlockAssertionBuilder.java       |   2 +-
 .../internal/tasks/CertificateReadRequestTask.java |   4 +-
 .../internal/tasks/CreateIdentityLinkFormTask.java |   2 +-
 .../internal/tasks/GetMISSessionIDTask.java        |   3 +-
 .../tasks/InitializeBKUAuthenticationTask.java     |   9 ++-
 .../tasks/PrepareAuthBlockSignatureTask.java       |   3 +-
 .../internal/tasks/PrepareGetMISMandateTask.java   |   3 +-
 .../tasks/VerifyAuthenticationBlockTask.java       |   3 +-
 .../internal/tasks/VerifyCertificateTask.java      |   3 +-
 .../internal/tasks/VerifyIdentityLinkTask.java     |   3 +-
 .../CreateXMLSignatureResponseValidator.java       |   4 +-
 .../tasks/CreateAuthnRequestTask.java              |  50 +++---------
 .../tasks/ReceiveAuthnResponseTask.java            |  34 +++++++--
 .../auth/modules/eIDAScentralAuth/utils/Utils.java |  45 +++++++++++
 .../tasks/FirstBKAMobileAuthTask.java              |  19 +----
 .../tasks/SecondBKAMobileAuthTask.java             |  13 +---
 .../eidas/tasks/CreateIdentityLinkTask.java        |  18 ++---
 .../eidas/tasks/ReceiveAuthnResponseTask.java      |  19 +++--
 .../moa/id/protocols/eidas/EIDASProtocol.java      |   6 +-
 .../tasks/ReceiveElgaMandateResponseTask.java      |   8 +-
 .../elgamandates/tasks/RequestELGAMandateTask.java |   4 +-
 .../oauth20/protocol/OAuth20AuthRequest.java       |   3 +-
 .../oauth20/protocol/OAuth20BaseRequest.java       |  11 +--
 .../oauth20/protocol/OAuth20Protocol.java          |   4 +-
 .../oauth20/protocol/OAuth20TokenRequest.java      |   3 +-
 .../sl20_auth/tasks/CreateQualeIDRequestTask.java  |   2 +-
 .../sl20_auth/tasks/ReceiveQualeIDTask.java        |  19 +++--
 .../sl20_auth/tasks/VerifyQualifiedeIDTask.java    |  14 ++--
 .../task/InitializeRestoreSSOSessionTask.java      |   4 +-
 .../ssotransfer/task/RestoreSSOSessionTask.java    |  14 ++--
 .../tasks/CreateAuthnRequestTask.java              |   2 +-
 .../tasks/ReceiveAuthnResponseTask.java            |  16 ++--
 .../moa/id/protocols/saml1/GetArtifactAction.java  |   6 +-
 .../moa/id/protocols/saml1/SAML1Protocol.java      |   4 +-
 .../eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar | Bin 53076 -> 53645 bytes
 .../egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar  | Bin 360335 -> 360662 bytes
 .../1.0.0/eaaf_module_pvp2_core-1.0.0.jar          | Bin 110449 -> 110555 bytes
 .../1.0.0/eaaf_module_pvp2_idp-1.0.0.jar           | Bin 35302 -> 35407 bytes
 .../1.0.0/eaaf_module_pvp2_sp-1.0.0.jar            | Bin 15649 -> 15649 bytes
 59 files changed, 411 insertions(+), 341 deletions(-)
 create mode 100644 id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java

(limited to 'id/ConfigWebTool/src/main/webapp/jsp/snippets/OA')

diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
index 76c8d069b..129b32508 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/OA/stork.jsp
@@ -22,7 +22,7 @@
 								labelposition="left" 
 								cssClass="textfield_long"/>
 								
-								
+							<!-- 	
 							<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.enabledcpeps", request) %></h4>
 							<s:checkboxlist name="storkOA.enabledCitizenCountries" list="storkOA.availableCitizenCountries" value="storkOA.enabledCitizenCountries" />
 							<h4><%=LanguageHelper.getGUIString("webpages.oaconfig.stork.attributes.header", request) %></h4>
@@ -39,6 +39,7 @@
 									</tr>
 								</s:iterator>
 							</table>
+							 -->
 						</div>
 					</div>
 				
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
index c8de82c50..f95106c5a 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/css_template.css
@@ -87,7 +87,7 @@
 			  }
 			
 			  #leftcontent {
-				 width: 300px;
+				 width: 400px;
 				 /*margin-top: 30px;*/
          margin: auto;
 			  }
@@ -99,9 +99,9 @@
         }
       
         #bkulogin {
-				  overflow:hidden;	
-          min-width: 190px;
-          min-height: 180px;
+            overflow:hidden;	
+            min-width: 190px;
+            min-height: 180px;
           /*height: 260px;*/	
 			  }
       
@@ -130,11 +130,16 @@
 				 float:left; 
 				 margin-left: 40px;
 			  }
+            #centerbutton {
+                width: 30%
+                float: middle; 
+            }
+			
 			
 			  #rightbutton {
 				 width: 30%; 
 				 float:right; 
-				 margin-right: 45px; 
+				 margin-right: 40px; 
 				 text-align: right;
 			  }
         
@@ -266,7 +271,7 @@
         } 
       }
 
-      @media screen and (max-width: 399px) and (min-width: 300px) {
+      @media screen and (max-width: 399px) and (min-width: 400px) {
         #localBKU p {
           font-size: 0.9em;
         } 
@@ -381,15 +386,14 @@
           visibility: hidden;
         }
         
-			  #leftcontent {
-			    visibility: visible;
-			    margin-bottom: 0px;
-			    text-align: left;
-			    border:none;
-          vertical-align: middle;
-          min-height: 173px;
-          min-width: 204px;
-          
+                #leftcontent {
+			     visibility: visible;
+			     margin-bottom: 0px;
+			     text-align: left;
+			     border:none;
+                vertical-align: middle;
+                min-height: 173px;
+                min-width: 204px;
 			  }
 			  
         #bku_header {
@@ -452,13 +456,14 @@
 			}
 			
 			#leftbutton  {
-				width: 35%; 
+				width: 30%; 
 				float:left; 
 				margin-left: 15px;
 			}
+
 			
 			#rightbutton {
-				width: 35%; 
+				width: 30%; 
 				float:right; 
 				margin-right: 25px; 
 				text-align: right;
@@ -479,12 +484,17 @@
         padding-top: 4%;
         height: 10%;
         position: relative;
-        text-align: center;
+        text-align: left;
 			}
       
       .verticalcenter {
         vertical-align: middle;
       }
+
+    .mandate{
+        float: left;
+        margin-left: 4%;
+    }
       
       #mandateLogin div {
         clear: both;
@@ -509,29 +519,37 @@
 			#bkukarte {
 				float:left;
 				text-align:center;
-				width:40%;
-        min-height: 70px;
-        padding-left: 5%;
-        padding-top: 2%;
+				width:33%;
+                min-height: 90px;
+
+                padding-top: 2%;
 			}
 			
 			#bkuhandy {
-				float:right;
+				float:left;
 				text-align:center;
-				width:40%;
-        min-height: 90px;
-        padding-right: 5%;
-        padding-top: 2%;
+				width:33%;
+                min-height: 90px;
+
+                padding-top: 2%;
 			}
+            #bkueulogin {
+            float:left;
+            text-align:center;
+            width:33%;
+            min-height: 90px;
+            padding-top: 2%;
+         
+        }
 			
-      .bkuimage {
-        width: 60%;
-        height: auto;
-        margin-bottom: 10%;
-      }
+            .bkuimage {
+            width: 55%;
+            height: auto;
+            margin-bottom: 10%;
+            }
       
 			#mandate{
-				text-align:center;
+				text-align:left;
 				padding : 5px 5px 5px 5px;
 			}
       
diff --git a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
index fe9bc2166..01249537f 100644
--- a/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
+++ b/id/server/data/deploy/conf/moa-id/htmlTemplates/loginFormFull.html
@@ -4,7 +4,7 @@
 <meta content="text/html; charset=utf-8" http-equiv="Content-Type">
 
    <!-- MOA-ID 2.x BKUSelection Layout CSS -->               
-   <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID" />
+   <link rel="stylesheet" href="$contextPath/css/buildCSS?pendingid=$pendingReqID"/>
    
    <!-- MOA-ID 2.x BKUSelection JavaScript fucnctions-->
    <script src="$contextPath/js/buildJS?pendingid=$pendingReqID"></script>
@@ -26,8 +26,8 @@
 						<div id="mandateLogin" class="$MANDATEVISIBLE">
 							<div>
 								<input tabindex="1" type="checkbox" name="Mandate"
-									id="mandateCheckBox" class="verticalcenter" role="checkbox" $MANDATECHECKED>
-								<label for="mandateCheckBox" class="verticalcenter">in
+									id="mandateCheckBox" class="mandate" role="checkbox" $MANDATECHECKED>
+								<label for="mandateCheckBox" class="mandate">in
 									Vertretung anmelden</label>
 								<!--a      href="info_mandates.html" 
                         target="_blank"
@@ -37,31 +37,41 @@
 						</div>
 						<div id="bkuselectionarea">
 							<div id="bkukarte">
-								<img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU" /> 
+								<img id="bkuimage" class="bkuimage" src="$contextPath/img/karte.png" alt="OnlineBKU"/> 
                 
-                <!-- Remove support for Online BKU and swith the card button to local BKU-->
-                <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->                
+                  <!-- Remove support for Online BKU and swith the card button to local BKU-->
+                  <!--input name="bkuButtonOnline" type="button" onClick="bkuOnlineClicked();" tabindex="2" role="button" value="Karte" /-->                
                 
-                <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
-								  <input type="hidden" name="bkuURI" value="$bkuLocal" />
-								  <input type="hidden" name="useMandate" id="useMandate" /> 
-								  <input type="hidden" name="SSO" id="useSSO" /> 
-								  <input type="hidden" name="ccc" id="ccc" /> 
-								  <input type="hidden" name="pendingid" value="$pendingReqID" /> 
-                  <input type="submit" value=" Karte " tabindex="4" role="button">
-                </form>
+                  <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+								    <input type="hidden" name="bkuURI" value="$bkuLocal" />
+								    <input type="hidden" name="useMandate" id="useMandate" /> 
+								    <input type="hidden" name="SSO" id="useSSO" /> 
+								    <input type="hidden" name="ccc" id="ccc" /> 
+								    <input type="hidden" name="pendingid" value="$pendingReqID" /> 
+                    <input type="submit" value=" Karte " tabindex="5" role="button" onclick="setMandateSelection();" />
+                  </form>
                 
-                <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
+                  <iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/feature/bkuDetection?pendingid=$pendingReqID"></iframe>
                 
-                <!-- BKU detection with static template-->
-                <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->
-                                                            
-							</div>
-							<div id="bkuhandy">
-								<img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />         
-                <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
-							</div>
-						</div>
+                  <!-- BKU detection with static template-->
+                  <!--iframe name="bkudetect" width="0" height="0" scrolling="no" marginheight="0" marginwidth="0" frameborder="0" src="$contextPath/iframeLBKUdetect.html"></iframe-->                                                            
+				        </div>
+                            
+				        <div id="bkuhandy">
+				            <img class="bkuimage" src="$contextPath/img/handysign.png" alt="HandyBKU" />         
+                            <input name="bkuButtonHandy" type="button" tabindex="3" role="button" value="HANDY" />
+				        </div>
+                
+            
+				        <div id="bkueulogin" style="$STORKVISIBLE">
+				            <img class="bkuimage" src="$contextPath/img/eIDAS_small.png" alt="EULogin" />                                                        
+                    <form method="get" id="moaidform" action="$contextPath$submitEndpoint" class="verticalcenter" target="_parent">
+								      <input type="hidden" name="useeIDAS" value="true" />
+								      <input type="hidden" name="useMandate" id="useMandate" />  
+								      <input type="hidden" name="pendingid" value="$pendingReqID" /> 
+                      <input name="bkuButtonEULogin" onclick="setMandateSelection();" type="submit" role="button" value="EULogin" />
+                    </form>
+				        </div>
 						<!--div id="localBKU">
 							<form method="get" id="moaidform" action="$contextPath$submitEndpoint"
 								class="verticalcenter" target="_parent">
@@ -80,7 +90,11 @@
               <!--div id="ssoSessionTransferBlock">
                 <a href="$contextPath$submitEndpoint?pendingid=$pendingReqID&restoreSSOSession=true">>Restore SSO Session from Smartphone</a>
               </div-->
-              
+            
+                  
+                        
+            
+            <!-- 
               <div id="stork" align="center" class="$STORKVISIBLE">
                 <h2 id="tabheader" class="dunkel">Home Country Selection</h2>
                 <p>
@@ -88,9 +102,9 @@
                     $countryList
                   </select>
                   <button id="eIDASButton" name="bkuButton" type="button">Proceed</button>
-                  <!--a href="info_stork.html" target="_blank" class="infobutton">i</a-->
+                  a href="info_stork.html" target="_blank" class="infobutton">i</a
                 </p>
-              </div>
+              </div>-->
 
 						<div id="metroDetected" class="unvisible">
 							<p>Anscheinend verwenden Sie Internet Explorer im
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 9b9b13d8b..0e8b996ba 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -319,8 +319,8 @@
   			<artifactId>eaaf-core</artifactId>
   			<type>test-jar</type>
   			<classifier>tests</classifier>
-  			<version>1.0.0-snapshot</version>
-  			<scope>test</scope> 
+  			<version>1.0.0</version>
+  			<scope>test</scope>  
 		</dependency>						
 <!-- 		<dependency>
   			<groupId>org.opensaml</groupId>
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
index e92c3377a..f642cddc7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/advancedlogging/StatisticLogger.java
@@ -61,7 +61,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameterDecorator;
 import at.gv.egovernment.moa.id.data.IMOAAuthData;
-import at.gv.egovernment.moa.id.moduls.AuthenticationManager;
+import at.gv.egovernment.moa.id.moduls.SSOManager;
 import at.gv.egovernment.moa.id.storage.IAuthenticationSessionStoreage;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -142,12 +142,15 @@ public class StatisticLogger implements IStatisticLogger{
 				IMOAAuthData moaAuthData = (IMOAAuthData) authData;
 				dblog.setOatarget(moaAuthData.getBPKType());	
 
-				boolean isFederatedAuthentication = protocolRequest.getGenericData(AuthenticationManager.DATAID_INTERFEDERATIOIDP_RESPONSE) != null;
+				boolean isFederatedAuthentication = protocolRequest.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE) != null;
 				dblog.setInterfederatedSSOSession(isFederatedAuthentication);
 				
 				if (isFederatedAuthentication) {
 					dblog.setBkutype(IOAAuthParameters.INDERFEDERATEDIDP);
-					dblog.setBkuurl(protocolRequest.getGenericData(AuthenticationManager.DATAID_INTERFEDERATIOIDP_ENTITYID, String.class));
+					dblog.setBkuurl(protocolRequest.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, String.class));
+					
+				} else if (moaAuthData.isForeigner()) {
+					dblog.setBkutype(IOAAuthParameters.EIDAS);
 					
 				} else {
 					dblog.setBkuurl(moaAuthData.getBkuURL());
@@ -299,7 +302,8 @@ public class StatisticLogger implements IStatisticLogger{
 										
 				} else {
 					Logger.debug("Use MOA session information from pending-req for ErrorLogging");
-					moasession = new AuthenticationSessionWrapper(errorRequest.genericFullDataStorage()); 
+					moasession = (IAuthenticationSession) errorRequest.getSessionData(AuthenticationSessionWrapper.class);
+					
 
 					
 				}
@@ -393,45 +397,47 @@ public class StatisticLogger implements IStatisticLogger{
 	
 	private String findBKUType(String bkuURL, IOAAuthParameters dbOA) {
 		
-		if (dbOA != null) {
-			if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.HANDYBKU)))
-				return IOAAuthParameters.HANDYBKU;
-					
-			if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.LOCALBKU)))
-				return IOAAuthParameters.LOCALBKU;
-					
-			if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.THIRDBKU)))
-				return IOAAuthParameters.THIRDBKU;	
-		}
-		
-		Logger.trace("Staticic Log search BKUType from DefaultBKUs");
-		
-		try {
-			if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.THIRDBKU)))
-				return IOAAuthParameters.THIRDBKU;
+		if (bkuURL != null) {
+			if (dbOA != null) {
+				if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.HANDYBKU)))
+					return IOAAuthParameters.HANDYBKU;
+						
+				if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.LOCALBKU)))
+					return IOAAuthParameters.LOCALBKU;
+						
+				if (bkuURL.equals(dbOA.getBKUURL(OAAuthParameterDecorator.THIRDBKU)))
+					return IOAAuthParameters.THIRDBKU;	
+			}
+			
+			Logger.trace("Staticic Log search BKUType from DefaultBKUs");
 			
-			if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU)))
+			try {
+				if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.THIRDBKU)))
+					return IOAAuthParameters.THIRDBKU;
+				
+				if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.LOCALBKU)))
+					return IOAAuthParameters.LOCALBKU;
+				
+				if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU)))
+					return IOAAuthParameters.HANDYBKU;
+				
+			} catch (ConfigurationException e) {
+				Logger.info("Advanced Logging: Default BKUs read failed");
+			}
+			
+			Logger.debug("Staticic Log search BKUType from generneric Parameters");
+			
+			if (bkuURL.endsWith(GENERIC_LOCALBKU)) {
+				Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.LOCALBKU);
 				return IOAAuthParameters.LOCALBKU;
+			}
 			
-			if (bkuURL.equals(authConfig.getDefaultBKUURL(IOAAuthParameters.HANDYBKU)))
+			if (bkuURL.startsWith(GENERIC_HANDYBKU)) {
+				Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.HANDYBKU);
 				return IOAAuthParameters.HANDYBKU;
-			
-		} catch (ConfigurationException e) {
-			Logger.info("Advanced Logging: Default BKUs read failed");
-		}
-		
-		Logger.debug("Staticic Log search BKUType from generneric Parameters");
-		
-		if (bkuURL.endsWith(GENERIC_LOCALBKU)) {
-			Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.LOCALBKU);
-			return IOAAuthParameters.LOCALBKU;
+			}
 		}
 		
-		if (bkuURL.startsWith(GENERIC_HANDYBKU)) {
-			Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.HANDYBKU);
-			return IOAAuthParameters.HANDYBKU;
-		}
-				
 		Logger.debug("BKUURL " + bkuURL + " is mapped to " + IOAAuthParameters.AUTHTYPE_OTHERS);
 		return IOAAuthParameters.AUTHTYPE_OTHERS;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
index a13455972..2c14af463 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationDataBuilder.java
@@ -129,12 +129,12 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 	public IAuthData buildAuthenticationData(IRequest pendingReq) throws EAAFAuthenticationException {
 		try {
 			return buildAuthenticationData(pendingReq, 
-					new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage()),
+					pendingReq.getSessionData(AuthenticationSessionWrapper.class),
 					pendingReq.getServiceProviderConfiguration(OAAuthParameterDecorator.class));
 			
 		} catch (ConfigurationException | BuildException | WrongParametersException | DynamicOABuildException | EAAFBuilderException e) {
 			Logger.warn("Can not build authentication data from session information");
-			throw new EAAFAuthenticationException("TODO", new Object[]{}, e);
+			throw new EAAFAuthenticationException("builder.11", new Object[]{}, e);
 			
 		}
 		
@@ -186,14 +186,14 @@ public class AuthenticationDataBuilder extends AbstractAuthenticationDataBuilder
 		if (oaParam.isSTORKPVPGateway())
 			oaParam = DynamicOAAuthParameterBuilder.buildFromAuthnRequest(oaParam, pendingReq);
 				
-		Boolean isMinimalFrontChannelResp = pendingReq.getGenericData(
+		Boolean isMinimalFrontChannelResp = pendingReq.getRawData(
 				MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, Boolean.class);
 		if (isMinimalFrontChannelResp != null && isMinimalFrontChannelResp) {
 			//only set minimal response attributes			
 			authdata.setQAALevel(
-					pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
+					pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, String.class));
 			authdata.setBPK(
-					pendingReq.getGenericData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
+					pendingReq.getRawData(MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, String.class));
 						
 		} else {
 			//build AuthenticationData from MOASession
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
index a43e6a7fb..399ecc022 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/CreateXMLSignatureRequestBuilder.java
@@ -191,7 +191,7 @@ public class CreateXMLSignatureRequestBuilder implements Constants {
 		String sectorName = null;
 		
 		
-		String saml1Target = pendingReq.getGenericData(
+		String saml1Target = pendingReq.getRawData(
 				MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
 		if (MiscUtil.isNotEmpty(saml1Target)) {
 			target = saml1Target;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 926bfe242..cadaec2a0 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -45,6 +45,7 @@ import java.util.Date;
 import java.util.HashMap;
 import java.util.List;
 import java.util.Map;
+import java.util.Map.Entry;
 
 import org.apache.commons.collections4.map.HashedMap;
 
@@ -235,13 +236,17 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
 	 */
 	@Override
 	public X509Certificate getSignerCertificate() {
-		try {
-			return new X509Certificate(signerCertificate);
-		}
-		catch (CertificateException e) {
-			Logger.warn("Signer certificate can not be loaded from session database!", e);
-			return null;
+		if (signerCertificate != null && signerCertificate.length > 0) {
+			try {
+				return new X509Certificate(signerCertificate);
+			}
+			catch (CertificateException e) {
+				Logger.warn("Signer certificate can not be loaded from session database!", e);
+			
+			}
 		}
+		
+		return null;
 	}
 	
 	/* (non-Javadoc)
@@ -665,8 +670,9 @@ public class AuthenticationSession implements Serializable, IAuthenticationSessi
 		result.put(VALUE_SIGNER_CERT, getSignerCertificate());
 		result.put(VALUE_VERIFYSIGRESP, getXMLVerifySignatureResponse());
 		
-		result.putAll(genericSessionDataStorate);
-		
+		for (Entry<String, Object> el : genericSessionDataStorate.entrySet()) 
+			result.put(GENERIC_PREFIX + el.getKey(), el.getValue());
+				
 		return Collections.unmodifiableMap(result);
 	}	
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
index b976cba9e..375b144d7 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/EvaluateSSOConsentsTaskImpl.java
@@ -78,13 +78,8 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
 			//defaultTaskInitialization(request, executionContext);
 			
 			//check SSO session cookie and MOASession object
-			String ssoId = ssoManager.getSSOSessionID(request);
-			boolean isValidSSOSession = ssoManager.isValidSSOSession(ssoId, pendingReq);
-
-			//load MOA SSO-session from database
-			AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
-			
-			if (!(isValidSSOSession && ssoMOSSession.isAuthenticated() )) {
+			String ssoId = ssoManager.getSSOSessionID(request);			
+			if (!(ssoManager.isValidSSOSession(ssoId, pendingReq))) {
 				Logger.info("Single Sign-On consents evaluator found NO valid SSO session. Stopping authentication process ...");
 				throw new AuthenticationException("auth.30", null);
 				
@@ -95,9 +90,12 @@ public class EvaluateSSOConsentsTaskImpl extends AbstractAuthServletTask {
 						
 			//user allow single sign-on authentication
 			if (ssoConsents) {
-								
+				//load MOA SSO-session from database
+				AuthenticationSession ssoMOSSession = authenticatedSessionStorage.getInternalSSOSession(pendingReq.getInternalSSOSessionIdentifier());
+
+				
 				//Populate this pending request with SSO session information
-				pendingReq.setGenericDataToSession(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
+				pendingReq.setRawDataToTransaction(ssoMOSSession.getKeyValueRepresentationFromAuthSession());;
 				
 				//authenticate pending-request
 				pendingReq.setAuthenticated(true);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
index 7d9a2c28c..acaf21682 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/UserRestrictionTask.java
@@ -35,7 +35,7 @@ public class UserRestrictionTask extends AbstractAuthServletTask {
 			List<String> restrictedSPs = KeyValueUtils.getListOfCSVValues(authConfig.getBasicConfiguration(CONFIG_PROPS_SP_LIST));						
 			if (restrictedSPs.contains(spEntityId)) {
 				Logger.debug("SP:" + spEntityId + " has a user restrication. Check users bPK ... ");				
-				AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+				AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
 				
 				//check if user idl is already loaded
 				if (moasession.getIdentityLink() == null) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
index 0e1e1bf12..ead80b117 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/parser/StartAuthentificationParameterParser.java
@@ -138,8 +138,8 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 				resultTargetFriendlyName = targetFriendlyNameConfig;
 					
 			//set info's into request-context. (It's required to support SAML1 requested target parameters)			
-			protocolReq.setGenericDataToSession(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
-			protocolReq.setGenericDataToSession(
+			protocolReq.setRawDataToTransaction(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, resultTarget);
+			protocolReq.setRawDataToTransaction(
 					MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, resultTargetFriendlyName);
 			
 		} else {
@@ -206,7 +206,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    if (!ParamValidatorUtils.isValidTemplate(req, templateURL, oaParam.getTemplateURL()))
 		       throw new WrongParametersException("StartAuthentication", PARAM_TEMPLATE, "auth.12");
 	    
-	    protocolReq.setGenericDataToSession(
+	    protocolReq.setRawDataToTransaction(
 	    		MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, 
 	    		templateURL);
 	    
@@ -248,7 +248,7 @@ public class StartAuthentificationParameterParser extends MOAIDAuthConstants{
 	    oaURL = pendingReq.getSPEntityId();
 	    
 	    //only needed for SAML1
-	    String target = pendingReq.getGenericData("saml1_target", String.class);
+	    String target = pendingReq.getRawData("saml1_target", String.class);
 	    	    
 	    parse(moasession, target, oaURL, bkuURL, templateURL, useMandate, ccc, req, pendingReq);
 	    
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index 6544766b2..77abe07af 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -60,12 +60,9 @@ import at.gv.egovernment.moa.util.MiscUtil;
 @Service("MOAID_AuthenticationManager")
 public class AuthenticationManager extends AbstractAuthenticationManager {
 
-	public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL";
-	public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse";
-	public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes";
-	public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID";	
 	public static final String eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE = "eIDAS_LoA";
-		
+	public static final String DATAID_REQUESTED_ATTRIBUTES = "requestedAttributes";	
+	
 	public static final String MOA_SESSION = "MoaAuthenticationSession";
 	public static final String MOA_AUTHENTICATED = "MoaAuthenticated";
 
@@ -167,13 +164,13 @@ public class AuthenticationManager extends AbstractAuthenticationManager {
 		//set interfederation authentication flag
 		executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_INTERFEDERATION_AUTH, 
 				MiscUtil.isNotEmpty(
-						pendingReq.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class)));
+						pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class)));
 		
 		//set legacy mode or BKU-selection flags
 		boolean leagacyMode = (legacyallowed && legacyparamavail);			
 		executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_ISLEGACYREQUEST, leagacyMode);
 		executionContext.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, !leagacyMode 
-				&& MiscUtil.isEmpty(pendingReq.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class)));
+				&& MiscUtil.isEmpty(pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class)));
 				
 		//add additional http request parameter to context
 		if (leagacyMode) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 97c4f40cd..b5005d0c9 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -23,6 +23,8 @@
 package at.gv.egovernment.moa.id.moduls;
 
 import java.util.Date;
+import java.util.Map;
+import java.util.Map.Entry;
 
 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
@@ -73,9 +75,10 @@ public class SSOManager implements ISSOManager {
 	
 	private static final int INTERFEDERATIONCOOKIEMAXAGE = 5 * 60;// sec
 
-	public static final String DATAID_INTERFEDERATIOIDP_URL = "INTERFEDERATIOIDP_URL";
-	public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "INTERFEDERATIOIDP_RESPONSE";
-	public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "INTERFEDERATIOIDP_ENTITYID";
+	public static final String DATAID_INTERFEDERATIOIDP_URL = "interIDPURL";
+	public static final String DATAID_INTERFEDERATIOIDP_RESPONSE = "interIDPResponse";
+	public static final String DATAID_INTERFEDERATIOIDP_ENTITYID = "interIDPEntityID";	
+	
 	
 	@Autowired private IAuthenticationSessionStoreage authenticatedSessionStore;
 	@Autowired private AuthConfiguration authConfig;
@@ -166,8 +169,17 @@ public class SSOManager implements ISSOManager {
 				Logger.debug("Found authenticated MOASession with provided SSO-Cookie.");
 				revisionsLogger.logEvent(pendingReq, EVENT_SSO_SESSION_VALID);
 				
-				Logger.trace("Populatint pending request with SSO session information .... ");						
-				pendingReq.setGenericDataToSession(ssoMOASession.getKeyValueRepresentationFromAuthSession());
+				Logger.trace("Populatint pending request with SSO session information .... ");
+				Map<String, Object> fullSSOData = ssoMOASession.getKeyValueRepresentationFromAuthSession();
+				if (Logger.isTraceEnabled()) {
+					Logger.trace("Full SSO DataSet:  ");
+					for (Entry<String, Object> el : fullSSOData.entrySet()) {
+						Logger.trace("  Key: " + el.getKey() + " Value: " + el.getValue());
+						
+					}
+					
+				}				
+				pendingReq.setRawDataToTransaction(fullSSOData);
 				pendingReq.setAuthenticated(true);
 							
 			}
@@ -301,7 +313,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 		String interIDP = httpReq.getParameter(MOAIDAuthConstants.INTERFEDERATION_IDP);
 
 		String interfederationIDP = 
-				protocolRequest.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class);
+				protocolRequest.getRawData(DATAID_INTERFEDERATIOIDP_URL, String.class);
 		if (MiscUtil.isNotEmpty(interfederationIDP)) {
 			Logger.debug("Protocolspecific preprocessing already set interfederation IDP " + interfederationIDP);
 			return;
@@ -313,14 +325,14 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 			RequestImpl moaReq = (RequestImpl) protocolRequest;
 			if (MiscUtil.isNotEmpty(interIDP)) {
 				Logger.info("Receive SSO request for interfederation IDP " + interIDP);
-				moaReq.setGenericDataToSession(DATAID_INTERFEDERATIOIDP_URL, interIDP);
+				moaReq.setRawDataToTransaction(DATAID_INTERFEDERATIOIDP_URL, interIDP);
 				
 			} else {
 				//check if IDP cookie is set
 				String cookie = getValueFromCookie(httpReq, SSOINTERFEDERATION);
 				if (MiscUtil.isNotEmpty(cookie)) {
 					Logger.info("Receive SSO request for interfederated IDP from Cookie " + cookie);
-					moaReq.setGenericDataToSession(DATAID_INTERFEDERATIOIDP_URL, cookie);
+					moaReq.setRawDataToTransaction(DATAID_INTERFEDERATIOIDP_URL, cookie);
 				
 					deleteCookie(httpReq, httpResp, SSOINTERFEDERATION);									
 				}				
@@ -367,7 +379,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 				//in case of federated SSO session, jump to federated IDP for authentication
 				
 				String interfederationIDP = 
-						protocolRequest.getGenericData(DATAID_INTERFEDERATIOIDP_URL, String.class);
+						protocolRequest.getRawData(DATAID_INTERFEDERATIOIDP_URL, String.class);
 				
 				if (MiscUtil.isEmpty(interfederationIDP)) {
 					InterfederationSessionStore selectedIDP = authenticatedSessionStore.searchInterfederatedIDPFORSSOWithMOASession(storedSession.getSessionid());
@@ -375,7 +387,7 @@ public void updateSSOSession(IRequest pendingReq, String newSSOSessionId, SLOInf
 					if (selectedIDP != null) {				
 						//no local SSO session exist -> request interfederated IDP
 						Logger.info("SSO Session refer to federated IDP: " + selectedIDP.getIdpurlprefix());
-						protocolRequest.setGenericDataToSession(
+						protocolRequest.setRawDataToTransaction(
 								DATAID_INTERFEDERATIOIDP_URL, selectedIDP.getIdpurlprefix());
 						
 					} else {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
index 0f75cf63b..405e44112 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/storage/DBAuthenticationSessionStoreage.java
@@ -95,7 +95,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 			dbsession.setAdditionalInformationBytes(mapper.serialize(sessionExt).getBytes("UTF-8"));
 		
 			AuthenticationSession session = new AuthenticationSession(id, now, 
-					new AuthenticationSessionWrapper(target.genericFullDataStorage()));
+					(IAuthenticationSession)target.getSessionData(AuthenticationSessionWrapper.class));
 			encryptSession(session, dbsession);
 		
 			//store AssertionStore element to Database
@@ -341,6 +341,7 @@ public class DBAuthenticationSessionStoreage implements IAuthenticationSessionSt
 				  
 		dbsession.setSSOSession(true);
 		dbsession.setSSOsessionid(externalSSOSessionID);
+		dbsession.setAuthenticated(true);
 
 		//Store MOASession
 		entityManager.merge(dbsession);
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
index 7d6730925..66b9be341 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/id_messages_de.properties
@@ -114,6 +114,7 @@ builder.07=Fehlerhaftes SecurityLayer Template.
 builder.08=Authentication process could NOT completed. Reason: {0}
 builder.09=Can not build GUI component. Reason: {0}
 builder.10=Can not create or update SSO session. SSO NOT POSSIBLE
+builder.11=Fehler beim generieren der Anmeldedaten f\u00FCr die Online Applikation
 
 service.00=Fehler beim Aufruf des Web Service: {0}
 service.01=Fehler beim Aufruf des Web Service: kein Endpoint
@@ -310,8 +311,8 @@ pvp2.25=Fehler beim Validieren der PVP2 Metadaten
 
 ##add status codes!!!!
 sp.pvp2.00=Can not build PVP AuthnRequest for {0} {1}. No valid SingleSignOnService endpoint found.
-sp.pvp2.01=Can not build PVP AuthnRequest for {0} {0}. IDP is not allowed for federated authentication.
-sp.pvp2.02=Can not build PVP AuthnRequest for {0} {0}. IDP has no (valid) metadata.
+sp.pvp2.01=Can not build PVP AuthnRequest for {0}. IDP is not allowed for federated authentication.
+sp.pvp2.02=Can not build PVP AuthnRequest for {0}. IDP has no (valid) metadata.
 sp.pvp2.03=Receive PVP Response from {0} with unsupported Binding.  
 sp.pvp2.04=Receive invalid PVP Response from {0}. No PVP metadata found.  
 sp.pvp2.05=Receive invalid PVP Response from {0} {1}. StatusCode:{2} Msg:{3}.
@@ -322,6 +323,7 @@ sp.pvp2.09=Receive invalid PVP Response from {0} {1}. StatusCodes:{2} {3} Msg:{4
 sp.pvp2.10=Receive invalid PVP Response from {0}. No valid assertion included.
 sp.pvp2.11=Receive invalid PVP Response from {0}. Assertion decryption FAILED.
 sp.pvp2.12=Receive invalid PVP Response from {0}. Msg:{1}
+sp.pvp2.13=Can not build PVP AuthnRequest for {0}. Internal processing error.
 
 oauth20.01=Fehlerhafte redirect url
 oauth20.02=Fehlender oder ung\u00FCltiger Parameter "{0}"
diff --git a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
index 5d7588dd5..b878eadf3 100644
--- a/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
+++ b/id/server/idserverlib/src/main/resources/resources/properties/protocol_response_statuscodes_de.properties
@@ -92,6 +92,7 @@ builder.07=9002
 builder.08=1008
 builder.09=9103
 builder.10=1009
+builder.11=9102
 
 service.00=4300
 service.03=4300
@@ -122,6 +123,7 @@ sp.pvp2.09=4503
 sp.pvp2.10=4502
 sp.pvp2.11=4502
 sp.pvp2.12=4502
+sp.pvp2.13=4501
  
 validator.00=1102
 validator.01=1102
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
index 16cdc9c12..1ea057186 100644
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
@@ -43,7 +43,7 @@ public class AuthenticationDataBuilderTest {
 				
 		IAuthenticationSession session = new DummyAuthSession();
 		session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL, false))).parseIdentityLink());
-		pendingReq.setGenericDataToSession(session.getKeyValueRepresentationFromAuthSession());
+		pendingReq.setRawDataToTransaction(session.getKeyValueRepresentationFromAuthSession());
 		
 		
 		IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
index 2fcec92c5..c9dcd291a 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/builder/AbstractServiceProviderSpecificGUIFormBuilderConfiguration.java
@@ -63,6 +63,7 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration
 	
 	public static final String PARAM_OANAME = "OAName";
 	public static final String PARAM_COUNTRYLIST = "countryList";
+	public static final String PARAM_EIDAS_VISIBLE = "eIDASVisible";
 	
 	protected IRequest pendingReq = null;
 	protected String templateClasspahtDir = null;
@@ -141,10 +142,15 @@ public abstract class AbstractServiceProviderSpecificGUIFormBuilderConfiguration
 					params.put(PARAM_BKU_URL_THIRD, oaParam.getBKUURL(IOAAuthParameters.THIRDBKU));
 				
 				//set eIDAS login information if requird
-				if (oaParam.isShowStorkLogin())
+				if (oaParam.isShowStorkLogin()) {
 					addCountrySelection(params, oaParam);
-				else
-					params.put(PARAM_COUNTRYLIST, "");
+					params.put(PARAM_EIDAS_VISIBLE, "");
+					
+				} else {
+					params.put(PARAM_COUNTRYLIST, "");					
+					params.put(PARAM_EIDAS_VISIBLE, FormBuildUtils.TEMPLATEVISIBLE);
+					
+				}
 				
 				FormBuildUtils.customiceLayoutBKUSelection(params, oaParam);
 								
diff --git a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
index 53ec222dc..248bde700 100644
--- a/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
+++ b/id/server/moa-id-frontend-resources/src/main/java/at/gv/egovernment/moa/id/auth/frontend/utils/FormBuildUtils.java
@@ -50,12 +50,10 @@ public class FormBuildUtils {
 	private static String PARAM_MANDATEVISIBLE = "MANDATEVISIBLE";
 	private static String PARAM_MANDATECHECKED = "MANDATECHECKED";
 
-	private static String PARAM_STORKVISIBLE = "STORKVISIBLE";
-
-	private static final String TEMPLATEVISIBLE = " unvisible";
-	private static final String TEMPLATEDISABLED =  "disabled=\"true\"";
-	private static final String TEMPLATECHECKED = "checked=\"true\"";
-	private static final String TEMPLATE_ARIACHECKED = "aria-checked=";
+	public static final String TEMPLATEVISIBLE = " unvisible";
+	public static final String TEMPLATEDISABLED =  "disabled=\"true\"";
+	public static final String TEMPLATECHECKED = "checked=\"true\"";
+	public static final String TEMPLATE_ARIACHECKED = "aria-checked=";
 	
 	
 	static {
@@ -91,12 +89,7 @@ public class FormBuildUtils {
 			
 		} else
 			params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\"");
-		
-		if (oaParam.isShowStorkLogin())
-			params.put(PARAM_STORKVISIBLE, "");
-		else
-			params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE);
-		
+				
 		//add more SP specific infos
 		setFormCustomizatenFromSP(params, oaParam);
 		
@@ -126,7 +119,6 @@ public class FormBuildUtils {
 	public static void defaultLayoutBKUSelection(Map<String, Object> params) {
 		params.put(PARAM_MANDATEVISIBLE, TEMPLATEVISIBLE);
 		params.put(PARAM_MANDATECHECKED, TEMPLATE_ARIACHECKED + "\"false\"");
-		params.put(PARAM_STORKVISIBLE, TEMPLATEVISIBLE);
 		
 		params.putAll(getDefaultMap());		
 	}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index 34567131b..a77ba45a5 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -151,7 +151,7 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 			throw new AuthenticationException("auth.00", new Object[]{pendingReq.getSPEntityId()});
 
 		//load Template
-		String templateURL = pendingReq.getGenericData(
+		String templateURL = pendingReq.getRawData(
 				MOAIDAuthConstants.AUTHPROCESS_DATA_SECURITYLAYERTEMPLATE, String.class);
 		String template = null;
 		if (MiscUtil.isNotEmpty(templateURL)) {
@@ -450,8 +450,8 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		
 		SpecificTraceLogger.trace("Req. Authblock: " + createXMLSignatureRequest);
 		SpecificTraceLogger.trace("OA config: " + pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class).toString());
-		SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
-		SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getGenericData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));	
+		SpecificTraceLogger.trace("saml1RequestedTarget: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class));
+		SpecificTraceLogger.trace("saml1RequestedFriendlyName: " + pendingReq.getRawData(MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class));	
 				
 		return createXMLSignatureRequest;
 	}
@@ -547,10 +547,10 @@ public class AuthenticationServer extends BaseAuthenticationServer {
 		String authURL = pendingReq.getAuthURL();
 		
 		@Deprecated
-		String saml1RequestedTarget = pendingReq.getGenericData(
+		String saml1RequestedTarget = pendingReq.getRawData(
 				MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
 		@Deprecated
-		String saml1RequestedFriendlyName = pendingReq.getGenericData(
+		String saml1RequestedFriendlyName = pendingReq.getRawData(
 				MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
 
 		
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
index a46c81d06..a2e03bc4e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/builder/AuthenticationBlockAssertionBuilder.java
@@ -162,7 +162,7 @@ public class AuthenticationBlockAssertionBuilder extends AuthenticationAssertion
 	  result.put(AUTHBLOCK_TEXT_PATTERN_TIME, timeformat.format(datetime.getTime()));
 	  	  
 	  //set other values from pendingReq if exists
-	  Map<?,?> processSpecificElements = pendingReq.getGenericData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
+	  Map<?,?> processSpecificElements = pendingReq.getRawData(PENDING_REQ_AUTHBLOCK_TEXT_KEY, Map.class);
 	  if (processSpecificElements != null && !processSpecificElements.isEmpty()) {
 		  Logger.debug("Find process-specific patterns for 'special AuthBlock-Text'. Start processing ...");
 		  Iterator<?> mapIterator = processSpecificElements.entrySet().iterator();
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
index f53dfae45..3eb7225a8 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CertificateReadRequestTask.java
@@ -51,8 +51,8 @@ public class CertificateReadRequestTask extends AbstractAuthServletTask {
 		Logger.debug("Send InfoboxReadRequest to BKU to get signer certificate.");
 					
 		try { 
-			//execute default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			//execute default task initialization   
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
 			boolean useMandate = moasession.isMandateUsed();
 			boolean identityLinkAvailable = BooleanUtils.isTrue((Boolean) executionContext.get("identityLinkAvailable"));	
 			if (!identityLinkAvailable && useMandate) {
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
index af8f780ec..50add6beb 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/CreateIdentityLinkFormTask.java
@@ -64,7 +64,7 @@ public class CreateIdentityLinkFormTask extends AbstractAuthServletTask {
 			throws TaskExecutionException {		
 		try { 
 			//execute default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 	    	//normal MOA-ID authentication
 	    	Logger.debug("Starting normal MOA-ID authentication");		    			    	    	
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
index af4abe813..e4966a53b 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/GetMISSessionIDTask.java
@@ -71,7 +71,7 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
 
 		try {
 			//execute default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 			//get MIS sessionID
 			String misSessionID = moasession.getMISSessionID();
@@ -120,7 +120,6 @@ public class GetMISSessionIDTask extends AbstractAuthServletTask {
 			//revisionsLogger.logMandateEventSet(pendingReq, mandate);
 									
 			//store pending request with new MOASession data information
-			pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 			requestStoreage.storePendingRequest(pendingReq);
 			
 			
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
index ab53671f2..65ae9cf91 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/InitializeBKUAuthenticationTask.java
@@ -34,6 +34,7 @@ import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.EAAFException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egiz.eaaf.core.impl.idp.controller.protocols.RequestImpl;
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
@@ -87,7 +88,9 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
 			HttpServletRequest request, HttpServletResponse response) throws EAAFException {
 		
 		Logger.info("BKU is selected -> Start BKU communication ...");			
-		AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+		//AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+		
+		AuthenticationSessionWrapper moasession = ((RequestImpl)pendingReq).getSessionData(AuthenticationSessionWrapper.class);
 		
 		boolean isLegacyRequest = false;
 		Object isLegacyRequestObj = executionContext.get("isLegacyRequest");
@@ -122,9 +125,9 @@ public class InitializeBKUAuthenticationTask extends AbstractAuthServletTask {
 				
 		    	//get Target from config or from request in case of SAML 1				
 				String target = null;
-				if (MiscUtil.isNotEmpty(pendingReq.getGenericData("saml1_target", String.class)) && 
+				if (MiscUtil.isNotEmpty(pendingReq.getRawData("saml1_target", String.class)) && 
 						pendingReq.requestedModule().equals("at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol"))
-					target = pendingReq.getGenericData("saml1_target", String.class);
+					target = pendingReq.getRawData("saml1_target", String.class);
 
 				
 		    	String bkuURL = oaParam.getBKUURL(bkuid);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
index d1d0ef086..a02032e74 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareAuthBlockSignatureTask.java
@@ -50,14 +50,13 @@ public class PrepareAuthBlockSignatureTask extends AbstractAuthServletTask {
 		
 		try {
 			//initialize task
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 			//build authBlock
 			String createXMLSignatureRequest = authServer
 					.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
 
 			//store pending request with new MOASession data information
-			pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 			requestStoreage.storePendingRequest(pendingReq);
 			
 			//write response
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
index 7c9702b8b..dd7890b7e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/PrepareGetMISMandateTask.java
@@ -71,7 +71,7 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 		//mandate Mode
 		try {
 			//perform default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 						
 			ConnectionParameterInterface connectionParameters = 
 					moaAuthConfig.getOnlineMandatesConnectionParameter(pendingReq.getServiceProviderConfiguration(IOAAuthParameters.class));	
@@ -131,7 +131,6 @@ public class PrepareGetMISMandateTask extends AbstractAuthServletTask {
 	        moasession.setMISSessionID(misSessionID.getSessiondId());
 		
 	      //store pending request with new MOASession data information
-	        pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 			requestStoreage.storePendingRequest(pendingReq);
 	        			
 			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_MANDATE_REDIRECT);
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
index 3b70c55e9..c8b562282 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyAuthenticationBlockTask.java
@@ -87,7 +87,7 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 				throw new WrongParametersException("VerifyAuthenticationBlock", PARAM_XMLRESPONSE, "auth.12");
 
 			//execute default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
 			
@@ -95,7 +95,6 @@ public class VerifyAuthenticationBlockTask extends AbstractAuthServletTask {
 			authServer.verifyAuthenticationBlock(pendingReq, moasession, createXMLSignatureResponse);
 			
 			//store pending request with new MOASession data information
-			pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 			requestStoreage.storePendingRequest(pendingReq);
 							
 		}
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
index 5b207d33e..9f1f23344 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyCertificateTask.java
@@ -77,7 +77,7 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
 				
 	    try {
 	    	//execute default task initialization
-	    	AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+	    	AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
 	    		    	
@@ -98,7 +98,6 @@ public class VerifyCertificateTask extends AbstractAuthServletTask {
 	    				authServer.getCreateXMLSignatureRequestAuthBlockOrRedirect(moasession, pendingReq);
 	    		
 	    		//store pending request with new MOASession data information
-	    		pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 				requestStoreage.storePendingRequest(pendingReq);
 	    		
 		    	CitizenCardServletUtils.writeCreateXMLSignatureRequestOrRedirect(resp, pendingReq, createXMLSignatureRequestOrRedirect, AuthenticationServer.REQ_PROCESS_VALIDATOR_INPUT, "VerifyCertificate");
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
index 99eba56c1..b7c45a032 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/internal/tasks/VerifyIdentityLinkTask.java
@@ -66,7 +66,7 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
 		
 		try {
 			//execute default task initialization
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 		
 			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_BKU_DATAURL_IP, req.getRemoteHost());
 
@@ -74,7 +74,6 @@ public class VerifyIdentityLinkTask extends AbstractAuthServletTask {
 			boolean identityLinkAvailable = authServer.verifyIdentityLink(pendingReq, moasession, parameters) != null;
 			
 			//store pending request with new MOASession data information
-			pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
 			requestStoreage.storePendingRequest(pendingReq);
 
 			//set 'identityLink exists' flag to context
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
index 01ef4ee26..ab9be7163 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/src/main/java/at/gv/egovernment/moa/id/auth/validator/CreateXMLSignatureResponseValidator.java
@@ -144,10 +144,10 @@ public class CreateXMLSignatureResponseValidator {
     IIdentityLink identityLink = session.getIdentityLink();
     
     @Deprecated
-	String saml1RequestedTarget = pendingReq.getGenericData(
+	String saml1RequestedTarget = pendingReq.getRawData(
 			MOAIDAuthConstants.AUTHPROCESS_DATA_TARGET, String.class);
 	@Deprecated
-	String saml1RequestedFriendlyName = pendingReq.getGenericData(
+	String saml1RequestedFriendlyName = pendingReq.getRawData(
 			MOAIDAuthConstants.AUTHPROCESS_DATA_TARGETFRIENDLYNAME, String.class);
 	  
 	  try {	                
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
index c3c3331e1..c1229e3ff 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/CreateAuthnRequestTask.java
@@ -29,7 +29,6 @@ import java.util.List;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
-import org.apache.commons.lang3.StringUtils;
 import org.opensaml.common.impl.SecureRandomIdentifierGenerator;
 import org.opensaml.saml2.core.Attribute;
 import org.opensaml.saml2.metadata.EntityDescriptor;
@@ -40,21 +39,20 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
-import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egiz.eaaf.modules.pvp2.api.reqattr.EAAFRequestedAttribute;
 import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
 import at.gv.egiz.eaaf.modules.pvp2.impl.utils.SAML2Utils;
+import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnRequestBuildException;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.PVPAuthnRequestBuilder;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.config.EidasCentralAuthRequestBuilderConfiguration;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthCredentialProvider;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthMetadataProvider;
-import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -92,7 +90,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
 			}
 						
 			// get entityID for central ms-specific eIDAS node 			
-			String msNodeEntityID = getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration());
+			String msNodeEntityID = Utils.getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration(), authConfig);
 			
 			
 			if (MiscUtil.isEmpty(msNodeEntityID)) {
@@ -149,48 +147,24 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
 			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
 						
 		} catch (MetadataProviderException e) {
-			throw new TaskExecutionException(pendingReq, "Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED.", e);
+			
+			throw new TaskExecutionException(pendingReq, 
+					"Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED.", 
+					new AuthnRequestBuildException("sp.pvp2.02", new Object[] {"'national central eIDASNode'"},e ));
 
 		} catch (MessageEncodingException | NoSuchAlgorithmException  | SecurityException e) {
-			Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e);
-			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+			Logger.error("Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED", e);
+			throw new TaskExecutionException(pendingReq, 
+					e.getMessage(), 
+					new AuthnRequestBuildException("sp.pvp2.13", new Object[] {"'national central eIDASNode'"},e ));
 			
 		} catch (Exception e) {
-			Logger.error("Build PVP2.1 AuthnRequest for SSO inderfederation FAILED", e);
+			Logger.error("Build PVP2.1 AuthnRequest to connect 'ms-specific eIDAS node' FAILED", e);
 			throw new TaskExecutionException(pendingReq, e.getMessage(), e);
 			
 		}
 	}
 
-	private String getCentraleIDASNodeEntityId(ISPConfiguration spConfiguration) {
-		//load from service-provider configuration
-		String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL);
-		
-		if (StringUtils.isEmpty(msNodeEntityID)) {
-			Logger.debug("No SP-specific central eIDAS-node URL. Switch to general configuration ... ");
-			if (authConfig instanceof AuthConfiguration) {
-				AuthConfiguration moaAuthConfig = (AuthConfiguration)authConfig;					
-				List<String> configuratedEntityIDs = KeyValueUtils.getListOfCSVValues(
-						moaAuthConfig.getConfigurationWithKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL));
-				
-				if (configuratedEntityIDs.size() > 0)
-					msNodeEntityID = configuratedEntityIDs.get(0);
-				else
-					Logger.info("No central eIDAS-node URL in IDP configuration. Switch to backup configuration ... ");
-				
-			} else 
-				Logger.info("Basic configuration is NOT of type '" + AuthConfiguration.class.getName()
-						+ "' Switch to generic Type ... ");
-				
-			
-			if (StringUtils.isEmpty(msNodeEntityID))
-				msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
-			
-		}
-						
-		return msNodeEntityID;
-	}
-
 	private List<EAAFRequestedAttribute> buildRequestedAttributes() {
 		List<EAAFRequestedAttribute> attributs = new ArrayList<EAAFRequestedAttribute>();
 		
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
index c034dc95e..f3eaff11a 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/tasks/ReceiveAuthnResponseTask.java
@@ -29,6 +29,7 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 import javax.xml.transform.TransformerException;
 
+import org.apache.commons.lang3.StringUtils;
 import org.opensaml.saml2.core.Response;
 import org.opensaml.saml2.core.StatusCode;
 import org.opensaml.ws.message.decoder.MessageDecodingException;
@@ -55,10 +56,12 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AssertionValidationExeption;
 import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationException;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.exception.BuildException;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthCredentialProvider;
 import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.EidasCentralAuthMetadataProvider;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils.Utils;
 import at.gv.egovernment.moa.id.commons.api.IOAAuthParameters;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEngineSP;
@@ -129,7 +132,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			PVPSProfileResponse processedMsg = preProcessAuthResponse((PVPSProfileResponse) msg);
 			
 			//validate entityId of response
-			String msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
+			String msNodeEntityID = Utils.getCentraleIDASNodeEntityId(pendingReq.getServiceProviderConfiguration(), authConfig);
 			String respEntityId = msg.getEntityID();
 			if (!msNodeEntityID.equals(respEntityId)) {
 				Logger.warn("Response Issuer is not a 'ms-specific eIDAS node'. Stopping eIDAS authentication ...");
@@ -155,23 +158,28 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 		} catch (MessageDecodingException | SecurityException e) {
 			String samlRequest = request.getParameter("SAMLRequest");			
 			Logger.warn("Receive INVALID PVP Response from 'ms-specific eIDAS node': " + samlRequest, e);
-			throw new TaskExecutionException(pendingReq, "Receive INVALID PVP Response from federated IDP", e);
+			throw new TaskExecutionException(pendingReq, "Receive INVALID PVP Response from federated IDP", 
+					new AuthnResponseValidationException("sp.pvp2.11", new Object[] {"'national central eIDASNode'"}, e));
 
 		} catch (IOException | MarshallingException | TransformerException e) {
 			Logger.warn("Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
-			throw new TaskExecutionException(pendingReq, "Processing PVP response from 'ms-specific eIDAS node' FAILED.", e);
+			throw new TaskExecutionException(pendingReq, "Processing PVP response from 'ms-specific eIDAS node' FAILED.", 
+					new AuthnResponseValidationException("sp.pvp2.12", new Object[] {"'national central eIDASNode'", e.getMessage()}, e));
 			
 		} catch (CredentialsNotAvailableException e) {
 			Logger.error("PVP response decrytion FAILED. No credential found.", e);
-			throw new TaskExecutionException(pendingReq, "PVP response decrytion FAILED. No credential found.", e);
+			throw new TaskExecutionException(pendingReq, "PVP response decrytion FAILED. No credential found.", 
+					new AuthnResponseValidationException("sp.pvp2.10", new Object[] {"'national central eIDASNode'"}, e));
 
 		} catch (AssertionValidationExeption | AuthnResponseValidationException e) {
 			Logger.info("PVP response validation FAILED. Msg:" + e.getMessage());			
-			throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
+			throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", 
+					new AuthnResponseValidationException("sp.pvp2.10", new Object[] {"'national central eIDASNode'"}, e));
 									
 		} catch (Exception e) {
 			Logger.warn("PVP response validation FAILED. Msg:" + e.getMessage(), e);			
-			throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", e);
+			throw new TaskExecutionException(pendingReq, "PVP response validation FAILED.", 
+					new AuthnResponseValidationException("sp.pvp2.12", new Object[] {"'national central eIDASNode'", e.getMessage()}, e));
 			
 		}
 
@@ -182,19 +190,29 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			//check if all attributes are include
 			if (!extractor.containsAllRequiredAttributes() 
 					&& !extractor.containsAllRequiredAttributes(EidasCentralAuthConstants.DEFAULT_REQUIRED_PVP_ATTRIBUTE_NAMES)) {
-				Logger.warn("PVP Response from federated IDP contains not all requested attributes.");
+				Logger.warn("PVP Response from 'ms-specific eIDAS node' contains not all requested attributes.");
 				throw new AssertionValidationExeption("sp.pvp2.06", new Object[]{EidasCentralAuthConstants.MODULE_NAME_FOR_LOGGING});
 				
 			}
 			
 			//copy attributes into MOASession
+			AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
 			Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
 			for (String el : includedAttrNames) {
 				String value = extractor.getSingleAttributeValue(el);				 				
-				pendingReq.setGenericDataToSession(el, value);				
+				session.setGenericDataToSession(el, value);				
 				Logger.debug("Add PVP-attribute " + el + " into MOASession");
 				
 			}
+			
+			//set foreigner flag
+			session.setForeigner(true);
+			if (extractor.getFullAssertion().getIssuer() != null && 
+					StringUtils.isNotEmpty(extractor.getFullAssertion().getIssuer().getValue()))
+				session.setBkuURL(extractor.getFullAssertion().getIssuer().getValue());
+			else
+				session.setBkuURL("eIDAS_Authentication");
+			
 												
 		} catch (AssertionValidationExeption e) {
 			throw new BuildException("builder.06", null, e);
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java
new file mode 100644
index 000000000..642008726
--- /dev/null
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/src/main/java/at/gv/egovernment/moa/id/auth/modules/eIDAScentralAuth/utils/Utils.java
@@ -0,0 +1,45 @@
+package at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.utils;
+
+import java.util.List;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+import at.gv.egovernment.moa.id.auth.modules.eIDAScentralAuth.EidasCentralAuthConstants;
+import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+import at.gv.egovernment.moa.id.commons.config.MOAIDConfigurationConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+public class Utils {
+
+	public static String getCentraleIDASNodeEntityId(ISPConfiguration spConfiguration, IConfiguration authConfig) {
+		//load from service-provider configuration
+		String msNodeEntityID = spConfiguration.getConfigurationValue(MOAIDConfigurationConstants.SERVICE_EXTERNAL_CENTRAL_EIDASNODE_SERVICE_URL);
+		
+		if (StringUtils.isEmpty(msNodeEntityID)) {
+			Logger.debug("No SP-specific central eIDAS-node URL. Switch to general configuration ... ");
+			if (authConfig instanceof AuthConfiguration) {
+				AuthConfiguration moaAuthConfig = (AuthConfiguration)authConfig;					
+				List<String> configuratedEntityIDs = KeyValueUtils.getListOfCSVValues(
+						moaAuthConfig.getConfigurationWithKey(MOAIDConfigurationConstants.GENERAL_AUTH_SERVICES_CENTRAL_EIDASNODE_URL));
+				
+				if (configuratedEntityIDs.size() > 0)
+					msNodeEntityID = configuratedEntityIDs.get(0);
+				else
+					Logger.info("No central eIDAS-node URL in IDP configuration. Switch to backup configuration ... ");
+				
+			} else 
+				Logger.info("Basic configuration is NOT of type '" + AuthConfiguration.class.getName()
+						+ "' Switch to generic Type ... ");
+				
+			
+			if (StringUtils.isEmpty(msNodeEntityID))
+				msNodeEntityID = authConfig.getBasicConfiguration(EidasCentralAuthConstants.CONFIG_PROPS_NODE_ENTITYID);
+			
+		}
+						
+		return msNodeEntityID;
+	}
+}
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
index ec43adccc..0cbf009ad 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/FirstBKAMobileAuthTask.java
@@ -29,7 +29,6 @@ import java.security.InvalidKeyException;
 import java.security.NoSuchAlgorithmException;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.KeySpec;
-import java.util.Date;
 
 import javax.crypto.BadPaddingException;
 import javax.crypto.Cipher;
@@ -57,14 +56,12 @@ import com.google.gson.JsonParser;
 import at.gv.egiz.eaaf.core.api.IRequest;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -136,9 +133,7 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
 	 * @throws MOAIDException 
 	 * @throws IOException 
 	 */
-	private void parseDemoValuesIntoMOASession(IRequest pendingReq, String eIDBlobRawB64) throws MOAIDException, IOException {
-		IAuthenticationSession moaSession = new AuthenticationSession("1235", new Date());
-		
+	private void parseDemoValuesIntoMOASession(IRequest pendingReq, String eIDBlobRawB64) throws MOAIDException, IOException {		
 		Logger.debug("Check eID blob signature  ... ");
 		byte[] eIDBlobRaw = Base64Utils.decode(eIDBlobRawB64.trim(), false);
 		
@@ -206,16 +201,14 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
 			Logger.debug("Parse eID information into MOA-Session ...");
 			byte[] rawIDL = Base64Utils.decode(idlB64, false);
 			IIdentityLink identityLink = new IdentityLinkAssertionParser(new ByteArrayInputStream(rawIDL)).parseIdentityLink();			
+			AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			moaSession.setIdentityLink(identityLink);
 			moaSession.setUseMandates(false);
 			moaSession.setForeigner(false);			
 			moaSession.setBkuURL("http://egiz.gv.at/BKA_MobileAuthTest");			
 			moaSession.setQAALevel(PVPConstants.EIDAS_QAA_SUBSTANTIAL);
 			Logger.info("Session Restore completed");
-			
-			
-			pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
-			
+									
 		} catch (MOAIDException e) {
 			throw e;
 			
@@ -243,10 +236,6 @@ public class FirstBKAMobileAuthTask extends AbstractAuthServletTask {
 			Logger.error("Can not extract mobile-app binding-certificate from eID blob.", e);
 			throw new MOAIDException("Can not extract mobile-app binding-certificate from eID blob.", null, e);
 						
-		} catch (EAAFStorageException e) {
-			Logger.error("Can not populate pending-request with eID data.", e);
-			throw new MOAIDException("Can not populate pending-request with eID data.", null, e);
-			
 		} finally {
 						
 		}
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
index 5e79aee8e..bb5700bd7 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/src/main/java/at/gv/egovernment/moa/id/auth/modules/bkamobileauthtests/tasks/SecondBKAMobileAuthTask.java
@@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth.modules.bkamobileauthtests.tasks;
 import java.io.IOException;
 import java.io.InputStream;
 import java.net.URL;
-import java.util.Date;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -40,11 +39,10 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.exception.ParseException;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.logging.Logger;
@@ -87,9 +85,8 @@ public class SecondBKAMobileAuthTask extends AbstractAuthServletTask {
 	 * @throws MOAIDException 
 	 * @throws EAAFStorageException 
 	 */
-	private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException {
-		IAuthenticationSession moaSession = new AuthenticationSession("1233", new Date());
-		
+	private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException {		
+		AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 		moaSession.setUseMandates(false);
 		moaSession.setForeigner(false);
 		
@@ -108,9 +105,7 @@ public class SecondBKAMobileAuthTask extends AbstractAuthServletTask {
 			throw new MOAIDException("IdentityLink is not parseable.", null);
 			
 		}
-			
-		pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
-		
+					
 	}
 
 }
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
index 103781470..3dea62ec4 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/CreateIdentityLinkTask.java
@@ -24,7 +24,6 @@ package at.gv.egovernment.moa.id.auth.modules.eidas.tasks;
 
 import java.io.InputStream;
 import java.text.SimpleDateFormat;
-import java.util.Date;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
@@ -42,8 +41,8 @@ import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.utils.DOMUtils;
 import at.gv.egiz.eaaf.core.impl.utils.XPathUtils;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
 import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.eIDASAttributeException;
 import at.gv.egovernment.moa.id.auth.modules.eidas.utils.SAMLEngineUtils;
@@ -73,7 +72,8 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 			throws TaskExecutionException { 
 		try{												
 			//get eIDAS attributes from MOA-Session
-			ImmutableAttributeMap eIDASAttributes = pendingReq.getGenericData(
+			AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+			ImmutableAttributeMap eIDASAttributes = moaSession.getGenericDataFromSession(
 					AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, 
 					ImmutableAttributeMap.class);
 			
@@ -161,13 +161,11 @@ public class CreateIdentityLinkTask extends AbstractAuthServletTask {
 			}
 			
 			revisionsLogger.logEvent(pendingReq, MOAIDEventConstants.AUTHPROCESS_PEPS_IDL_RECEIVED);
-			AuthenticationSession moasession = new AuthenticationSession("1234", new Date());
-			moasession.setForeigner(true);
-			moasession.setIdentityLink(identityLink);
-			moasession.setBkuURL("Not applicable (eIDASAuthentication)");
-			pendingReq.setGenericDataToSession(moasession.getKeyValueRepresentationFromAuthSession());
-			
-			
+			moaSession.setForeigner(true);
+			moaSession.setIdentityLink(identityLink);
+			moaSession.setBkuURL("Not applicable (eIDASAuthentication)");
+
+						
 			//store MOA-session to database
 			requestStoreage.storePendingRequest(pendingReq);
 		
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
index 55416e92b..1788facf0 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/auth/modules/eidas/tasks/ReceiveAuthnResponseTask.java
@@ -12,6 +12,7 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionStorageConstants;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.eidas.Constants;
 import at.gv.egovernment.moa.id.auth.modules.eidas.engine.MOAeIDASChainingMetadataProvider;
 import at.gv.egovernment.moa.id.auth.modules.eidas.exceptions.EIDASEngineException;
@@ -89,21 +90,19 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			// **********************************************************
 			
 			//update MOA-Session data with received information			
-			Logger.debug("Store eIDAS response information into MOA-session.");
-					
-			pendingReq.setGenericDataToSession(AuthProzessDataConstants.VALUE_QAALEVEL, samlResp.getLevelOfAssurance());
-			
-			pendingReq.setGenericDataToSession(
+			Logger.debug("Store eIDAS response information into MOA-session.");					
+			AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);			
+			session.setGenericDataToSession(AuthProzessDataConstants.VALUE_QAALEVEL, samlResp.getLevelOfAssurance());			
+			session.setGenericDataToSession(
 					AuthenticationSessionStorageConstants.eIDAS_ATTRIBUTELIST, 
-					samlResp.getAttributes());
-						
-			pendingReq.setGenericDataToSession(
+					samlResp.getAttributes());						
+			session.setGenericDataToSession(
 					AuthenticationSessionStorageConstants.eIDAS_RESPONSE, 
 					decSamlToken);
 			
 			//set issuer nation as PVP attribute into MOASession
-			pendingReq.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());
-						
+			session.setGenericDataToSession(PVPConstants.EID_ISSUING_NATION_NAME, samlResp.getCountry());			
+			
 			//store MOA-session to database
 			requestStoreage.storePendingRequest(pendingReq);
 			
diff --git a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
index 42ca6e507..d268dd2f6 100644
--- a/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
+++ b/id/server/modules/moa-id-module-eIDAS/src/main/java/at/gv/egovernment/moa/id/protocols/eidas/EIDASProtocol.java
@@ -350,15 +350,15 @@ public class EIDASProtocol extends AbstractAuthProtocolModulController implement
 			pendingReq.setRemoteRelayState(relayState);
 			
 			//store level of assurance
-			pendingReq.setGenericDataToSession(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE, 
+			pendingReq.setRawDataToTransaction(eIDAS_GENERIC_REQ_DATA_LEVELOFASSURENCE, 
 					eIDASSamlReq.getEidasLevelOfAssurance().stringValue());			
 			
 			//set flag if transiend identifier is requested
 			if (MiscUtil.isNotEmpty(eIDASSamlReq.getNameIdFormat()) 
 					&& eIDASSamlReq.getNameIdFormat().equals(SamlNameIdFormat.TRANSIENT.getNameIdFormat()))
-				pendingReq.setGenericDataToSession(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, true);
+				pendingReq.setRawDataToTransaction(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, true);
 			else
-				pendingReq.setGenericDataToSession(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, false);
+				pendingReq.setRawDataToTransaction(EIDASData.REQ_PARAM_eIDAS_AUTHN_TRANSIENT_ID, false);
 			
 			// - memorize requested attributes			
 			pendingReq.setEidasRequestedAttributes(eIDASSamlReq.getRequestedAttributes());
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
index 25f303816..b1db1564e 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/ReceiveElgaMandateResponseTask.java
@@ -55,6 +55,7 @@ import at.gv.egiz.eaaf.modules.pvp2.sp.exception.AuthnResponseValidationExceptio
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
 import at.gv.egovernment.moa.id.advancedlogging.MOAIDEventConstants;
 import at.gv.egovernment.moa.id.advancedlogging.MOAReversionLogger;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.elgamandates.ELGAMandatesAuthConstants;
 import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandateServiceMetadataProvider;
 import at.gv.egovernment.moa.id.auth.modules.elgamandates.utils.ELGAMandatesCredentialProvider;
@@ -162,8 +163,11 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
 			Logger.debug("Validation of PVP Response from ELGA mandate-service is complete.");
 			
 			Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+			
+			AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);			
 			for (String el : includedAttrNames) {
-				pendingReq.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
+				session.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
+				//pendingReq.setGenericDataToSession(el, extractor.getSingleAttributeValue(el));
 				Logger.debug("Add PVP-attribute " + el + " into MOASession");
 				
 			}
@@ -243,7 +247,7 @@ public class ReceiveElgaMandateResponseTask extends AbstractAuthServletTask {
 		Response samlResp = (Response) msg.getResponse();
 
 		//validate 'inResponseTo' attribute
-		String authnReqID = pendingReq.getGenericData(
+		String authnReqID = pendingReq.getRawData(
 				MOAIDAuthConstants.DATAID_INTERFEDERATION_REQUESTID, String.class);
 		String inResponseTo = samlResp.getInResponseTo();
 		
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
index 658502d2c..50fb2cb4a 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
+++ b/id/server/modules/moa-id-module-elga_mandate_service/src/main/java/at/gv/egovernment/moa/id/auth/modules/elgamandates/tasks/RequestELGAMandateTask.java
@@ -114,7 +114,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
 			EntityDescriptor entityDesc = metadataService.getEntityDescriptor(elgaMandateServiceEntityID);			
 			
 			//load MOASession from database
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 			
 			
 			//setup AuthnRequestBuilder configuration
@@ -192,7 +192,7 @@ public class RequestELGAMandateTask extends AbstractAuthServletTask {
 			
 			//set MandateReferenceValue as RequestID
 			authnReqConfig.setRequestID(moasession.getMandateReferenceValue());
-			pendingReq.setGenericDataToSession(
+			pendingReq.setRawDataToTransaction(
 					MOAIDAuthConstants.DATAID_INTERFEDERATION_REQUESTID,
 					authnReqConfig.getRequestID());
 			
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
index 40701d91d..0350a113c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20AuthRequest.java
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -159,7 +160,7 @@ public class OAuth20AuthRequest extends OAuth20BaseRequest {
 	}
 
 	@Override
-	protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+	protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
 		this.setResponseType(this.getParam(request, OAuth20Constants.PARAM_RESPONSE_TYPE, true));
 		this.setState(this.getParam(request, OAuth20Constants.PARAM_STATE, true));
 		this.setRedirectUri(this.getParam(request, OAuth20Constants.PARAM_REDIRECT_URI, true));
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
index 2ce5234ac..118de861c 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20BaseRequest.java
@@ -30,7 +30,6 @@ import javax.servlet.http.HttpServletRequest;
 
 import org.apache.commons.lang.StringEscapeUtils;
 import org.apache.commons.lang.StringUtils;
-import org.springframework.beans.factory.annotation.Autowired;
 
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
@@ -49,9 +48,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 	private static final long serialVersionUID = 1L;
 	
 	protected Set<String> allowedParameters = new HashSet<String>();
-		
-	@Autowired(required=true) protected IConfiguration authConfig;
-	
+			
 	protected String getParam(final HttpServletRequest request, final String name, final boolean isNeeded) throws OAuth20Exception {
 		String param = request.getParameter(name);
 		Logger.debug("Reading param " + name + " from HttpServletRequest with value " + param);
@@ -65,7 +62,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 		return param;
 	}
 	
-	protected void populateParameters(final HttpServletRequest request) throws OAuth20Exception {
+	protected void populateParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
 		
 		// moa id - load oa with client id!
 		try {
@@ -91,7 +88,7 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 		}
 		
 		// oAuth
-		this.populateSpecialParameters(request);
+		this.populateSpecialParameters(request, authConfig);
 		
 		// cleanup parameters
 		this.checkAllowedParameters(request);
@@ -115,6 +112,6 @@ abstract class OAuth20BaseRequest extends RequestImpl {
 		
 	}
 	
-	protected abstract void populateSpecialParameters(final HttpServletRequest request) throws OAuth20Exception;
+	protected abstract void populateSpecialParameters(final HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception;
 	
 }
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
index 30e89d15a..9f4174bf0 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20Protocol.java
@@ -79,7 +79,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 		try {			
 			pendingReq.initialize(req, authConfig);
 			pendingReq.setModule(OAuth20Protocol.NAME);		
-			pendingReq.populateParameters(req);
+			pendingReq.populateParameters(req, authConfig);
 			
 		} catch (EAAFException e) {
 			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
@@ -113,7 +113,7 @@ public class OAuth20Protocol extends AbstractAuthProtocolModulController impleme
 		try {			
 			pendingReq.initialize(req, authConfig);
 			pendingReq.setModule(OAuth20Protocol.NAME);		
-			pendingReq.populateParameters(req);
+			pendingReq.populateParameters(req, authConfig);
 			
 		} catch (EAAFException e) {
 			Logger.info("OpenID-Connect request has a validation error: " + e.getMessage());
diff --git a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
index e14914512..89e4252b1 100644
--- a/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
+++ b/id/server/modules/moa-id-module-openID/src/main/java/at/gv/egovernment/moa/id/protocols/oauth20/protocol/OAuth20TokenRequest.java
@@ -28,6 +28,7 @@ import org.springframework.beans.factory.config.BeanDefinition;
 import org.springframework.context.annotation.Scope;
 import org.springframework.stereotype.Component;
 
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
@@ -124,7 +125,7 @@ class OAuth20TokenRequest extends OAuth20BaseRequest {
 	}
 	
 	@Override
-	protected void populateSpecialParameters(HttpServletRequest request) throws OAuth20Exception {
+	protected void populateSpecialParameters(HttpServletRequest request, IConfiguration authConfig) throws OAuth20Exception {
 		this.setCode(this.getParam(request, OAuth20Constants.RESPONSE_CODE, true));
 		this.setGrantType(this.getParam(request, OAuth20Constants.PARAM_GRANT_TYPE, true));
 		this.setClientID(this.getParam(request, OAuth20Constants.PARAM_CLIENT_ID, true));
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
index fec78d88c..3408cf538 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/CreateQualeIDRequestTask.java
@@ -167,7 +167,7 @@ public class CreateQualeIDRequestTask extends AbstractAuthServletTask {
 							command, signedCommand);
 										
 					//store pending request
-					pendingReq.setGenericDataToSession(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, 
+					pendingReq.setRawDataToTransaction(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, 
 							qualeIDReqId);
 					requestStoreage.storePendingRequest(pendingReq);
 
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
index a3175713a..fc386b796 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/ReceiveQualeIDTask.java
@@ -25,7 +25,6 @@ import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
-import at.gv.egiz.eaaf.core.impl.idp.controller.AbstractAuthProtocolModulController;
 import at.gv.egiz.eaaf.core.impl.utils.DataURLBuilder;
 import at.gv.egiz.eaaf.core.impl.utils.StreamUtils;
 import at.gv.egiz.eaaf.core.impl.utils.TransactionIDUtils;
@@ -93,7 +92,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				}
 			
 				//validate reqId with inResponseTo 
-				String sl20ReqId = pendingReq.getGenericData(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class);
+				String sl20ReqId = pendingReq.getRawData(Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, String.class);
 				String inRespTo = SL20JSONExtractorUtils.getStringValue(sl20ReqObj, SL20Constants.SL20_INRESPTO, true);
 				if (sl20ReqId == null || !sl20ReqId.equals(inRespTo)) {
 					Logger.info("SL20 'reqId': " + sl20ReqId + " does NOT match to 'inResponseTo':" + inRespTo);
@@ -153,16 +152,16 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 					}
 				
 					//cache qualified eID data into pending request
-					pendingReq.setGenericDataToSession(
+					pendingReq.setRawDataToTransaction(
 							Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL, 
 							idlB64);
-					pendingReq.setGenericDataToSession(
+					pendingReq.setRawDataToTransaction(
 							Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK, 
 							authBlockB64);
-					pendingReq.setGenericDataToSession(
+					pendingReq.setRawDataToTransaction(
 							Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, 
 							ccsURL);
-					pendingReq.setGenericDataToSession(
+					pendingReq.setRawDataToTransaction(
 							Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA, 
 							LoA);
 								
@@ -176,7 +175,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				Logger.warn("SL2.0 processing error:", e);
 				if (sl20Result != null)
 					Logger.debug("Received SL2.0 result: " + sl20Result);
-				pendingReq.setGenericDataToSession(
+				pendingReq.setRawDataToTransaction(
 						Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR, 
 						new TaskExecutionException(pendingReq, "SL2.0 Authentication FAILED. Msg: " + e.getMessage(), e));
 				
@@ -185,7 +184,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				Logger.warn("SL2.0 Authentication FAILED with a generic error.", e);
 				if (sl20Result != null)
 					Logger.debug("Received SL2.0 result: " + sl20Result);
-				pendingReq.setGenericDataToSession(
+				pendingReq.setRawDataToTransaction(
 						Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR, 
 						new TaskExecutionException(pendingReq, e.getMessage(), e));
 				
@@ -246,7 +245,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 				Map<String, String> reqParameters = new HashMap<String, String>();
 				reqParameters.put(EAAFConstants.PARAM_HTTP_TARGET_PENDINGREQUESTID, pendingReq.getPendingRequestId());
 				JsonObject callReqParams = SL20JSONBuilderUtils.createCallCommandParameters(
-						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null), 
+						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_RESUME, null), 
 						SL20Constants.SL20_COMMAND_PARAM_GENERAL_CALL_METHOD_GET, 
 						false, 
 						reqParameters);
@@ -260,7 +259,7 @@ public class ReceiveQualeIDTask extends AbstractAuthServletTask {
 								
 				//build second redirect command for IDP
 				JsonObject redirectTwoParams = SL20JSONBuilderUtils.createRedirectCommandParameters(
-						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), AbstractAuthProtocolModulController.ENDPOINT_FINALIZEPROTOCOL, null), 
+						new DataURLBuilder().buildDataURL(pendingReq.getAuthURL(), Constants.HTTP_ENDPOINT_RESUME, null), 
 						redirectOneCommand, null, true);
 				JsonObject redirectTwoCommand = SL20JSONBuilderUtils.createCommand(SL20Constants.SL20_COMMAND_IDENTIFIER_REDIRECT, redirectTwoParams);
 				
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
index 403423e46..6811d1016 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/tasks/VerifyQualifiedeIDTask.java
@@ -40,7 +40,7 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 		Logger.debug("Verify qualified eID data from SL20 response .... ");
 		try {
 			//check if there was an error 
-			TaskExecutionException sl20Error = pendingReq.getGenericData(
+			TaskExecutionException sl20Error = pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_IDENTIFIER_ERROR,
 					TaskExecutionException.class);			
 			if (sl20Error != null) {
@@ -50,19 +50,19 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 			}
 			
 			//get data from pending request
-			String sl20ReqId = pendingReq.getGenericData(
+			String sl20ReqId = pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_REQID, 
 					String.class);
-			String idlB64 =  pendingReq.getGenericData(
+			String idlB64 =  pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_IDL,
 					String.class);
-			String authBlockB64 = pendingReq.getGenericData(
+			String authBlockB64 = pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_AUTHBLOCK, 
 					String.class);
-			String ccsURL = pendingReq.getGenericData(
+			String ccsURL = pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_CCSURL, 
 					String.class);
-			String LoA = pendingReq.getGenericData(
+			String LoA = pendingReq.getRawData(
 					Constants.PENDING_REQ_STORAGE_PREFIX + SL20Constants.SL20_COMMAND_PARAM_EID_RESULT_LOA, 
 					String.class);
 							
@@ -104,7 +104,7 @@ public class VerifyQualifiedeIDTask extends AbstractAuthServletTask {
 			
 			
 			//add into session
-			AuthenticationSessionWrapper moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());			
+			AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);			
 			moasession.setIdentityLink(idl);
 			moasession.setBkuURL(ccsURL);
 			//TODO: from AuthBlock
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
index 95590b51a..921e3844b 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/InitializeRestoreSSOSessionTask.java
@@ -91,8 +91,8 @@ public class InitializeRestoreSSOSessionTask extends AbstractAuthServletTask {
 			//store DH params and nonce to pending-request
 			SSOTransferContainer container = new SSOTransferContainer();
 			container.setDhParams(dhKeyIDP);
-			pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_DH, container);
-			pendingReq.setGenericDataToSession(SSOTransferConstants.PENDINGREQ_NONCE, nonce);
+			pendingReq.setRawDataToTransaction(SSOTransferConstants.PENDINGREQ_DH, container);
+			pendingReq.setRawDataToTransaction(SSOTransferConstants.PENDINGREQ_NONCE, nonce);
 						
 			//store pending-request
 			requestStoreage.storePendingRequest(pendingReq);
diff --git a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
index c7e42c8ab..90b74ebd7 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
+++ b/id/server/modules/moa-id-module-ssoTransfer/src/main/java/at/gv/egovernment/moa/id/auth/modules/ssotransfer/task/RestoreSSOSessionTask.java
@@ -27,7 +27,6 @@ import java.io.IOException;
 import java.io.PrintWriter;
 import java.math.BigInteger;
 import java.security.MessageDigest;
-import java.util.Date;
 
 import javax.crypto.Cipher;
 import javax.crypto.spec.DHPublicKeySpec;
@@ -50,13 +49,11 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.core.impl.utils.HTTPUtils;
 import at.gv.egiz.eaaf.modules.pvp2.sp.impl.utils.AssertionAttributeExtractor;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.modules.ssotransfer.SSOTransferConstants;
 import at.gv.egovernment.moa.id.auth.modules.ssotransfer.data.SSOTransferContainer;
 import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.GUIUtils;
 import at.gv.egovernment.moa.id.auth.modules.ssotransfer.utils.SSOContainerUtils;
-import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
 import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
@@ -102,8 +99,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 			
 		}
 		
-    	String nonce = pendingReq.getGenericData(SSOTransferConstants.PENDINGREQ_NONCE, String.class);
-    	SSOTransferContainer container = pendingReq.getGenericData(
+    	String nonce = pendingReq.getRawData(SSOTransferConstants.PENDINGREQ_NONCE, String.class);
+    	SSOTransferContainer container = pendingReq.getRawData(
     			SSOTransferConstants.PENDINGREQ_DH, SSOTransferContainer.class);
     	if (container == null) {
     		throw new TaskExecutionException(pendingReq, "NO DH-Params in pending-request", 
@@ -189,9 +186,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 				Logger.debug("MobileDevice is valid. --> Starting session reconstruction ...");
 		    					
 		    	//transfer SSO Assertion into MOA-Session
-				AuthenticationSession moaSession = new AuthenticationSession("1235", new Date());
+				AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
 		    	ssoTransferUtils.parseSSOContainerToMOASessionDataObject(pendingReq, moaSession, attributeExtractor);
-		    	pendingReq.setGenericDataToSession(moaSession.getKeyValueRepresentationFromAuthSession());
 		    	
 		    	// store MOASession into database
 		    	requestStoreage.storePendingRequest(pendingReq);
@@ -249,8 +245,8 @@ public class RestoreSSOSessionTask extends AbstractAuthServletTask {
 				
 			} else {
 		    	//session is valid --> load MOASession object
-
-				IAuthenticationSession moasession = new AuthenticationSessionWrapper(pendingReq.genericFullDataStorage());			    
+				AuthenticationSessionWrapper moasession = pendingReq.getSessionData(AuthenticationSessionWrapper.class); 
+								
 				DateTime moaSessionCreated = new DateTime(moasession.getSessionCreated().getTime());
 				if (moaSessionCreated.plusMinutes(1).isBeforeNow()) {
 					Logger.warn("No SSO session-container received. Stop authentication process after time-out.");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
index 20fd5ebc4..d0d97e9e8 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/CreateAuthnRequestTask.java
@@ -73,7 +73,7 @@ public class CreateAuthnRequestTask extends AbstractAuthServletTask {
 			throws TaskExecutionException {
 		try{
 			// get IDP entityID
-			String idpEntityID = pendingReq.getGenericData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class);
+			String idpEntityID = pendingReq.getRawData(SSOManager.DATAID_INTERFEDERATIOIDP_URL, String.class);
 					
 			if (MiscUtil.isEmpty(idpEntityID)) {
 				Logger.info("Interfederation not possible -> not inderfederation IDP EntityID found!");
diff --git a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
index f5af84405..6b6d1a196 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
+++ b/id/server/modules/moa-id-modules-federated_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/federatedauth/tasks/ReceiveAuthnResponseTask.java
@@ -47,6 +47,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
 import at.gv.egiz.eaaf.core.exceptions.InvalidProtocolRequestException;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.AuthProcessDataWrapper;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egiz.eaaf.modules.pvp2.api.binding.IDecoder;
 import at.gv.egiz.eaaf.modules.pvp2.exception.CredentialsNotAvailableException;
@@ -168,11 +169,11 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			//check if SP is also a federated IDP
 			if (spConfig.isInderfederationIDP()) {
 				//SP is a federated IDP  --> answer only with nameID and wait for attribute-Query
-				pendingReq.setGenericDataToSession(
+				pendingReq.setRawDataToTransaction(
 						MOAIDAuthConstants.DATAID_INTERFEDERATION_MINIMAL_FRONTCHANNEL_RESP, true);				
-				pendingReq.setGenericDataToSession(
+				pendingReq.setRawDataToTransaction(
 						MOAIDAuthConstants.DATAID_INTERFEDERATION_NAMEID, extractor.getNameID());
-				pendingReq.setGenericDataToSession(
+				pendingReq.setRawDataToTransaction(
 						MOAIDAuthConstants.DATAID_INTERFEDERATION_QAALEVEL, extractor.getQAALevel());
 
 				authenticatedSessionStorage.
@@ -195,8 +196,8 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			}
 
 			//store valid assertion into pending-request
-			pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
-			pendingReq.setGenericDataToSession(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
+			pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_RESPONSE, processedMsg);
+			pendingReq.setRawDataToTransaction(SSOManager.DATAID_INTERFEDERATIOIDP_ENTITYID, processedMsg.getEntityID());
 			
 			//store pending-request
 			requestStoreage.storePendingRequest(pendingReq);
@@ -297,6 +298,7 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 			
 			//copy attributes into MOASession
 			Set<String> includedAttrNames = extractor.getAllIncludeAttributeNames();
+			AuthProcessDataWrapper session = pendingReq.getSessionData(AuthProcessDataWrapper.class);
 			for (String el : includedAttrNames) {
 				String value = extractor.getSingleAttributeValue(el);
 				
@@ -310,13 +312,13 @@ public class ReceiveAuthnResponseTask extends AbstractAuthServletTask {
 					}					
 				} 
 				
-				pendingReq.setGenericDataToSession(el, value);				
+				session.setGenericDataToSession(el, value);				
 				Logger.debug("Add PVP-attribute " + el + " into MOASession");
 				
 			}
 			
 			//set validTo from this federated IDP response
-			pendingReq.setGenericDataToSession(
+			session.setGenericDataToSession(
 					AuthenticationSessionStorageConstants.FEDERATION_RESPONSE_VALIDE_TO, 
 					extractor.getAssertionNotOnOrAfter());
 									
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
index 92bcce24b..21dbb573a 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/GetArtifactAction.java
@@ -85,14 +85,14 @@ public class GetArtifactAction implements IAction {
 			
 			String samlArtifactBase64 = saml1server.BuildSAMLArtifact(oaParam, authData, sourceID);
 			
-			String oaTargetArea = req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class);
+			String oaTargetArea = req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class);
 			
 			if (authData.isSsoSession()) {
 				String url = req.getAuthURL() + RedirectServlet.SERVICE_ENDPOINT;
 				url = addURLParameter(url, RedirectServlet.REDIRCT_PARAM_URL, URLEncoder.encode(oaURL, "UTF-8"));
 				if (MiscUtil.isNotEmpty(oaTargetArea))
 					url = addURLParameter(url, MOAIDAuthConstants.PARAM_TARGET, 
-							URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
+							URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
 				url = addURLParameter(url, MOAIDAuthConstants.PARAM_SAMLARTIFACT, URLEncoder.encode(samlArtifactBase64, "UTF-8"));
 				url = httpResp.encodeRedirectURL(url);
 				
@@ -104,7 +104,7 @@ public class GetArtifactAction implements IAction {
 				String redirectURL = oaURL;		
 				if (MiscUtil.isNotEmpty(oaTargetArea)) {
 					redirectURL = addURLParameter(redirectURL, MOAIDAuthConstants.PARAM_TARGET,
-					URLEncoder.encode(req.getGenericData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
+					URLEncoder.encode(req.getRawData(SAML1Protocol.REQ_DATA_TARGET, String.class), "UTF-8"));
 
 				}
 				
diff --git a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index 398119a7f..30d740a2a 100644
--- a/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/modules/moa-id-modules-saml1/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -193,7 +193,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 			revisionsLogger.logEvent(pendingRequest, MOAIDEventConstants.AUTHPROTOCOL_SAML1_AUTHNREQUEST);
 			
 			if (MiscUtil.isNotEmpty(target)) {
-				pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, target);
+				pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET, target);
 				pendingRequest.setTarget(MOAIDAuthConstants.PREFIX_CDID + target);
 			
 			} else {
@@ -201,7 +201,7 @@ public class SAML1Protocol extends AbstractAuthProtocolModulController implement
 				pendingRequest.setTarget(targetArea);
 				
 				if (targetArea.startsWith(MOAIDAuthConstants.PREFIX_CDID))
-					pendingRequest.setGenericDataToSession(REQ_DATA_TARGET, 
+					pendingRequest.setRawDataToTransaction(REQ_DATA_TARGET, 
 							targetArea.substring(MOAIDAuthConstants.PREFIX_CDID.length()));
 				
 				
diff --git a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar
index e892b3f35..9edec3e82 100644
Binary files a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar and b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0-tests.jar differ
diff --git a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar
index f3f35cf39..0837eb813 100644
Binary files a/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf-core/1.0.0/eaaf-core-1.0.0.jar differ
diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar
index 6473df192..612ec0b6c 100644
Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_core/1.0.0/eaaf_module_pvp2_core-1.0.0.jar differ
diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar
index 6317fa4a4..e45f380a6 100644
Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_idp/1.0.0/eaaf_module_pvp2_idp-1.0.0.jar differ
diff --git a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar
index ff42b691e..c3251bc5f 100644
Binary files a/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar and b/repository/at/gv/egiz/eaaf/eaaf_module_pvp2_sp/1.0.0/eaaf_module_pvp2_sp-1.0.0.jar differ
-- 
cgit v1.2.3