From 90c4f8e9a6140b97469357deb906b8816f5f680c Mon Sep 17 00:00:00 2001
From: Gerwin Gsenger <g.gsenger@datentechnik-innovation.at>
Date: Thu, 29 Jan 2015 12:18:11 +0100
Subject: integrate process engine from project 'dti-process-engine'

---
 .../test/BooleanStringExpressionEvaluator.java     |  24 +
 .../process/process_engine/test/HalloWeltTask.java |  19 +
 .../process_engine/test/HelloWorldTask.java        |  19 +
 .../test/ProcessDefinitionParserTest.java          | 137 ++++++
 .../process_engine/test/ProcessEngineTest.java     |  67 +++
 .../spring/test/ExpressionContextAdapter.java      |  52 +++
 ...mpleProcessDefinitionForSAML1Authentication.xml |  54 ---
 .../SampleProcessDefinitionWithExpression1.xml     |  19 -
 .../moa/id/process/spring/test/SimplePojo.java     |  41 ++
 ...ingExpressionAwareProcessEngineTest-context.xml |  30 --
 .../SpringExpressionAwareProcessEngineTest.java    |  66 +++
 .../test/SpringExpressionEvaluatorTest-context.xml |  14 -
 .../spring/test/SpringExpressionEvaluatorTest.java |  54 +++
 .../spring/test/task/CreateSAML1AssertionTask.java |  54 +++
 .../spring/test/task/GetIdentityLinkTask.java      |  50 +++
 .../test/task/IdentityLink_Max_Mustermann.xml      |  52 ---
 .../id/process/spring/test/task/SAML1Assertion.xml | 487 ---------------------
 .../id/process/spring/test/task/SelectBKUTask.java |  33 ++
 .../spring/test/task/SignAuthBlockTask.java        |  52 +++
 .../process/spring/test/task/SignedAuthBlock.xml   | 179 --------
 .../spring/test/task/ValidateIdentityLinkTask.java |  42 ++
 .../test/task/ValidateSignedAuthBlockTask.java     |  46 ++
 ...nvalidProcessDefinition_MultipleStartEvents.xml |  22 +
 .../InvalidProcessDefinition_NoStartEvents.xml     |  16 +
 .../InvalidProcessDefinition_TransitionLoop.xml    |  21 +
 ...dProcessDefinition_TransitionRefsTransition.xml |  19 +
 ...cessDefinition_TransitionStartsFromEndEvent.xml |  19 +
 .../test/SampleProcessDefinition1.xml              |  18 +
 .../test/SampleProcessDefinition2.xml              |  21 +
 ...mpleProcessDefinitionForSAML1Authentication.xml |  54 +++
 .../SampleProcessDefinitionWithExpression1.xml     |  19 +
 ...ingExpressionAwareProcessEngineTest-context.xml |  30 ++
 .../test/SpringExpressionEvaluatorTest-context.xml |  14 +
 .../test/task/IdentityLink_Max_Mustermann.xml      |  52 +++
 .../id/process/spring/test/task/SAML1Assertion.xml | 487 +++++++++++++++++++++
 .../process/spring/test/task/SignedAuthBlock.xml   | 179 ++++++++
 36 files changed, 1727 insertions(+), 835 deletions(-)
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
 delete mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
 create mode 100644 id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
 create mode 100644 id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml

(limited to 'id/server/idserverlib/src/test')

diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java
new file mode 100644
index 000000000..c51f5fe66
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/BooleanStringExpressionEvaluator.java
@@ -0,0 +1,24 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import java.util.Objects;
+
+import org.apache.commons.lang3.BooleanUtils;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Expression evaluator that guesses the boolean value from a String. Refer to {@link BooleanUtils#toBoolean(String)}
+ * for further information.
+ * 
+ * @author tknall
+ * 
+ */
+public class BooleanStringExpressionEvaluator implements ExpressionEvaluator {
+
+	@Override
+	public boolean evaluate(ExpressionEvaluationContext expressionContext, String expression) {
+		return BooleanUtils.toBoolean(Objects.requireNonNull(expression, "Expression must not be null."));
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java
new file mode 100644
index 000000000..1a8de811b
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HalloWeltTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hallo World" text to the console.
+ * 
+ * @author tknall
+ * 
+ */
+public class HalloWeltTask implements Task {
+
+	@Override
+	public void execute(ExecutionContext executionContext) {
+		System.out.println("Hallo Welt");
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java
new file mode 100644
index 000000000..6ce3091dd
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/HelloWorldTask.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Simple task that just outputs a "Hello World" text to the console.
+ * 
+ * @author tknall
+ * 
+ */
+public class HelloWorldTask implements Task {
+
+	@Override
+	public void execute(ExecutionContext executionContext) {
+		System.out.println("Hello World");
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java
new file mode 100644
index 000000000..e20f4bfe8
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessDefinitionParserTest.java
@@ -0,0 +1,137 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.model.EndEvent;
+import at.gv.egovernment.moa.id.process.model.ProcessDefinition;
+import at.gv.egovernment.moa.id.process.model.ProcessNode;
+import at.gv.egovernment.moa.id.process.model.StartEvent;
+import at.gv.egovernment.moa.id.process.model.TaskInfo;
+import at.gv.egovernment.moa.id.process.model.Transition;
+
+public class ProcessDefinitionParserTest {
+	
+	@Test(expected = ProcessDefinitionParserException.class)
+	public void testParseInvalidProcessDefinition_MultipleStartEvents() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_MultipleStartEvents.xml")) {
+			new ProcessDefinitionParser().parse(in);
+		}
+	}
+	
+	@Test(expected = ProcessDefinitionParserException.class)
+	public void testParseInvalidProcessDefinition_TransitionLoop() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionLoop.xml")) {
+			new ProcessDefinitionParser().parse(in);
+		}
+	}
+	
+	@Test(expected = ProcessDefinitionParserException.class)
+	public void testParseInvalidProcessDefinition_TransitionStartsFromEndEvent() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionStartsFromEndEvent.xml")) {
+			new ProcessDefinitionParser().parse(in);
+		}
+	}
+	
+	@Test(expected = ProcessDefinitionParserException.class)
+	public void testParseInvalidProcessDefinition_TransitionRefsTransition() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_TransitionRefsTransition.xml")) {
+			new ProcessDefinitionParser().parse(in);
+		}
+	}
+	
+	@Test(expected = ProcessDefinitionParserException.class)
+	public void testParseInvalidProcessDefinition_NoStartEvents() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("InvalidProcessDefinition_NoStartEvents.xml")) {
+			new ProcessDefinitionParser().parse(in);
+		}
+	}
+	
+	@Test
+	public void testParseSampleProcessDefinition() throws IOException, ProcessDefinitionParserException {
+		try (InputStream in = getClass().getResourceAsStream("SampleProcessDefinition1.xml")) {
+			
+			ProcessDefinitionParser parser = new ProcessDefinitionParser();
+			ProcessDefinition pd = parser.parse(in);
+			
+			assertNotNull(pd);
+			assertEquals("SampleProcess1", pd.getId());
+			
+			// first assert tasks then transitions
+			// start event
+			StartEvent startEvent = pd.getStartEvent();
+			assertNotNull(startEvent);
+			assertEquals("start", startEvent.getId());
+			assertEquals(startEvent, pd.getProcessNode("start"));
+			// task1
+			ProcessNode processNode = pd.getProcessNode("task1");
+			assertNotNull(processNode);
+			assertTrue(processNode instanceof TaskInfo);
+			TaskInfo task1 = (TaskInfo) processNode;
+			assertEquals("task1", task1.getId());
+			assertFalse(task1.isAsync());
+			// task2 
+			processNode = pd.getProcessNode("task2");
+			assertNotNull(processNode);
+			assertTrue(processNode instanceof TaskInfo);
+			TaskInfo task2 = (TaskInfo) processNode;
+			assertEquals("task2", task2.getId());
+			assertTrue(task2.isAsync());
+			// end event
+			processNode = pd.getProcessNode("end");
+			assertNotNull(processNode);
+			assertTrue(processNode instanceof EndEvent);
+			EndEvent endEvent = (EndEvent) processNode;
+			assertEquals("end", endEvent.getId());
+			
+			// assert transitions
+			// start event
+			assertNotNull(startEvent.getIncomingTransitions());
+			assertTrue(startEvent.getIncomingTransitions().isEmpty());
+			assertNotNull(startEvent.getOutgoingTransitions());
+			assertEquals(1, startEvent.getOutgoingTransitions().size());
+			// transition from start to task1
+			Transition startToTask1 = startEvent.getOutgoingTransitions().get(0);
+			assertEquals("fromStart", startToTask1.getId());
+			assertEquals(startEvent, startToTask1.getFrom());
+			assertEquals(task1, startToTask1.getTo());
+			assertEquals("true", startToTask1.getConditionExpression());
+			// task1
+			assertNotNull(task1.getIncomingTransitions());
+			assertEquals(1, task1.getIncomingTransitions().size());
+			assertEquals(startToTask1, task1.getIncomingTransitions().get(0));
+			assertNotNull(task1.getOutgoingTransitions());
+			assertEquals(1, task1.getOutgoingTransitions().size());
+			// transition from task1 to task2
+			Transition task1ToTask2 = task1.getOutgoingTransitions().get(0);
+			assertNull(task1ToTask2.getId());
+			assertEquals(task1, task1ToTask2.getFrom());
+			assertEquals(task2, task1ToTask2.getTo());
+			assertNull(task1ToTask2.getConditionExpression());
+			// task2
+			assertNotNull(task2.getIncomingTransitions());
+			assertEquals(1, task2.getIncomingTransitions().size());
+			assertEquals(task1ToTask2, task2.getIncomingTransitions().get(0));
+			assertNotNull(task2.getOutgoingTransitions());
+			assertEquals(1, task2.getOutgoingTransitions().size());
+			// transition from task2 to end
+			Transition task2ToEnd = task2.getOutgoingTransitions().get(0);
+			assertNull(task2ToEnd.getId());
+			assertEquals(task2, task2ToEnd.getFrom());
+			assertEquals(endEvent, task2ToEnd.getTo());
+			assertNull(task2ToEnd.getConditionExpression());
+			
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java
new file mode 100644
index 000000000..04a7a659d
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/process_engine/test/ProcessEngineTest.java
@@ -0,0 +1,67 @@
+package at.gv.egovernment.moa.id.process.process_engine.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.ENDED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.SUSPENDED;
+import static org.junit.Assert.assertEquals;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.junit.BeforeClass;
+import org.junit.Test;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParser;
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessEngineImpl;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+
+public class ProcessEngineTest {
+	
+	private static ProcessEngine pe;
+	
+	@BeforeClass
+	public static void init() throws IOException, ProcessDefinitionParserException {
+		ProcessDefinitionParser pdp = new ProcessDefinitionParser();
+		pe = new ProcessEngineImpl();
+		((ProcessEngineImpl) pe).setTransitionConditionExpressionEvaluator(new BooleanStringExpressionEvaluator());
+		try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition1.xml")) {
+			((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+		}
+		try (InputStream in = ProcessEngineTest.class.getResourceAsStream("SampleProcessDefinition2.xml")) {
+			((ProcessEngineImpl) pe).registerProcessDefinition(pdp.parse(in));
+		}
+	}
+	
+	@Test
+	public void testSampleProcess1() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+		ProcessInstance pi = pe.createProcessInstance("SampleProcess1");
+		assertEquals(NOT_STARTED, pi.getState());
+		// start process
+		pe.start(pi);
+		assertEquals(SUSPENDED, pi.getState());
+		System.out.println("Do something asynchronously");
+		pe.signal(pi);
+		assertEquals(ENDED, pi.getState());
+	}
+	
+	@Test
+	public void testSampleProcess2() throws IOException, ProcessDefinitionParserException, ProcessExecutionException {
+		ProcessInstance pi = pe.createProcessInstance("SampleProcess2");
+		assertEquals(NOT_STARTED, pi.getState());
+		// start process
+		pe.start(pi);
+		assertEquals(SUSPENDED, pi.getState());
+		System.out.println("Do something asynchronously");
+		pe.signal(pi);
+		assertEquals(ENDED, pi.getState());
+	}
+	
+	@Test(expected = IllegalArgumentException.class)
+	public void testProcessInstanceDoesNotExist() {
+		pe.getProcessInstance("does not exist");
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
new file mode 100644
index 000000000..c26236619
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/ExpressionContextAdapter.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+
+import java.io.Serializable;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluationContext;
+
+/**
+ * Adapter class for {@link ExpressionEvaluationContext}. Intended to be used for testing purposes.
+ * 
+ * @author tknall
+ * 
+ */
+public class ExpressionContextAdapter implements ExpressionEvaluationContext {
+
+	private static final long serialVersionUID = 1L;
+
+	private Map<String, Serializable> ctxData = Collections.synchronizedMap(new HashMap<String, Serializable>());
+
+	/**
+	 * Returns a certain {@link Serializable} object associated with a certain {@code key}.
+	 * 
+	 * @param key
+	 *            The key.
+	 * @return The object or {@code null} if no object was found stored with that key or if a {@code null} value was
+	 *         stored.
+	 */
+	Serializable get(String key) {
+		return ctxData.get(key);
+	}
+
+	/**
+	 * Stores a {@link Serializable} with a certain {@code key}.
+	 * 
+	 * @param key
+	 *            The key.
+	 * @param object
+	 *            The object.
+	 */
+	void put(String key, Serializable object) {
+		ctxData.put(key, object);
+	}
+
+	@Override
+	public Map<String, Serializable> getCtx() {
+		return Collections.unmodifiableMap(ctxData);
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
deleted file mode 100644
index 6525fb0cd..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
+++ /dev/null
@@ -1,54 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
-	id="SampleProcessDefinitionForSAML1Authentication">
-
-	<!--
-		returns String 'bkuURL'
-	-->
-	<pd:Task id="bkuSelectionTask" class="com.datentechnik.process_engine.spring.test.task.SelectBKUTask" />
-
-	<!--
-		requires 'bkuURL'
-		returns String 'IdentityLink'
-	-->
-	<pd:Task id="getIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.GetIdentityLinkTask" />
-
-	<!--
-		requires 'IdentityLink'
-		returns Boolean 'isIdentityLinkValidated'
-	-->
-	<pd:Task id="validateIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.ValidateIdentityLinkTask" />
-
-	<!--
-		requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL'
-		returns String 'SignedAuthBlock'
-	-->
-	<pd:Task id="signAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.SignAuthBlockTask" />
-
-	<!--
-		requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock'
-		returns Boolean 'isSignedAuthBlockValidated'
-	-->
-	<pd:Task id="validateSignedAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.ValidateSignedAuthBlockTask" />
-	
-	<!--
-		requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated';
-		returns 'SAML1Assertion'
-	-->
-	<pd:Task id="createAssertionTask" class="com.datentechnik.process_engine.spring.test.task.CreateSAML1AssertionTask" />
-
-	<pd:StartEvent id="start" />
-	<pd:EndEvent id="end" />
-
-	<pd:Transition from="start" to="bkuSelectionTask"    conditionExpression="ctx['bkuURL'] == null" />
-	<pd:Transition from="start" to="getIdentityLinkTask"  />
-	
-	<pd:Transition from="bkuSelectionTask"            to="getIdentityLinkTask" />
-	<pd:Transition from="getIdentityLinkTask"         to="validateIdentityLinkTask" />
-	<pd:Transition from="validateIdentityLinkTask"    to="signAuthBlockTask"            conditionExpression="ctx['isIdentityLinkValidated']" />
-	<pd:Transition from="signAuthBlockTask"           to="validateSignedAuthBlockTask" />
-	<pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask"          conditionExpression="ctx['isSignedAuthBlockValidated']" />
-	
-	<pd:Transition from="createAssertionTask" to="end" />
-
-</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
deleted file mode 100644
index ef71026ec..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
+++ /dev/null
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
-	id="SampleProcessWithExpression1">
-
-	<pd:Task id="task1" />
-	<pd:Task id="task2" />
-	<pd:Task id="task3" />
-	<pd:Task id="task4" />
-
-	<pd:StartEvent id="start" />
-	<pd:EndEvent id="end" />
-
-	<pd:Transition from="start" to="task1" conditionExpression="'true'" />
-	<pd:Transition from="task1" to="task2" conditionExpression="'true'" />
-	<pd:Transition from="task2" to="task3" conditionExpression="'true'" />
-	<pd:Transition from="task3" to="task4" conditionExpression="'true'" />
-	<pd:Transition from="task4" to="end"   conditionExpression="'true'" />
-	
-</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
new file mode 100644
index 000000000..89f3c0383
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SimplePojo.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * A dummy pojo used to test {@link ExpressionEvaluator} with Spring EL referencing Spring beans.
+ * 
+ * @author tknall
+ * 
+ */
+public class SimplePojo {
+
+	private Boolean booleanValue;
+	private String stringValue;
+	private Integer integerValue;
+
+	public Boolean getBooleanValue() {
+		return booleanValue;
+	}
+
+	public void setBooleanValue(Boolean booleanValue) {
+		this.booleanValue = booleanValue;
+	}
+
+	public String getStringValue() {
+		return stringValue;
+	}
+
+	public void setStringValue(String stringValue) {
+		this.stringValue = stringValue;
+	}
+
+	public Integer getIntegerValue() {
+		return integerValue;
+	}
+
+	public void setIntegerValue(Integer integerValue) {
+		this.integerValue = integerValue;
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
deleted file mode 100644
index eb62d1ae2..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
+++ /dev/null
@@ -1,30 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xmlns:task="http://www.springframework.org/schema/task"
-	xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd
-		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
-
-	<bean id="springElAwareExpressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
-	
-	<bean id="processEngine" class="com.datentechnik.process_engine.ProcessEngineImpl">
-		<property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" />
-		<property name="processInstanceMaxIdleTimeSeconds" value="600" />
-		<property name="processDefinitions">
-			<list>
-				<bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
-					<property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionWithExpression1.xml" />
-				</bean>
-				<bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
-					<property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionForSAML1Authentication.xml" />
-				</bean>
-			</list>
-		</property>
-	</bean>
-	
-	<task:scheduler id="taskScheduler" pool-size="1" />
-	<task:scheduled-tasks scheduler="taskScheduler">
-		<task:scheduled ref="processEngine" method="cleanup" fixed-delay="60000" />
-	</task:scheduled-tasks>
-
-</beans>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
new file mode 100644
index 000000000..4022a7a15
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest.java
@@ -0,0 +1,66 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.ENDED;
+import static at.gv.egovernment.moa.id.process.ProcessInstanceState.NOT_STARTED;
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.io.IOException;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.process.ProcessDefinitionParserException;
+import at.gv.egovernment.moa.id.process.ProcessEngine;
+import at.gv.egovernment.moa.id.process.ProcessExecutionException;
+import at.gv.egovernment.moa.id.process.ProcessInstance;
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+
+/**
+ * Tests the process engine using processes based on Spring EL referencing the process context and further Spring beans.
+ * 
+ * @author tknall
+ * 
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionAwareProcessEngineTest {
+
+	@Autowired
+	private ProcessEngine pe;
+
+	@Test
+	public void testSampleProcessDefinitionWithExpression1() throws IOException, ProcessDefinitionParserException,
+			ProcessExecutionException {
+		ProcessInstance pi = pe.createProcessInstance("SampleProcessWithExpression1");
+		assertEquals(NOT_STARTED, pi.getState());
+		// start process
+		pe.start(pi);
+		assertEquals(ENDED, pi.getState());
+	}
+
+	@Test
+	public void testSampleProcessDefinitionForSAML1Authentication() throws IOException,
+			ProcessDefinitionParserException, ProcessExecutionException {
+		ProcessInstance pi = pe.createProcessInstance("SampleProcessDefinitionForSAML1Authentication");
+		assertEquals(NOT_STARTED, pi.getState());
+		// start process
+		pe.start(pi);
+		assertEquals(ENDED, pi.getState());
+
+		ExecutionContext ec = pi.getExecutionContext();
+		assertNotNull(ec);
+		System.out.println(ec.keySet());
+
+		assertNotNull(ec.get("bkuURL"));
+		assertNotNull(ec.get("IdentityLink"));
+		assertNotNull(ec.get("isIdentityLinkValidated"));
+		assertNotNull(ec.get("SignedAuthBlock"));
+		assertNotNull(ec.get("isSignedAuthBlockValidated"));
+		assertNotNull(ec.get("SAML1Assertion"));
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
deleted file mode 100644
index dadc6bf81..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
+++ /dev/null
@@ -1,14 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<beans xmlns="http://www.springframework.org/schema/beans"
-	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
-
-	<bean id="simplePojo" class="com.datentechnik.process_engine.spring.test.SimplePojo">
-		<property name="booleanValue" value="true" />
-		<property name="integerValue" value="42" />
-		<property name="stringValue" value="HelloWorld" />
-	</bean>
-	
-	<bean id="expressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
-
-</beans>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
new file mode 100644
index 000000000..bc9d1d399
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.process.api.ExpressionEvaluator;
+
+/**
+ * Tests the {@link ExpressionEvaluator} using a Spring EL based implementation capable of dereferencing Spring beans.
+ * 
+ * @author tknall
+ * 
+ */
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration
+public class SpringExpressionEvaluatorTest {
+
+	private ExpressionContextAdapter ctx;
+
+	@Autowired
+	private ExpressionEvaluator expressionEvaluator;
+
+	@Before
+	public void prepareTest() {
+		ctx = new ExpressionContextAdapter();
+	}
+
+	@Test
+	public void testEvaluateSimpleExpression() {
+		assertTrue(expressionEvaluator.evaluate(ctx, "'true'"));
+	}
+
+	@Test
+	public void testEvaluateExpressionWithCtx() {
+		ctx.put("myProperty", false);
+		assertFalse(expressionEvaluator.evaluate(ctx, "ctx['myProperty']"));
+	}
+
+	@Test
+	public void testEvaluateExpressionWithBeanReference() {
+		assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.booleanValue"));
+		assertTrue(expressionEvaluator.evaluate(ctx, "'HelloWorld'.equals(@simplePojo.stringValue)"));
+		assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.integerValue == 42"));
+		assertTrue(expressionEvaluator.evaluate(ctx, "@simplePojo.stringValue.length() == 10"));
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
new file mode 100644
index 000000000..7e56071bd
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/CreateSAML1AssertionTask.java
@@ -0,0 +1,54 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the creation of a SAML1 assertion.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SAML1Assertion}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class CreateSAML1AssertionTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) throws Exception {
+		Objects.requireNonNull(executionContext.get("IdentityLink"));
+		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+		Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isSignedAuthBlockValidated"))));
+
+		log.debug("Using IdentityLink and signed auth block in order to create SAML1 assertion.");
+
+		try (InputStream in = getClass().getResourceAsStream("SAML1Assertion.xml")) {
+			executionContext.put("SAML1Assertion", IOUtils.toString(in, Charset.forName("UTF-8")));
+		}
+
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
new file mode 100644
index 000000000..412fb0123
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/GetIdentityLinkTask.java
@@ -0,0 +1,50 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the retrieval of an IdentityLink.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class GetIdentityLinkTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) throws IOException {
+		Objects.requireNonNull(executionContext.get("bkuURL"));
+
+		log.debug("Using bkuURL in order to retrieve IdentityLink.");
+
+		try (InputStream in = getClass().getResourceAsStream("IdentityLink_Max_Mustermann.xml")) {
+			executionContext.put("IdentityLink", IOUtils.toString(in, Charset.forName("UTF-8")));
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
deleted file mode 100644
index c68972f13..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
+++ /dev/null
@@ -1,52 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
-	<saml:AttributeStatement>
-		<saml:Subject>
-			<saml:SubjectConfirmation>
-				<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
-				<saml:SubjectConfirmationData>
-					<pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person>
-				</saml:SubjectConfirmationData>
-			</saml:SubjectConfirmation>
-		</saml:Subject>
-	<saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
-	<dsig:Signature>
-		<dsig:SignedInfo>
-			<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
-			<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-			<dsig:Reference URI="">
-				<dsig:Transforms>
-					<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-						<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
-					</dsig:Transform>
-					<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-				</dsig:Transforms>
-				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-				<dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue>
-			</dsig:Reference>
-			<dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
-				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-				<dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue>
-			</dsig:Reference>
-		</dsig:SignedInfo>
-		<dsig:SignatureValue>
-    NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH
-ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA
-wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv
-VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2
-/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw==
-  </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
-		<dsig:Object>
-			<dsig:Manifest Id="manifest">
-				<dsig:Reference URI="">
-					<dsig:Transforms>
-						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-							<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
-						</dsig:Transform>
-					</dsig:Transforms>
-					<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-					<dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue>
-				</dsig:Reference>
-			</dsig:Manifest>
-		</dsig:Object>
-	</dsig:Signature>
-</saml:Assertion>
\ No newline at end of file
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
deleted file mode 100644
index 3aeedd590..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
+++ /dev/null
@@ -1,487 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
-  <saml:AttributeStatement>
-	 <saml:Subject>
-		<saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier>
-		<saml:SubjectConfirmation>
-		  <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
-		  <saml:SubjectConfirmationData>
-			 <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
-				<saml:AttributeStatement>
-				  <saml:Subject>
-					 <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier>
-				  </saml:Subject>
-				  <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-					 <saml:AttributeValue>
-						<pr:Identification>
-						  <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
-						  <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
-						</pr:Identification>
-					 </saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-					 <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-					 <saml:AttributeValue>1978-04-29</saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
-					 <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
-					 <saml:AttributeValue>MeineTestFirma</saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
-					 <saml:AttributeValue>123456i</saml:AttributeValue>
-				  </saml:Attribute>
-				</saml:AttributeStatement>
-				<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-				  <dsig:SignedInfo>
-					 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
-					 <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
-					 <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
-						<dsig:Transforms>
-						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-							 <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-								<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-								  <html xmlns="http://www.w3.org/1999/xhtml">
-									 <head>
-										<title>Signatur der Anmeldedaten</title>
-										<style media="screen" type="text/css">
-		  .boldstyle { font-weight: bold; }
-		  .italicstyle { font-style: italic; }
-		  .annotationstyle { font-size: small; }
-		  </style>
-									 </head>
-									 <body>
-										<h1>Signatur der Anmeldedaten</h1>
-										<p/>
-										<h4>Mit meiner elektronischen Signatur beantrage ich,
-			 <span class="boldstyle">
-											 <xsl:value-of select="//@Issuer"/>
-										  </span>, geboren am
-			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
-			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
-			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
-			 <xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
-				in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
-				(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
-			 </xsl:if>
-			 den Zugang zur gesicherten Anwendung.
-		  </h4>
-										<p/>
-										<h4>Datum und Uhrzeit:
-			 <xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
-			 <xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
-			 <xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
-			 <xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
-			 <xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
-			 <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-										</h4>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-										  <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
-										  </h4>
-										</xsl:if>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-										  <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
-										  </h4>
-										</xsl:if>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
-										  <hr/>
-										  <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
-				von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
-											 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
-				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
-				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
-				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
-											 </xsl:if>
-											 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
-				  <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
-											 </xsl:if>, in deren Auftrag zu handeln.
-			 </h4>
-										  <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
-											 <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
-											 </h4>
-										  </xsl:if>
-										  <p/>
-										</xsl:if>
-										<xsl:choose>
-										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
-											 <p/>
-											 <hr/>
-										  </xsl:when>
-										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-											 <p/>
-											 <hr/>
-										  </xsl:when>
-										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-											 <p/>
-											 <hr/>
-										  </xsl:when>
-										</xsl:choose>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-										  <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
-			 jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
-			 Wirtschaftsunternehmen.</div>
-										</xsl:if>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-										  <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
-			 Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
-			 Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
-										</xsl:if>
-										<xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
-										  <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
-			 beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
-										</xsl:if>
-									 </body>
-								  </html>
-								</xsl:template>
-							 </xsl:stylesheet>
-						  </dsig:Transform>
-						  <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-						</dsig:Transforms>
-						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						<dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
-					 </dsig:Reference>
-					 <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
-						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						<dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
-					 </dsig:Reference>
-				  </dsig:SignedInfo>
-				  <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
-+lyI</dsig:SignatureValue>
-				  <dsig:KeyInfo>
-					 <dsig:X509Data>
-						<dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
-EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
-dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
-LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
-LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
-BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
-YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
-MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
-6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
-MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
-CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
-BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
-aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
-dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
-ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
-dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
-VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
-ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
-SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
-CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
-BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
-ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
-uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
-egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
-GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
-SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
-</dsig:X509Certificate>
-					 </dsig:X509Data>
-				  </dsig:KeyInfo>
-				  <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
-					 <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
-						<etsi:SignedProperties>
-						  <etsi:SignedSignatureProperties>
-							 <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
-							 <etsi:SigningCertificate>
-								<etsi:Cert>
-								  <etsi:CertDigest>
-									 <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-									 <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
-								  </etsi:CertDigest>
-								  <etsi:IssuerSerial>
-									 <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
-									 <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
-								  </etsi:IssuerSerial>
-								</etsi:Cert>
-							 </etsi:SigningCertificate>
-							 <etsi:SignaturePolicyIdentifier>
-								<etsi:SignaturePolicyImplied/>
-							 </etsi:SignaturePolicyIdentifier>
-						  </etsi:SignedSignatureProperties>
-						  <etsi:SignedDataObjectProperties>
-							 <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
-								<etsi:MimeType>application/xhtml+xml</etsi:MimeType>
-							 </etsi:DataObjectFormat>
-						  </etsi:SignedDataObjectProperties>
-						</etsi:SignedProperties>
-					 </etsi:QualifyingProperties>
-				  </dsig:Object>
-				</dsig:Signature>
-			 </saml:Assertion>
-			 <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
-				<saml:AttributeStatement>
-				  <saml:Subject>
-					 <saml:SubjectConfirmation>
-						<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
-						<saml:SubjectConfirmationData>
-						  <pr:Person si:type="pr:PhysicalPersonType">
-							 <pr:Identification>
-								<pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
-								<pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
-							 </pr:Identification>
-							 <pr:Name>
-								<pr:GivenName>Thomas</pr:GivenName>
-								<pr:FamilyName primary="undefined">Knall</pr:FamilyName>
-							 </pr:Name>
-							 <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
-						  </pr:Person>
-						</saml:SubjectConfirmationData>
-					 </saml:SubjectConfirmation>
-				  </saml:Subject>
-				  <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
-					 <saml:AttributeValue>
-						<ecdsa:ECDSAKeyValue>
-						  <ecdsa:DomainParameters>
-							 <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/>
-						  </ecdsa:DomainParameters>
-						  <ecdsa:PublicKey>
-							 <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/>
-							 <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/>
-						  </ecdsa:PublicKey>
-						</ecdsa:ECDSAKeyValue>
-					 </saml:AttributeValue>
-				  </saml:Attribute>
-				  <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
-					 <saml:AttributeValue>
-						<dsig:RSAKeyValue>
-						  <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje
-/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS
-uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw
-x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus>
-						  <dsig:Exponent>AQAB</dsig:Exponent>
-						</dsig:RSAKeyValue>
-					 </saml:AttributeValue>
-				  </saml:Attribute>
-				</saml:AttributeStatement>
-				<dsig:Signature>
-				  <dsig:SignedInfo>
-					 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
-					 <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
-					 <dsig:Reference URI="">
-						<dsig:Transforms>
-						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-							 <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
-						  </dsig:Transform>
-						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-						</dsig:Transforms>
-						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						<dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue>
-					 </dsig:Reference>
-					 <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
-						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						<dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue>
-					 </dsig:Reference>
-				  </dsig:SignedInfo>
-				  <dsig:SignatureValue>
-oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y
-qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf
-qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ
-mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/
-k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA==
-</dsig:SignatureValue>
-				  <dsig:KeyInfo>
-					 <dsig:X509Data>
-						<dsig:X509Certificate>
-MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y
-cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0
-LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT
-AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj
-aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw
-EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu
-YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK
-d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV
-ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf
-9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9
-6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW
-R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq
-WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB
-AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h
-LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB
-BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av
-YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH
-bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0
-LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz
-ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK
-BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB
-BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes
-Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T
-nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1
-o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo
-B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5
-KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM=
-</dsig:X509Certificate>
-					 </dsig:X509Data>
-				  </dsig:KeyInfo>
-				  <dsig:Object>
-					 <dsig:Manifest Id="manifest">
-						<dsig:Reference URI="">
-						  <dsig:Transforms>
-							 <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-								<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
-							 </dsig:Transform>
-						  </dsig:Transforms>
-						  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						  <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue>
-						</dsig:Reference>
-					 </dsig:Manifest>
-				  </dsig:Object>
-				</dsig:Signature>
-			 </saml:Assertion>
-		  </saml:SubjectConfirmationData>
-		</saml:SubjectConfirmation>
-	 </saml:Subject>
-	 <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
-		<saml:AttributeValue>
-		  <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
-			 <pr:Identification>
-				<pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
-				<pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
-			 </pr:Identification>
-			 <pr:Name>
-				<pr:GivenName>Thomas</pr:GivenName>
-				<pr:FamilyName primary="undefined">Knall</pr:FamilyName>
-			 </pr:Name>
-			 <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
-		  </pr:Person>
-		</saml:AttributeValue>
-	 </saml:Attribute>
-	 <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-		<saml:AttributeValue>true</saml:AttributeValue>
-	 </saml:Attribute>
-	 <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-		<saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue>
-	 </saml:Attribute>
-	 <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
-		<saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl
-bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w
-NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD
-VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t
-YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO
-PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp
-/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn
-BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF
-BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz
-L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v
-b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr
-BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy
-ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1
-c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh
-c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw
-DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0
-MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p
-4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr
-0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH
-wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg
-x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn
-W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7
-2/uCFrBzyTk=</saml:AttributeValue>
-	 </saml:Attribute>
-	 <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
-		<saml:AttributeValue>
-		  <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">
-			 <md:Annotation>Prokura - MeineTestFirma</md:Annotation>
-			 <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService>
-			 <md:Representative>
-				<pr:PhysicalPerson>
-				  <pr:Identification>
-					 <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
-					 <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
-				  </pr:Identification>
-				  <pr:Name>
-					 <pr:GivenName>Thomas</pr:GivenName>
-					 <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
-				  </pr:Name>
-				  <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
-				</pr:PhysicalPerson>
-			 </md:Representative>
-			 <md:Mandator>
-				<pr:CorporateBody>
-				  <pr:Identification>
-					 <pr:Value>123456i</pr:Value>
-					 <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type>
-				  </pr:Identification>
-				  <pr:FullName>MeineTestFirma</pr:FullName>
-				</pr:CorporateBody>
-			 </md:Mandator>
-			 <md:Issued>
-				<md:Place>Wien</md:Place>
-				<md:Date>2008-07-14</md:Date>
-			 </md:Issued>
-			 <md:Properties>
-				<md:SubstitutionAllowed>false</md:SubstitutionAllowed>
-			 </md:Properties>
-			 <md:SimpleMandateContent>
-				<md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription>
-			 </md:SimpleMandateContent>
-			 <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-				<dsig:SignedInfo>
-				  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
-				  <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
-				  <dsig:Reference Id="reference-1-1" URI="">
-					 <dsig:Transforms>
-						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-						  <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath>
-						</dsig:Transform>
-						<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-						<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
-					 </dsig:Transforms>
-					 <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-					 <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue>
-				  </dsig:Reference>
-				  <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1">
-					 <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-					 <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue>
-				  </dsig:Reference>
-				</dsig:SignedInfo>
-				<dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue>
-				<dsig:KeyInfo>
-				  <dsig:X509Data>
-					 <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD
-VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB
-Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw
-ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT
-BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj
-MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49
-AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0
-BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s
-wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz
-+XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/
-LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG
-A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud
-IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX
-/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT
-Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate>
-				  </dsig:X509Data>
-				</dsig:KeyInfo>
-				<dsig:Object>
-				  <dsig:Manifest Id="dsig-manifest-1-1">
-					 <dsig:Reference Id="reference-1-2" URI="">
-						<dsig:Transforms>
-						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
-							 <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath>
-						  </dsig:Transform>
-						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-						  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
-						</dsig:Transforms>
-						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-						<dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue>
-					 </dsig:Reference>
-				  </dsig:Manifest>
-				</dsig:Object>
-			 </dsig:Signature>
-		  </md:Mandate>
-		</saml:AttributeValue>
-	 </saml:Attribute>
-  </saml:AttributeStatement>
-</saml:Assertion>
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
new file mode 100644
index 000000000..54195ec91
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SelectBKUTask.java
@@ -0,0 +1,33 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating a bku selection.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class SelectBKUTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) {
+		log.debug("Providing BKU selection.");
+		executionContext.put("bkuURL", "https://127.0.0.1:3496/https-security-layer-request");
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
new file mode 100644
index 000000000..8099c0f98
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignAuthBlockTask.java
@@ -0,0 +1,52 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.io.InputStream;
+import java.nio.charset.Charset;
+import java.util.Objects;
+
+import org.apache.commons.io.IOUtils;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the signature of an auth block.
+ * <p/>
+ * Asynchonous
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code bkuURL}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class SignAuthBlockTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) throws Exception {
+		Objects.requireNonNull(executionContext.get("IdentityLink"));
+		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+		Objects.requireNonNull(executionContext.get("bkuURL"));
+
+		log.debug("Using validated IdentityLink and bkuURL in order to sign auth block.");
+		try (InputStream in = getClass().getResourceAsStream("SignedAuthBlock.xml")) {
+			executionContext.put("SignedAuthBlock", IOUtils.toString(in, Charset.forName("UTF-8")));
+		}
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
deleted file mode 100644
index 450ba90f3..000000000
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
+++ /dev/null
@@ -1,179 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
-  <dsig:SignedInfo>
-	 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
-	 <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
-	 <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
-		<dsig:Transforms>
-		  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
-		  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
-			 <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
-				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
-				  <html xmlns="http://www.w3.org/1999/xhtml">
-					 <head>
-						<title>Signatur der Anmeldedaten</title>
-						<style media="screen" type="text/css">
-.boldstyle { font-weight: bold; }
-.italicstyle { font-style: italic; }
-.annotationstyle { font-size: small; }
-</style>
-					 </head>
-					 <body>
-						<h1>Signatur der Anmeldedaten</h1>
-						<p/>
-						<h4>Mit meiner elektronischen Signatur beantrage ich,
-<span class="boldstyle">
-							 <xsl:value-of select="//@Issuer"/>
-						  </span>, geboren am
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
-<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
-<xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
-in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
-(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
-</xsl:if>
-den Zugang zur gesicherten Anwendung.
-</h4>
-						<p/>
-						<h4>Datum und Uhrzeit:
-<xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
-<xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
-<xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
-<xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
-<xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
-<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
-						</h4>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-						  <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
-						  </h4>
-						</xsl:if>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-						  <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
-						  </h4>
-						</xsl:if>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
-						  <hr/>
-						  <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
-von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
-							 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
-  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
-  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
-  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
-							 </xsl:if>
-							 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
-  <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
-							 </xsl:if>, in deren Auftrag zu handeln.
-</h4>
-						  <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
-							 <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
-							 </h4>
-						  </xsl:if>
-						  <p/>
-						</xsl:if>
-						<xsl:choose>
-						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
-							 <p/>
-							 <hr/>
-						  </xsl:when>
-						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-							 <p/>
-							 <hr/>
-						  </xsl:when>
-						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-							 <p/>
-							 <hr/>
-						  </xsl:when>
-						</xsl:choose>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
-						  <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
-jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
-Wirtschaftsunternehmen.</div>
-						</xsl:if>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
-						  <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
-Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
-Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
-						</xsl:if>
-						<xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
-						  <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
-beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
-						</xsl:if>
-					 </body>
-				  </html>
-				</xsl:template>
-			 </xsl:stylesheet>
-		  </dsig:Transform>
-		  <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
-		</dsig:Transforms>
-		<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-		<dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
-	 </dsig:Reference>
-	 <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
-		<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-		<dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
-	 </dsig:Reference>
-  </dsig:SignedInfo>
-  <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
-+lyI</dsig:SignatureValue>
-  <dsig:KeyInfo>
-	 <dsig:X509Data>
-		<dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
-EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
-dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
-LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
-LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
-BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
-YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
-MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
-6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
-MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
-CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
-BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
-aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
-dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
-ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
-dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
-bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
-VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
-ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
-SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
-CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
-BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
-ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
-uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
-egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
-GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
-SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
-</dsig:X509Certificate>
-	 </dsig:X509Data>
-  </dsig:KeyInfo>
-  <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
-	 <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
-		<etsi:SignedProperties>
-		  <etsi:SignedSignatureProperties>
-			 <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
-			 <etsi:SigningCertificate>
-				<etsi:Cert>
-				  <etsi:CertDigest>
-					 <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
-					 <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
-				  </etsi:CertDigest>
-				  <etsi:IssuerSerial>
-					 <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
-					 <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
-				  </etsi:IssuerSerial>
-				</etsi:Cert>
-			 </etsi:SigningCertificate>
-			 <etsi:SignaturePolicyIdentifier>
-				<etsi:SignaturePolicyImplied/>
-			 </etsi:SignaturePolicyIdentifier>
-		  </etsi:SignedSignatureProperties>
-		  <etsi:SignedDataObjectProperties>
-			 <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
-				<etsi:MimeType>application/xhtml+xml</etsi:MimeType>
-			 </etsi:DataObjectFormat>
-		  </etsi:SignedDataObjectProperties>
-		</etsi:SignedProperties>
-	 </etsi:QualifyingProperties>
-  </dsig:Object>
-</dsig:Signature>
\ No newline at end of file
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
new file mode 100644
index 000000000..a8e7df3d7
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateIdentityLinkTask.java
@@ -0,0 +1,42 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * Dummy task simulating the validation of an IdentityLink.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class ValidateIdentityLinkTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) {
+		Objects.requireNonNull(executionContext.get("IdentityLink"));
+
+		log.debug("Validating IdentityLink.");
+
+		executionContext.put("isIdentityLinkValidated", true);
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
new file mode 100644
index 000000000..07b2ea69c
--- /dev/null
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/process/spring/test/task/ValidateSignedAuthBlockTask.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.process.spring.test.task;
+
+import java.util.Objects;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egovernment.moa.id.process.api.ExecutionContext;
+import at.gv.egovernment.moa.id.process.api.Task;
+
+/**
+ * A dummy task simulating the validation of an auth block.
+ * <p>
+ * Requires context data:
+ * <ul>
+ * <li>{@code IdentityLink}</li>
+ * <li>{@code isIdentityLinkValidated}</li>
+ * <li>{@code SignedAuthBlock}</li>
+ * </ul>
+ * </p>
+ * <p>
+ * Enriches context data with:
+ * <ul>
+ * <li>{@code isSignedAuthBlockValidated}</li>
+ * </ul>
+ * </p>
+ * 
+ * @author tknall
+ * 
+ */
+public class ValidateSignedAuthBlockTask implements Task {
+
+	private Logger log = LoggerFactory.getLogger(getClass());
+
+	@Override
+	public void execute(ExecutionContext executionContext) throws Exception {
+		Objects.requireNonNull(executionContext.get("IdentityLink"));
+		assert (Boolean.TRUE.equals(Objects.requireNonNull(executionContext.get("isIdentityLinkValidated"))));
+		Objects.requireNonNull(executionContext.get("SignedAuthBlock"));
+
+		log.debug("Using validated IdentityLink and signed auth block in order to validate signed auth block.");
+
+		executionContext.put("isSignedAuthBlockValidated", true);
+	}
+
+}
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml
new file mode 100644
index 000000000..8a32ca46d
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_MultipleStartEvents.xml
@@ -0,0 +1,22 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess2"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:StartEvent id="start1" />
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" class="com.datentechnik.process_engine.test.HalloWeltTask" />
+	<tns:Task id="task3" />
+
+	<tns:StartEvent id="start2" />
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start1" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="task3" />
+	<tns:Transition from="task3" to="end" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml
new file mode 100644
index 000000000..754b7a34d
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_NoStartEvents.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess1"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" />
+
+	<tns:EndEvent id="end" />
+
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="end" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml
new file mode 100644
index 000000000..e698f8019
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionLoop.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess1"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" />
+
+	<tns:StartEvent id="start" />
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="end" />
+
+	<!-- Must be loop since we have no conditionExpression set. -->
+	<tns:Transition id="loop" from="task1" to="task1" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml
new file mode 100644
index 000000000..564bf9040
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionRefsTransition.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess1"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" />
+
+	<tns:StartEvent id="start" />
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition id="invalidTransition" from="task1" to="fromStart" />
+	<tns:Transition from="task2" to="end" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml
new file mode 100644
index 000000000..b3d2d2ebc
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/InvalidProcessDefinition_TransitionStartsFromEndEvent.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess1"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" />
+
+	<tns:StartEvent id="start" />
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="end" />
+	<tns:Transition from="end" to="task1" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml
new file mode 100644
index 000000000..ab033fb8f
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition1.xml
@@ -0,0 +1,18 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess1"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" />
+
+	<tns:StartEvent id="start" />
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="end" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml
new file mode 100644
index 000000000..ca2617ce8
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/process_engine/test/SampleProcessDefinition2.xml
@@ -0,0 +1,21 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<tns:ProcessDefinition
+	id="SampleProcess2"
+	xmlns:tns="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.datentechnik.com/process-engine/processdefinition/v1 ../../main/resources/com/datentechnik_innovation/process_engine/ProcessDefinition.xsd ">
+
+	<tns:StartEvent id="start" />
+
+	<tns:Task id="task1" class="com.datentechnik.process_engine.test.HelloWorldTask" />
+	<tns:Task id="task2" async="true" class="com.datentechnik.process_engine.test.HalloWeltTask" />
+	<tns:Task id="task3" />
+
+	<tns:EndEvent id="end" />
+
+	<tns:Transition id="fromStart" from="start" to="task1" conditionExpression="true" />
+	<tns:Transition from="task1" to="task2" />
+	<tns:Transition from="task2" to="task3" />
+	<tns:Transition from="task3" to="end" />
+	
+</tns:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
new file mode 100644
index 000000000..6525fb0cd
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionForSAML1Authentication.xml
@@ -0,0 +1,54 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	id="SampleProcessDefinitionForSAML1Authentication">
+
+	<!--
+		returns String 'bkuURL'
+	-->
+	<pd:Task id="bkuSelectionTask" class="com.datentechnik.process_engine.spring.test.task.SelectBKUTask" />
+
+	<!--
+		requires 'bkuURL'
+		returns String 'IdentityLink'
+	-->
+	<pd:Task id="getIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.GetIdentityLinkTask" />
+
+	<!--
+		requires 'IdentityLink'
+		returns Boolean 'isIdentityLinkValidated'
+	-->
+	<pd:Task id="validateIdentityLinkTask" class="com.datentechnik.process_engine.spring.test.task.ValidateIdentityLinkTask" />
+
+	<!--
+		requires 'IdentityLink', 'isIdentityLinkValidated', 'bkuURL'
+		returns String 'SignedAuthBlock'
+	-->
+	<pd:Task id="signAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.SignAuthBlockTask" />
+
+	<!--
+		requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock'
+		returns Boolean 'isSignedAuthBlockValidated'
+	-->
+	<pd:Task id="validateSignedAuthBlockTask" class="com.datentechnik.process_engine.spring.test.task.ValidateSignedAuthBlockTask" />
+	
+	<!--
+		requires 'IdentityLink', 'isIdentityLinkValidated', 'SignedAuthBlock', 'isSignedAuthBlockValidated';
+		returns 'SAML1Assertion'
+	-->
+	<pd:Task id="createAssertionTask" class="com.datentechnik.process_engine.spring.test.task.CreateSAML1AssertionTask" />
+
+	<pd:StartEvent id="start" />
+	<pd:EndEvent id="end" />
+
+	<pd:Transition from="start" to="bkuSelectionTask"    conditionExpression="ctx['bkuURL'] == null" />
+	<pd:Transition from="start" to="getIdentityLinkTask"  />
+	
+	<pd:Transition from="bkuSelectionTask"            to="getIdentityLinkTask" />
+	<pd:Transition from="getIdentityLinkTask"         to="validateIdentityLinkTask" />
+	<pd:Transition from="validateIdentityLinkTask"    to="signAuthBlockTask"            conditionExpression="ctx['isIdentityLinkValidated']" />
+	<pd:Transition from="signAuthBlockTask"           to="validateSignedAuthBlockTask" />
+	<pd:Transition from="validateSignedAuthBlockTask" to="createAssertionTask"          conditionExpression="ctx['isSignedAuthBlockValidated']" />
+	
+	<pd:Transition from="createAssertionTask" to="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
new file mode 100644
index 000000000..ef71026ec
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SampleProcessDefinitionWithExpression1.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition xmlns:pd="http://www.datentechnik.com/process-engine/processdefinition/v1"
+	id="SampleProcessWithExpression1">
+
+	<pd:Task id="task1" />
+	<pd:Task id="task2" />
+	<pd:Task id="task3" />
+	<pd:Task id="task4" />
+
+	<pd:StartEvent id="start" />
+	<pd:EndEvent id="end" />
+
+	<pd:Transition from="start" to="task1" conditionExpression="'true'" />
+	<pd:Transition from="task1" to="task2" conditionExpression="'true'" />
+	<pd:Transition from="task2" to="task3" conditionExpression="'true'" />
+	<pd:Transition from="task3" to="task4" conditionExpression="'true'" />
+	<pd:Transition from="task4" to="end"   conditionExpression="'true'" />
+	
+</pd:ProcessDefinition>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
new file mode 100644
index 000000000..eb62d1ae2
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionAwareProcessEngineTest-context.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:task="http://www.springframework.org/schema/task"
+	xsi:schemaLocation="http://www.springframework.org/schema/task http://www.springframework.org/schema/task/spring-task.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+	<bean id="springElAwareExpressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
+	
+	<bean id="processEngine" class="com.datentechnik.process_engine.ProcessEngineImpl">
+		<property name="transitionConditionExpressionEvaluator" ref="springElAwareExpressionEvaluator" />
+		<property name="processInstanceMaxIdleTimeSeconds" value="600" />
+		<property name="processDefinitions">
+			<list>
+				<bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
+					<property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionWithExpression1.xml" />
+				</bean>
+				<bean class="com.datentechnik.process_engine.spring.ProcessDefinitionFactoryBean">
+					<property name="resource" value="classpath:com/datentechnik/process_engine/spring/test/SampleProcessDefinitionForSAML1Authentication.xml" />
+				</bean>
+			</list>
+		</property>
+	</bean>
+	
+	<task:scheduler id="taskScheduler" pool-size="1" />
+	<task:scheduled-tasks scheduler="taskScheduler">
+		<task:scheduled ref="processEngine" method="cleanup" fixed-delay="60000" />
+	</task:scheduled-tasks>
+
+</beans>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
new file mode 100644
index 000000000..dadc6bf81
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/SpringExpressionEvaluatorTest-context.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd">
+
+	<bean id="simplePojo" class="com.datentechnik.process_engine.spring.test.SimplePojo">
+		<property name="booleanValue" value="true" />
+		<property name="integerValue" value="42" />
+		<property name="stringValue" value="HelloWorld" />
+	</bean>
+	
+	<bean id="expressionEvaluator" class="com.datentechnik.process_engine.spring.SpringExpressionEvaluator" />
+
+</beans>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
new file mode 100644
index 000000000..c68972f13
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/IdentityLink_Max_Mustermann.xml
@@ -0,0 +1,52 @@
+<?xml version="1.0" encoding="UTF-8"?><saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" AssertionID="szr.bmi.gv.at-AssertionID132860852347311974" IssueInstant="2012-02-07T10:55:23+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0">
+	<saml:AttributeStatement>
+		<saml:Subject>
+			<saml:SubjectConfirmation>
+				<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+				<saml:SubjectConfirmationData>
+					<pr:Person si:type="pr:PhysicalPersonType"><pr:Identification><pr:Value>tqCQEC7+AqGEeeL390V5Jg==</pr:Value><pr:Type>urn:publicid:gv.at:baseid</pr:Type></pr:Identification><pr:Name><pr:GivenName>Max</pr:GivenName><pr:FamilyName primary="undefined">Mustermann</pr:FamilyName></pr:Name><pr:DateOfBirth>1940-01-01</pr:DateOfBirth></pr:Person>
+				</saml:SubjectConfirmationData>
+			</saml:SubjectConfirmation>
+		</saml:Subject>
+	<saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2"><saml:AttributeValue><ecdsa:ECDSAKeyValue><ecdsa:DomainParameters><ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.7"/></ecdsa:DomainParameters><ecdsa:PublicKey><ecdsa:X Value="111409151487007036894649069746411000129419717653159596280366627647453458115517" si:type="ecdsa:PrimeFieldElemType"/><ecdsa:Y Value="94725036374184689337892465478597728884477416796494369571140658859618867645034" si:type="ecdsa:PrimeFieldElemType"/></ecdsa:PublicKey></ecdsa:ECDSAKeyValue></saml:AttributeValue></saml:Attribute></saml:AttributeStatement>
+	<dsig:Signature>
+		<dsig:SignedInfo>
+			<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+			<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+			<dsig:Reference URI="">
+				<dsig:Transforms>
+					<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+						<dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+					</dsig:Transform>
+					<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+				</dsig:Transforms>
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>Rmr5vkWXL/PvpoXnbK632QmzYms=</dsig:DigestValue>
+			</dsig:Reference>
+			<dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+				<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+				<dsig:DigestValue>HoPZWYll8aMFpKOlRSwckt5iCQk=</dsig:DigestValue>
+			</dsig:Reference>
+		</dsig:SignedInfo>
+		<dsig:SignatureValue>
+    NPpRwVo5/5kf5iHUyaEc7d7So3W4oPgOCYNgnKpgdZfttFkFFN+9oG60w7YvKEYSeTPhP3zp7eaH
+ZFapj+naD+wd0y5ELWep9Y+s+qP7fNLrFECHQxQasLWtR4akxlWDpYQ0bvOuepK2ip1EQ6pRlccA
+wJ1l4iOWFhfdA9YAg5QLkBqWSwgrNUswhLnDBM+Ot6Gj5g2rpYY7aoAOXvTR8B5Dkg94ASb4u0wv
+VPV8+4mjOfP+l6QWLqywzcq3qj/qFZkbujjZbV/fNPDnDD1ff/M6ZfCGO8xzlYfjfEA7cmHuiJf2
+/ey/3nT7vI5XbpBPWChT5Sl4DQysxlfE6e4MZw==
+  </dsig:SignatureValue><dsig:KeyInfo><dsig:X509Data><dsig:X509Certificate>MIIF3TCCBMWgAwIBAgIDByniMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAyMB4XDTEwMDcyODExMzY0M1oXDTE1MDcyODExMzY0M1owgbYxCzAJBgNVBAYTAkFUMR4wHAYDVQQKDBVEYXRlbnNjaHV0emtvbW1pc3Npb24xIjAgBgNVBAsMGVN0YW1temFobHJlZ2lzdGVyYmVob2VyZGUxLjAsBgNVBAMMJVNpZ25hdHVyc2VydmljZSBEYXRlbnNjaHV0emtvbW1pc3Npb24xFTATBgNVBAUTDDMyNTkyODMyMzk5ODEcMBoGCSqGSIb3DQEJARYNZHNrQGRzay5ndi5hdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAN+dBSEBGj2jUXIK1Mp3lVxc/Za+pJMiyKrX3G1ZxgX/ikx7D9scsPYMt473LlAWl9cmCbHbJK+PV2XNNdURLMUCIX+4vUNs2MHeDTQtX8BXjJFpwJYSoaRJQ39FVS/1r5sWcra9Hhdm7w5Gtx/2ukyDX0kdkxawkhP4EQEzi/SI+Fugn+WqgQ1nAdlbxb/dcBw5w1h9b3lmuwUf4z3ooQWUD2DgA/kKd1KejNR43mLUsmvSzevPxT9zs78pOR1OacB7IszTVJPXeOEaaNZHnnB/UeO3g8LEV/3OkXcUgcMkbIIiaBHlll71Pq0COj9kqjXoe7OrRjLY5i3KwOpa6TMCAwEAAaOCAgcwggIDMBMGA1UdIwQMMAqACEkcWDpP6A0DMH8GCCsGAQUFBwEBBHMwcTAnBggrBgEFBQcwAYYbaHR0cDovL29jc3AuYS10cnVzdC5hdC9vY3NwMEYGCCsGAQUFBzAChjpodHRwOi8vd3d3LmEtdHJ1c3QuYXQvY2VydHMvYS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMmEuY3J0MFQGA1UdIARNMEswSQYGKigAEQESMD8wPQYIKwYBBQUHAgEWMWh0dHA6Ly93d3cuYS10cnVzdC5hdC9kb2NzL2NwL2Etc2lnbi1BbXRzc2lnbmF0dXIwgZ4GA1UdHwSBljCBkzCBkKCBjaCBioaBh2xkYXA6Ly9sZGFwLmEtdHJ1c3QuYXQvb3U9YS1zaWduLWNvcnBvcmF0ZS1saWdodC0wMixvPUEtVHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQITAgOnhr0tbowDgYDVR0PAQH/BAQDAgSwMCAGA1UdEQQZMBeBFW1hcmN1cy5oaWxkQGRzay5ndi5hdDAJBgNVHRMEAjAAMA4GByooAAoBBwEEAwEB/zAUBgcqKAAKAQEBBAkMB0JTQi1EU0swDQYJKoZIhvcNAQEFBQADggEBAHTklnvPCH/bJSOlIPbLUEkSGuFHsektSZ8Vr22x/Yv7EzsxoQrJIiz2mQ2gQqFuExdWYxvsowjiSbiis9iUf1c0zscvDS3mIZxGs4M89XHsjHnIyb+Fuwnamw65QrFvM1tNB1ZMjxJ3x+YmHLHdtT3BEBcr3/NCRHd2S0HoBspNz9HVgJaZY1llR7poKBvnAc4g1i+QTvyVb00PtKxR9Lw/9ABInX/1pzpxqrPy7Ib2OP8z6dd3WHmIsCiSHUaj0Dxwwln6fYJjhxZ141SnbovlCLYtrsZLXoi9ljIqX4xO0PwMI2RfNc9cXxTRrRS6rEOvX7PpvgXiDXhp592Yyp4=</dsig:X509Certificate></dsig:X509Data></dsig:KeyInfo>
+		<dsig:Object>
+			<dsig:Manifest Id="manifest">
+				<dsig:Reference URI="">
+					<dsig:Transforms>
+						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+							<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+						</dsig:Transform>
+					</dsig:Transforms>
+					<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					<dsig:DigestValue>7IkIdYti2dh3VZQ4Fp+9lPT67cM=</dsig:DigestValue>
+				</dsig:Reference>
+			</dsig:Manifest>
+		</dsig:Object>
+	</dsig:Signature>
+</saml:Assertion>
\ No newline at end of file
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
new file mode 100644
index 000000000..3aeedd590
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SAML1Assertion.xml
@@ -0,0 +1,487 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<saml:Assertion AssertionID="6025428631468682100" IssueInstant="2008-07-14T17:51:38+02:00" Issuer="https://localhost:18443/moa-id-auth/" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
+  <saml:AttributeStatement>
+	 <saml:Subject>
+		<saml:NameIdentifier NameQualifier="urn:publicid:gv.at:wbpk+FN+www.act.at">K2YMyx3/5kIpNJR+SAD/rbRYH+c=</saml:NameIdentifier>
+		<saml:SubjectConfirmation>
+		  <saml:ConfirmationMethod>http://reference.e-government.gv.at/namespace/moa/20020822#cm</saml:ConfirmationMethod>
+		  <saml:SubjectConfirmationData>
+			 <saml:Assertion AssertionID="any" IssueInstant="2008-07-14T17:51:26+02:00" Issuer="Thomas Knall" MajorVersion="1" MinorVersion="0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
+				<saml:AttributeStatement>
+				  <saml:Subject>
+					 <saml:NameIdentifier>https://localhost:18443/moa-id-auth/</saml:NameIdentifier>
+				  </saml:Subject>
+				  <saml:Attribute AttributeName="wbPK" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+					 <saml:AttributeValue>
+						<pr:Identification>
+						  <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+						  <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+						</pr:Identification>
+					 </saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="OA" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+					 <saml:AttributeValue>https://localhost:48443/mandates/</saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="Geburtsdatum" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+					 <saml:AttributeValue>1978-04-29</saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="RepresentationType" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+					 <saml:AttributeValue>Vollmachtsvertreter</saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="MandatorName" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+					 <saml:AttributeValue>MeineTestFirma</saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="MandatorWbpk" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+					 <saml:AttributeValue>123456i</saml:AttributeValue>
+				  </saml:Attribute>
+				</saml:AttributeStatement>
+				<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+				  <dsig:SignedInfo>
+					 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+					 <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+					 <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
+						<dsig:Transforms>
+						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+							 <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+								<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+								  <html xmlns="http://www.w3.org/1999/xhtml">
+									 <head>
+										<title>Signatur der Anmeldedaten</title>
+										<style media="screen" type="text/css">
+		  .boldstyle { font-weight: bold; }
+		  .italicstyle { font-style: italic; }
+		  .annotationstyle { font-size: small; }
+		  </style>
+									 </head>
+									 <body>
+										<h1>Signatur der Anmeldedaten</h1>
+										<p/>
+										<h4>Mit meiner elektronischen Signatur beantrage ich,
+			 <span class="boldstyle">
+											 <xsl:value-of select="//@Issuer"/>
+										  </span>, geboren am
+			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
+			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
+			 <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
+			 <xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
+				in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
+				(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
+			 </xsl:if>
+			 den Zugang zur gesicherten Anwendung.
+		  </h4>
+										<p/>
+										<h4>Datum und Uhrzeit:
+			 <xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
+			 <xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
+			 <xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
+			 <xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
+			 <xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
+			 <xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+										</h4>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+										  <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
+										  </h4>
+										</xsl:if>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+										  <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
+										  </h4>
+										</xsl:if>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
+										  <hr/>
+										  <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
+				von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
+											 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
+				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
+				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
+				  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
+											 </xsl:if>
+											 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
+				  <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
+											 </xsl:if>, in deren Auftrag zu handeln.
+			 </h4>
+										  <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
+											 <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
+											 </h4>
+										  </xsl:if>
+										  <p/>
+										</xsl:if>
+										<xsl:choose>
+										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+											 <p/>
+											 <hr/>
+										  </xsl:when>
+										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+											 <p/>
+											 <hr/>
+										  </xsl:when>
+										  <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+											 <p/>
+											 <hr/>
+										  </xsl:when>
+										</xsl:choose>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+										  <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
+			 jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
+			 Wirtschaftsunternehmen.</div>
+										</xsl:if>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+										  <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
+			 Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
+			 Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
+										</xsl:if>
+										<xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+										  <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
+			 beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
+										</xsl:if>
+									 </body>
+								  </html>
+								</xsl:template>
+							 </xsl:stylesheet>
+						  </dsig:Transform>
+						  <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+						</dsig:Transforms>
+						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						<dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
+					 </dsig:Reference>
+					 <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
+						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						<dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
+					 </dsig:Reference>
+				  </dsig:SignedInfo>
+				  <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
++lyI</dsig:SignatureValue>
+				  <dsig:KeyInfo>
+					 <dsig:X509Data>
+						<dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
+EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
+dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
+LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
+LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
+BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
+YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
+MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
+6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
+MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
+CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
+BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
+aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
+dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
+ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
+dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
+VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
+ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
+SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
+CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
+BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
+ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
+uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
+egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
+GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
+SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
+</dsig:X509Certificate>
+					 </dsig:X509Data>
+				  </dsig:KeyInfo>
+				  <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
+					 <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
+						<etsi:SignedProperties>
+						  <etsi:SignedSignatureProperties>
+							 <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
+							 <etsi:SigningCertificate>
+								<etsi:Cert>
+								  <etsi:CertDigest>
+									 <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+									 <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
+								  </etsi:CertDigest>
+								  <etsi:IssuerSerial>
+									 <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
+									 <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
+								  </etsi:IssuerSerial>
+								</etsi:Cert>
+							 </etsi:SigningCertificate>
+							 <etsi:SignaturePolicyIdentifier>
+								<etsi:SignaturePolicyImplied/>
+							 </etsi:SignaturePolicyIdentifier>
+						  </etsi:SignedSignatureProperties>
+						  <etsi:SignedDataObjectProperties>
+							 <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
+								<etsi:MimeType>application/xhtml+xml</etsi:MimeType>
+							 </etsi:DataObjectFormat>
+						  </etsi:SignedDataObjectProperties>
+						</etsi:SignedProperties>
+					 </etsi:QualifyingProperties>
+				  </dsig:Object>
+				</dsig:Signature>
+			 </saml:Assertion>
+			 <saml:Assertion AssertionID="szr.bmi.gv.at-AssertionID11936526102761952" IssueInstant="2007-10-29T10:10:10+01:00" Issuer="http://portal.bmi.gv.at/ref/szr/issuer" MajorVersion="1" MinorVersion="0" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:ecdsa="http://www.w3.org/2001/04/xmldsig-more#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
+				<saml:AttributeStatement>
+				  <saml:Subject>
+					 <saml:SubjectConfirmation>
+						<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
+						<saml:SubjectConfirmationData>
+						  <pr:Person si:type="pr:PhysicalPersonType">
+							 <pr:Identification>
+								<pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+								<pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+							 </pr:Identification>
+							 <pr:Name>
+								<pr:GivenName>Thomas</pr:GivenName>
+								<pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+							 </pr:Name>
+							 <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+						  </pr:Person>
+						</saml:SubjectConfirmationData>
+					 </saml:SubjectConfirmation>
+				  </saml:Subject>
+				  <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+					 <saml:AttributeValue>
+						<ecdsa:ECDSAKeyValue>
+						  <ecdsa:DomainParameters>
+							 <ecdsa:NamedCurve URN="urn:oid:1.2.840.10045.3.1.1"/>
+						  </ecdsa:DomainParameters>
+						  <ecdsa:PublicKey>
+							 <ecdsa:X Value="2638720011055700682018137297354399374048880611104468142324" si:type="ecdsa:PrimeFieldElemType"/>
+							 <ecdsa:Y Value="2804889174475641803405778188053052844820705830770276369958" si:type="ecdsa:PrimeFieldElemType"/>
+						  </ecdsa:PublicKey>
+						</ecdsa:ECDSAKeyValue>
+					 </saml:AttributeValue>
+				  </saml:Attribute>
+				  <saml:Attribute AttributeName="CitizenPublicKey" AttributeNamespace="urn:publicid:gv.at:namespaces:identitylink:1.2">
+					 <saml:AttributeValue>
+						<dsig:RSAKeyValue>
+						  <dsig:Modulus>sWOqPZzPTn9VvBR5LjuopIWYdh5aGzuX2vMjofhn8bStba1CDW1qkDdlYW4Rs/DfU/I1uqor4Lje
+/G3Yzh82yD0MHdzlW8MYUJ8RJe+czbjRUPaSbC/NRqhyF3eKnflxM++sJb2abrUH/9TV0q8P5QRS
+uZC/JpAEYpSazysPz/fv8AEnU8oxcTvCiax1jf2GZPmm3qFjPc4qDYNHqfnE8yWYt7kHeqPV/cRw
+x3aMGW8mRwQZb7VRFLW5g37nrt9N</dsig:Modulus>
+						  <dsig:Exponent>AQAB</dsig:Exponent>
+						</dsig:RSAKeyValue>
+					 </saml:AttributeValue>
+				  </saml:Attribute>
+				</saml:AttributeStatement>
+				<dsig:Signature>
+				  <dsig:SignedInfo>
+					 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					 <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
+					 <dsig:Reference URI="">
+						<dsig:Transforms>
+						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+							 <dsig:XPath>not(ancestor-or-self::pr:Identification)</dsig:XPath>
+						  </dsig:Transform>
+						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						</dsig:Transforms>
+						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						<dsig:DigestValue>b3d/wcQb0Bl0/6GSPsrMxWpdRLA=</dsig:DigestValue>
+					 </dsig:Reference>
+					 <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#manifest">
+						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						<dsig:DigestValue>eet0q3Thmw6+cbO1fazbEg0556I=</dsig:DigestValue>
+					 </dsig:Reference>
+				  </dsig:SignedInfo>
+				  <dsig:SignatureValue>
+oy55Cq7IyYy7z/TO2a3+m7tjG/ztiKhxhGzVqEYIWIObEOs/GVJDCCI4oe/HS8Fhc4TaXDcZXk4y
+qBp4JJ288TeaNjPYkPzp38nWJ4xRatEyo7VaySXy+TqgwiBT5uhxrwkroCr4ZIWwOvt1uR5UBVAf
+qk1ii+LPW2WYE3bMpoHfrM9CdFSPzWTRl/0zsEURc64EBPyIdKz+c70DaexeX2E0JVelKcj+jDaJ
+mHsFhi/9QoscqPEVA87qv07yhyK5S41+f3HDvpuhYwvQDdOq50sclfsI+g9r473VxiRsOmJ9Ak4/
+k2KP0tgfAQ+h5hRGQUUo5LYPywjg7zPxe8SGGA==
+</dsig:SignatureValue>
+				  <dsig:KeyInfo>
+					 <dsig:X509Data>
+						<dsig:X509Certificate>
+MIIFZTCCBE2gAwIBAgIDAt4cMA0GCSqGSIb3DQEBBQUAMIGfMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMSIwIAYDVQQLDBlhLXNpZ24tY29y
+cG9yYXRlLWxpZ2h0LTAzMSIwIAYDVQQDDBlhLXNpZ24tY29ycG9yYXRlLWxpZ2h0
+LTAzMB4XDTA3MDExOTA5MDY0OFoXDTEyMDExOTA5MDY0OFowgZwxCzAJBgNVBAYT
+AkFUMRkwFwYDVQQKDBBCdW5kZXNrYW56bGVyYW10MR4wHAYDVQQLDBVEYXRlbnNj
+aHV0emtvbW1pc3Npb24xHTAbBgNVBAMMFERyLiBXYWx0cmF1dCBLb3RzY2h5MRUw
+EwYDVQQFEww3MDAyNDc0OTk4MDQxHDAaBgkqhkiG9w0BCQEWDWRza0Bkc2suZ3Yu
+YXQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDfnQUhARo9o1FyCtTK
+d5VcXP2WvqSTIsiq19xtWcYF/4pMew/bHLD2DLeO9y5QFpfXJgmx2ySvj1dlzTXV
+ESzFAiF/uL1DbNjB3g00LV/AV4yRacCWEqGkSUN/RVUv9a+bFnK2vR4XZu8ORrcf
+9rpMg19JHZMWsJIT+BEBM4v0iPhboJ/lqoENZwHZW8W/3XAcOcNYfW95ZrsFH+M9
+6KEFlA9g4AP5CndSnozUeN5i1LJr0s3rz8U/c7O/KTkdTmnAeyLM01ST13jhGmjW
+R55wf1Hjt4PCxFf9zpF3FIHDJGyCImgR5ZZe9T6tAjo/ZKo16Huzq0Yy2OYtysDq
+WukzAgMBAAGjggGpMIIBpTATBgNVHSMEDDAKgAhBkWkcv63YmDBVBggrBgEFBQcB
+AQRJMEcwRQYIKwYBBQUHMAKGOWh0dHA6Ly93d3cuYS10cnVzdC5hdC9jZXJ0cy9h
+LXNpZ24tY29ycG9yYXRlLWxpZ2h0LTAzLmNydDBYBgNVHSAEUTBPME0GByooABEB
+BwEwQjBABggrBgEFBQcCARY0aHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3Av
+YS1zaWduLWNvcnBvcmF0ZS1saWdodDCBngYDVR0fBIGWMIGTMIGQoIGNoIGKhoGH
+bGRhcDovL2xkYXAuYS10cnVzdC5hdC9vdT1hLXNpZ24tY29ycG9yYXRlLWxpZ2h0
+LTAzLG89QS1UcnVzdCxjPUFUP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q/YmFz
+ZT9vYmplY3RjbGFzcz1laWRDZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MBEGA1UdDgQK
+BAhMCA6eGvS1ujAOBgNVHQ8BAf8EBAMCBLAwCQYDVR0TBAIwADAOBgcqKAAKAQcB
+BAMBAf8wDQYJKoZIhvcNAQEFBQADggEBAEoIvqPLAg0n2wCS27zTL+hmLi7zSbes
+Od4e6pFT1l3cwGfdTkhiHVPnPRaDGLQkS384fAXBrOp6W13X9m2jD9csO6vZhd+T
+nERXN1AqayoaecXFyHPykVUTLhn6pMdiSE21mEozfGLUDGMz74lvphEKFAOOCgp1
+o5ZCR09RbGAEbQNNn+ucXJxIa3mYjr1h3AElVbXoeoz12qUpqsNm9znymSkcmcNo
+B5Pk6qXXx9UeC/Tj0aTglNkcMOSCFayldzOBaY6+qWKguPdzQUEryhGiNuARQpM5
+KMzvI0rmpc4Gau5HT9rQZHadr++VS8v1k6935uIyyZF9s+gdS5ywnSM=
+</dsig:X509Certificate>
+					 </dsig:X509Data>
+				  </dsig:KeyInfo>
+				  <dsig:Object>
+					 <dsig:Manifest Id="manifest">
+						<dsig:Reference URI="">
+						  <dsig:Transforms>
+							 <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+								<dsig:XPath>not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+							 </dsig:Transform>
+						  </dsig:Transforms>
+						  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						  <dsig:DigestValue>JZGwiDzQAtJtnJMeeXyypTrDjwY=</dsig:DigestValue>
+						</dsig:Reference>
+					 </dsig:Manifest>
+				  </dsig:Object>
+				</dsig:Signature>
+			 </saml:Assertion>
+		  </saml:SubjectConfirmationData>
+		</saml:SubjectConfirmation>
+	 </saml:Subject>
+	 <saml:Attribute AttributeName="PersonData" AttributeNamespace="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+		<saml:AttributeValue>
+		  <pr:Person si:type="pr:PhysicalPersonType" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:si="http://www.w3.org/2001/XMLSchema-instance">
+			 <pr:Identification>
+				<pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+				<pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+			 </pr:Identification>
+			 <pr:Name>
+				<pr:GivenName>Thomas</pr:GivenName>
+				<pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+			 </pr:Name>
+			 <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+		  </pr:Person>
+		</saml:AttributeValue>
+	 </saml:Attribute>
+	 <saml:Attribute AttributeName="isQualifiedCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+		<saml:AttributeValue>true</saml:AttributeValue>
+	 </saml:Attribute>
+	 <saml:Attribute AttributeName="bkuURL" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+		<saml:AttributeValue>https://127.0.0.1:3496/https-security-layer-request</saml:AttributeValue>
+	 </saml:Attribute>
+	 <saml:Attribute AttributeName="SignerCertificate" AttributeNamespace="http://reference.e-government.gv.at/namespace/moa/20020822#">
+		<saml:AttributeValue>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVhLXNpZ24tUHJl
+bWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVtLVNpZy0wMjAeFw0w
+NjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJBgNVBAYTAkFUMRUwEwYD
+VQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtuYWxsMQ8wDQYDVQQqDAZUaG9t
+YXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTELMAkGA1UEDAwCREkwSTATBgcqhkjO
+PQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp
+/NaiOuvrpv2RDVEKQm2tBiajggIPMIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAn
+BggrBgEFBQcBAwEB/wQYMBYwCAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUF
+BwEBBG8wbTBCBggrBgEFBQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRz
+L2Etc2lnbi1QcmVtaXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8v
+b2NzcC5hLXRydXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4Bggr
+BgEFBQcCARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVBy
+ZW1pdW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEtVHJ1
+c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2JqZWN0Y2xh
+c3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQISNyH29WUoCgw
+DgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUHCQExERgPMTk3ODA0
+MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEFBQADggEBAFkSCJE0YD4p
+4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/ylYn8NQ4mMkD+yCDNtm8m8nr
+0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6uunLH0aFUpAhy+3mDdlH8uhhIQBH
+wCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkIegO8OHQDadhgJvW80qspiao2DTac6vVg
+x4tGvjpdmw1R2pXBYhHD5rkPHlkfGoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwn
+W9B8uPWSM5EYPoWJyBOWcKBLSSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA7
+2/uCFrBzyTk=</saml:AttributeValue>
+	 </saml:Attribute>
+	 <saml:Attribute AttributeName="Mandate" AttributeNamespace="http://reference.e-government.gv.at/namespace/mandates/20040701#">
+		<saml:AttributeValue>
+		  <md:Mandate MandateID="https://egov.act.at/mandates/20080714174835/886164" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:md="http://reference.e-government.gv.at/namespace/mandates/20040701#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">
+			 <md:Annotation>Prokura - MeineTestFirma</md:Annotation>
+			 <md:StatusInformationService>http://localhost:58080/omsp/OMSPRequest</md:StatusInformationService>
+			 <md:Representative>
+				<pr:PhysicalPerson>
+				  <pr:Identification>
+					 <pr:Value>K2YMyx3/5kIpNJR+SAD/rbRYH+c=</pr:Value>
+					 <pr:Type>urn:publicid:gv.at:wbpk+FN+www.act.at</pr:Type>
+				  </pr:Identification>
+				  <pr:Name>
+					 <pr:GivenName>Thomas</pr:GivenName>
+					 <pr:FamilyName primary="undefined">Knall</pr:FamilyName>
+				  </pr:Name>
+				  <pr:DateOfBirth>1978-04-29</pr:DateOfBirth>
+				</pr:PhysicalPerson>
+			 </md:Representative>
+			 <md:Mandator>
+				<pr:CorporateBody>
+				  <pr:Identification>
+					 <pr:Value>123456i</pr:Value>
+					 <pr:Type>urn:publicid:gv.at:baseid+XFN</pr:Type>
+				  </pr:Identification>
+				  <pr:FullName>MeineTestFirma</pr:FullName>
+				</pr:CorporateBody>
+			 </md:Mandator>
+			 <md:Issued>
+				<md:Place>Wien</md:Place>
+				<md:Date>2008-07-14</md:Date>
+			 </md:Issued>
+			 <md:Properties>
+				<md:SubstitutionAllowed>false</md:SubstitutionAllowed>
+			 </md:Properties>
+			 <md:SimpleMandateContent>
+				<md:TextualDescription>Der/Die Bevollmächtigte wird zum Prokuristen/Prokuristin bestellt.</md:TextualDescription>
+			 </md:SimpleMandateContent>
+			 <dsig:Signature Id="signature-1-1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+				<dsig:SignedInfo>
+				  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+				  <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+				  <dsig:Reference Id="reference-1-1" URI="">
+					 <dsig:Transforms>
+						<dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+						  <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::pr:Identification or ancestor-or-self::dsig:Signature)</dsig:XPath>
+						</dsig:Transform>
+						<dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+					 </dsig:Transforms>
+					 <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					 <dsig:DigestValue>PRRF0sWBgoywztCKWEXafZfhpd0=</dsig:DigestValue>
+				  </dsig:Reference>
+				  <dsig:Reference Type="http://www.w3.org/2000/09/xmldsig#Manifest" URI="#dsig-manifest-1-1">
+					 <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					 <dsig:DigestValue>NorNorUqPFMA06JfxSJopOq7Qv0=</dsig:DigestValue>
+				  </dsig:Reference>
+				</dsig:SignedInfo>
+				<dsig:SignatureValue>IQMZFc57XZd9LjeiaZqSfzZtWuXhuikAqbKA7pWuDK02DLFSYZPXsGjcvnwNdVaP</dsig:SignatureValue>
+				<dsig:KeyInfo>
+				  <dsig:X509Data>
+					 <dsig:X509Certificate>MIICtjCCAm6gAwIBAgIBATAJBgcqhkjOPQQBMGoxCzAJBgNVBAYTAkFUMQ0wCwYD
+VQQHEwRXaWVuMRkwFwYDVQQJExBFc3NsaW5nZ2Fzc2UgNS85MQwwCgYDVQQKEwNB
+Q1QxIzAhBgNVBAMTGlZvbGxtYWNodGVuIFNpZ25hdHVyZGllbnN0MB4XDTA4MDcw
+ODE1MTk1MFoXDTEyMTIzMTIxNTk1OVowajELMAkGA1UEBhMCQVQxDTALBgNVBAcT
+BFdpZW4xGTAXBgNVBAkTEEVzc2xpbmdnYXNzZSA1LzkxDDAKBgNVBAoTA0FDVDEj
+MCEGA1UEAxMaVm9sbG1hY2h0ZW4gU2lnbmF0dXJkaWVuc3QwgfMwgbwGByqGSM49
+AgEwgbACAQEwJAYHKoZIzj0BAQIZAP////////////////////7//////////zA0
+BBj////////////////////+//////////wEGGQhBRnlnIDnD6fpq3IkMEn+uN7s
+wUa5sQQxBBiNqA6wMJD2fL8g60OhiAD0/wr9gv8QEgcZK5X/yNp4YxAR7WskzdVz
++XehHnlIEQIZAP///////////////5ne+DYUa8mxtNIoMQIBAQMyAAS908G9FD5/
+LLYruwFbp9giXahdQ1FAqKwzohSn9pgsVTQBnvXxU8IWIzhPHs49DZCjazBpMAwG
+A1UdEwEB/wQCMAAwHQYDVR0OBBYEFLOSgnkLSJ3l4Ah49rHX/FAV1wWcMBkGA1Ud
+IAQSMBAwDgYMKwYBBAGVEgECBAEBMB8GA1UdIwQYMBaAFLOSgnkLSJ3l4Ah49rHX
+/FAV1wWcMAkGByqGSM49BAEDNwAwNAIYTTppZzS6wqoLDFcf9frHzf1kMheY04dT
+Ahg4Nrb54vE3DTRf9sbO4xs4dTARHSt1ihA=</dsig:X509Certificate>
+				  </dsig:X509Data>
+				</dsig:KeyInfo>
+				<dsig:Object>
+				  <dsig:Manifest Id="dsig-manifest-1-1">
+					 <dsig:Reference Id="reference-1-2" URI="">
+						<dsig:Transforms>
+						  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116">
+							 <dsig:XPath xmlns:dsig="http://www.w3.org/2000/09/xmldsig#" xmlns:moa="http://reference.e-government.gv.at/namespace/moa/20020822#" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#">not(ancestor-or-self::dsig:Signature)</dsig:XPath>
+						  </dsig:Transform>
+						  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+						  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
+						</dsig:Transforms>
+						<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+						<dsig:DigestValue>oz6ThHPL3V7RNibfPrDSWVhUgi8=</dsig:DigestValue>
+					 </dsig:Reference>
+				  </dsig:Manifest>
+				</dsig:Object>
+			 </dsig:Signature>
+		  </md:Mandate>
+		</saml:AttributeValue>
+	 </saml:Attribute>
+  </saml:AttributeStatement>
+</saml:Assertion>
diff --git a/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
new file mode 100644
index 000000000..450ba90f3
--- /dev/null
+++ b/id/server/idserverlib/src/test/resources/at/gv/egovernment/moa/id/process/spring/test/task/SignedAuthBlock.xml
@@ -0,0 +1,179 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<dsig:Signature Id="signature-1216050695-35956125-21395" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
+  <dsig:SignedInfo>
+	 <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
+	 <dsig:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1"/>
+	 <dsig:Reference Id="signed-data-reference-0-1216050695-35956125-19584" URI="">
+		<dsig:Transforms>
+		  <dsig:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
+		  <dsig:Transform Algorithm="http://www.w3.org/TR/1999/REC-xslt-19991116">
+			 <xsl:stylesheet version="1.0" xmlns:pr="http://reference.e-government.gv.at/namespace/persondata/20020228#" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">
+				<xsl:template match="/" xmlns="http://www.w3.org/1999/xhtml">
+				  <html xmlns="http://www.w3.org/1999/xhtml">
+					 <head>
+						<title>Signatur der Anmeldedaten</title>
+						<style media="screen" type="text/css">
+.boldstyle { font-weight: bold; }
+.italicstyle { font-style: italic; }
+.annotationstyle { font-size: small; }
+</style>
+					 </head>
+					 <body>
+						<h1>Signatur der Anmeldedaten</h1>
+						<p/>
+						<h4>Mit meiner elektronischen Signatur beantrage ich,
+<span class="boldstyle">
+							 <xsl:value-of select="//@Issuer"/>
+						  </span>, geboren am
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,9,2)"/>.
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,6,2)"/>.
+<xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;Geburtsdatum&apos;]/saml:AttributeValue,1,4)"/>,
+<xsl:if test="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]">
+in der Rolle als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OIDTextualDescription&apos;]/saml:AttributeValue"/>
+(OID***= <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;OID&apos;]/saml:AttributeValue"/>),
+</xsl:if>
+den Zugang zur gesicherten Anwendung.
+</h4>
+						<p/>
+						<h4>Datum und Uhrzeit:
+<xsl:value-of select="substring(//@IssueInstant,9,2)"/>.
+<xsl:value-of select="substring(//@IssueInstant,6,2)"/>.
+<xsl:value-of select="substring(//@IssueInstant,1,4)"/>,
+<xsl:value-of select="substring(//@IssueInstant,12,2)"/>:
+<xsl:value-of select="substring(//@IssueInstant,15,2)"/>:
+<xsl:value-of select="substring(//@IssueInstant,18,2)"/>
+						</h4>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+						  <h4>HPI(**): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;HPI&apos;]/saml:AttributeValue"/>
+						  </h4>
+						</xsl:if>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+						  <h4>wbPK(*): <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]/saml:AttributeValue/pr:Identification/pr:Value"/>
+						  </h4>
+						</xsl:if>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]">
+						  <hr/>
+						  <h4>Ich bin weiters ermächtigt als <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;RepresentationType&apos;]/saml:AttributeValue/text()"/>
+von <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorName&apos;]/saml:AttributeValue/text()"/>
+							 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]">, geboren am
+  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,9,2)"/>.
+  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,6,2)"/>.
+  <xsl:value-of select="substring(//saml:Attribute[@AttributeName=&apos;MandatorDateOfBirth&apos;]/saml:AttributeValue,1,4)"/>
+							 </xsl:if>
+							 <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]">,
+  <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorDomainIdentifier&apos;]/saml:AttributeValue/text()"/>
+							 </xsl:if>, in deren Auftrag zu handeln.
+</h4>
+						  <xsl:if test="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]">
+							 <h4>wbPK(*) des Vollmachtgebers: <xsl:value-of select="//saml:Attribute[@AttributeName=&apos;MandatorWbpk&apos;]/saml:AttributeValue/text()"/>
+							 </h4>
+						  </xsl:if>
+						  <p/>
+						</xsl:if>
+						<xsl:choose>
+						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+							 <p/>
+							 <hr/>
+						  </xsl:when>
+						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+							 <p/>
+							 <hr/>
+						  </xsl:when>
+						  <xsl:when test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+							 <p/>
+							 <hr/>
+						  </xsl:when>
+						</xsl:choose>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;wbPK&apos;]">
+						  <div class="annotationstyle">(*) wbPK: Das <span class="italicstyle">wirtschaftsbereichsspezifische Personenkennzeichen</span> wird aus den
+jeweiligen Stammzahlen des Bürgers und des Wirtschaftsunternehmens berechnet und ermöglicht eine eindeutige Zuordnung des Bürgers zum
+Wirtschaftsunternehmen.</div>
+						</xsl:if>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;HPI&apos;]">
+						  <div class="annotationstyle">(**) HPI: Der <span class="italicstyle">eHealth Professional Identifier</span> wird aus den jeweiligen
+Stammzahlen der Gesundheitsdiensteanbieterinnen / Gesundheitsdiensteanbieter berechnet und ermöglicht eine eindeutige Zuordnung der
+Gesundheitsdiensteanbieterin / des Gesundheitsdiensteanbieters im Gesundheitsbereich.</div>
+						</xsl:if>
+						<xsl:if test="//saml:Attribute[@AttributeName=&apos;OID&apos;]">
+						  <div class="annotationstyle">(***) OID: <span class="italicstyle">Object Identifier</span> sind standardisierte Objekt-Bezeichner und
+beschreiben eindeutig die Rollen des GDA-Token Inhabers.</div>
+						</xsl:if>
+					 </body>
+				  </html>
+				</xsl:template>
+			 </xsl:stylesheet>
+		  </dsig:Transform>
+		  <dsig:Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
+		</dsig:Transforms>
+		<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+		<dsig:DigestValue>0q9QWyqAyyiVNNLu1rIcU+nKsEE=</dsig:DigestValue>
+	 </dsig:Reference>
+	 <dsig:Reference Id="etsi-data-reference-0-1216050695-35956125-7815" Type="http://uri.etsi.org/01903/v1.1.1#SignedProperties" URI="#xmlns(etsi=http://uri.etsi.org/01903/v1.1.1%23)%20xpointer(id(&apos;etsi-data-object-0-1216050695-35956125-20638&apos;)/child::etsi:QualifyingProperties/child::etsi:SignedProperties)">
+		<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+		<dsig:DigestValue>WtB0/ptvoB/r/7+fauSUIBULymg=</dsig:DigestValue>
+	 </dsig:Reference>
+  </dsig:SignedInfo>
+  <dsig:SignatureValue>mZt9DuZiDqG81scsf30qjSDdy6vKC2/n034ZZwMUAvfWOXy3+Ubsk5X5CHhz
++lyI</dsig:SignatureValue>
+  <dsig:KeyInfo>
+	 <dsig:X509Data>
+		<dsig:X509Certificate>MIIEtDCCA5ygAwIBAgIDAgTEMA0GCSqGSIb3DQEBBQUAMIGXMQswCQYDVQQG
+EwJBVDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lz
+dGVtZSBpbSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR4wHAYDVQQLDBVh
+LXNpZ24tUHJlbWl1bS1TaWctMDIxHjAcBgNVBAMMFWEtc2lnbi1QcmVtaXVt
+LVNpZy0wMjAeFw0wNjA0MDQwOTUyMjhaFw0xMTA0MDQwOTUyMjhaMGkxCzAJ
+BgNVBAYTAkFUMRUwEwYDVQQDDAxUaG9tYXMgS25hbGwxDjAMBgNVBAQMBUtu
+YWxsMQ8wDQYDVQQqDAZUaG9tYXMxFTATBgNVBAUTDDUzNTE5ODkyMzM0OTEL
+MAkGA1UEDAwCREkwSTATBgcqhkjOPQIBBggqhkjOPQMBAQMyAARrnYW5sXCQ
+6M3irWaanDPi/ROXueKWiPRyZGjNH0Cp/NaiOuvrpv2RDVEKQm2tBiajggIP
+MIICCzATBgNVHSMEDDAKgAhN3+H/S9nJ3zAnBggrBgEFBQcBAwEB/wQYMBYw
+CAYGBACORgEBMAoGCCsGAQUFBwsBMHsGCCsGAQUFBwEBBG8wbTBCBggrBgEF
+BQcwAoY2aHR0cDovL3d3dy5hLXRydXN0LmF0L2NlcnRzL2Etc2lnbi1QcmVt
+aXVtLVNpZy0wMmEuY3J0MCcGCCsGAQUFBzABhhtodHRwOi8vb2NzcC5hLXRy
+dXN0LmF0L29jc3AwWQYDVR0gBFIwUDBEBgYqKAARAQswOjA4BggrBgEFBQcC
+ARYsaHR0cDovL3d3dy5hLXRydXN0LmF0L2RvY3MvY3AvYS1zaWduLVByZW1p
+dW0wCAYGBACLMAEBMIGaBgNVHR8EgZIwgY8wgYyggYmggYaGgYNsZGFwOi8v
+bGRhcC5hLXRydXN0LmF0L291PWEtc2lnbi1QcmVtaXVtLVNpZy0wMixvPUEt
+VHJ1c3QsYz1BVD9jZXJ0aWZpY2F0ZXJldm9jYXRpb25saXN0P2Jhc2U/b2Jq
+ZWN0Y2xhc3M9ZWlkQ2VydGlmaWNhdGlvbkF1dGhvcml0eTARBgNVHQ4ECgQI
+SNyH29WUoCgwDgYDVR0PAQH/BAQDAgbAMCgGA1UdCQQhMB8wHQYIKwYBBQUH
+CQExERgPMTk3ODA0MjkwMDAwMDBaMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEF
+BQADggEBAFkSCJE0YD4p4izU3ekQYPv4Z7gm/VFlpma5hXNvwkajVjHlAqo/
+ylYn8NQ4mMkD+yCDNtm8m8nr0K/yICb8Gnkbv59i6nh2AbzYBBb49VnYYGL6
+uunLH0aFUpAhy+3mDdlH8uhhIQBHwCfgwG1qa5zXY7bz4Vzkac/h6T+JVFkI
+egO8OHQDadhgJvW80qspiao2DTac6vVgx4tGvjpdmw1R2pXBYhHD5rkPHlkf
+GoeL3ak6hq4ea94Oy5VfNTIJv5MA0J2G1mwnW9B8uPWSM5EYPoWJyBOWcKBL
+SSUqOt9D/9215ZGfbchkdRZjx0dTAD3FIhgG8nA72/uCFrBzyTk=
+</dsig:X509Certificate>
+	 </dsig:X509Data>
+  </dsig:KeyInfo>
+  <dsig:Object Id="etsi-data-object-0-1216050695-35956125-20638">
+	 <etsi:QualifyingProperties Target="#signature-1216050695-35956125-21395" xmlns:etsi="http://uri.etsi.org/01903/v1.1.1#">
+		<etsi:SignedProperties>
+		  <etsi:SignedSignatureProperties>
+			 <etsi:SigningTime>2008-07-14T15:51:35Z</etsi:SigningTime>
+			 <etsi:SigningCertificate>
+				<etsi:Cert>
+				  <etsi:CertDigest>
+					 <etsi:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
+					 <etsi:DigestValue>inMYWBmAxMHP7mDENjLFaEtv0Zk=</etsi:DigestValue>
+				  </etsi:CertDigest>
+				  <etsi:IssuerSerial>
+					 <dsig:X509IssuerName>CN=a-sign-Premium-Sig-02,OU=a-sign-Premium-Sig-02,O=A-Trust Ges. f. Sicherheitssysteme im elektr. Datenverkehr GmbH,C=AT</dsig:X509IssuerName>
+					 <dsig:X509SerialNumber>132292</dsig:X509SerialNumber>
+				  </etsi:IssuerSerial>
+				</etsi:Cert>
+			 </etsi:SigningCertificate>
+			 <etsi:SignaturePolicyIdentifier>
+				<etsi:SignaturePolicyImplied/>
+			 </etsi:SignaturePolicyIdentifier>
+		  </etsi:SignedSignatureProperties>
+		  <etsi:SignedDataObjectProperties>
+			 <etsi:DataObjectFormat ObjectReference="#signed-data-reference-0-1216050695-35956125-19584">
+				<etsi:MimeType>application/xhtml+xml</etsi:MimeType>
+			 </etsi:DataObjectFormat>
+		  </etsi:SignedDataObjectProperties>
+		</etsi:SignedProperties>
+	 </etsi:QualifyingProperties>
+  </dsig:Object>
+</dsig:Signature>
\ No newline at end of file
-- 
cgit v1.2.3