From 2c82d41a98e2617088cdcf3db72b40d9747ae292 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 26 Sep 2013 08:05:52 +0200
Subject: Features: -- Add additional parameters to customize BKUSelectionForm
 and SendAssertionForm -- change Target configuration -- insert some logging

Bugfixes:
-- Nullpointerexceptions in combination of an old userdatabase entry and a actual configuration tool version
---
 .../moa/id/auth/AuthenticationServer.java          | 93 +++++++---------------
 .../auth/builder/GetIdentityLinkFormBuilder.java   | 17 +++-
 .../moa/id/auth/builder/LoginFormBuilder.java      | 36 ++++++++-
 .../moa/id/auth/builder/SelectBKUFormBuilder.java  | 87 --------------------
 .../id/auth/builder/SendAssertionFormBuilder.java  | 17 +++-
 .../moa/id/auth/data/AuthenticationSession.java    |  2 -
 .../servlet/GenerateIFrameTemplateServlet.java     |  6 ++
 .../id/config/auth/AuthConfigurationProvider.java  | 10 ---
 .../moa/id/config/auth/OAAuthParameter.java        | 39 +++++++++
 .../id/config/legacy/BuildFromLegacyConfig.java    | 39 ++-------
 .../moa/id/moduls/AuthenticationManager.java       |  4 +-
 .../gv/egovernment/moa/id/moduls/SSOManager.java   |  4 +-
 .../moa/id/monitoring/DatabaseTestModule.java      | 54 +++++++++----
 .../moa/id/protocols/pvp2x/PVP2XProtocol.java      |  8 +-
 .../protocols/pvp2x/binding/ArtifactBinding.java   |  7 +-
 .../pvp2x/requestHandler/AuthnRequestHandler.java  |  4 +
 .../moa/id/protocols/saml1/SAML1Protocol.java      | 27 +------
 .../resources/templates/loginFormFull.html         | 35 +++-----
 .../resources/templates/sendAssertionFormFull.html |  6 +-
 .../builder/GetIdentityLinkFormBuilderTest.java    |  4 +-
 20 files changed, 218 insertions(+), 281 deletions(-)
 delete mode 100644 id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java

(limited to 'id/server/idserverlib')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
index dec5b81cf..bda1e3bfc 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/AuthenticationServer.java
@@ -25,7 +25,6 @@ package at.gv.egovernment.moa.id.auth;
 
 import iaik.asn1.ObjectID;
 import iaik.pki.PKIException;
-import iaik.x509.CertificateFactory;
 import iaik.x509.X509Certificate;
 import iaik.x509.X509ExtensionInitException;
 
@@ -39,12 +38,9 @@ import java.security.cert.CertificateException;
 import java.util.ArrayList;
 import java.util.Calendar;
 import java.util.Date;
-import java.util.HashMap;
-import java.util.HashSet;
 import java.util.Iterator;
 import java.util.List;
 import java.util.Map;
-import java.util.Set;
 import java.util.Vector;
 
 import javax.servlet.http.HttpServletRequest;
@@ -75,9 +71,6 @@ import at.gv.egovernment.moa.id.auth.builder.CreateXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.builder.DataURLBuilder;
 import at.gv.egovernment.moa.id.auth.builder.GetIdentityLinkFormBuilder;
 import at.gv.egovernment.moa.id.auth.builder.InfoboxReadRequestBuilder;
-import at.gv.egovernment.moa.id.auth.builder.InfoboxValidatorParamsBuilder;
-import at.gv.egovernment.moa.id.auth.builder.PersonDataBuilder;
-import at.gv.egovernment.moa.id.auth.builder.SelectBKUFormBuilder;
 import at.gv.egovernment.moa.id.auth.builder.VerifyXMLSignatureRequestBuilder;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSession;
 import at.gv.egovernment.moa.id.auth.data.CreateXMLSignatureResponse;
@@ -85,16 +78,12 @@ import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttribute;
 import at.gv.egovernment.moa.id.auth.data.ExtendedSAMLAttributeImpl;
 import at.gv.egovernment.moa.id.auth.data.IdentityLink;
 import at.gv.egovernment.moa.id.auth.data.InfoboxValidationResult;
-import at.gv.egovernment.moa.id.auth.data.InfoboxValidatorParams;
 import at.gv.egovernment.moa.id.auth.data.VerifyXMLSignatureResponse;
 import at.gv.egovernment.moa.id.auth.invoke.SignatureVerificationInvoker;
 import at.gv.egovernment.moa.id.auth.parser.CreateXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.ExtendedInfoboxReadResponseParser;
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.auth.parser.InfoboxReadResponseParser;
-import at.gv.egovernment.moa.id.auth.parser.SAMLArtifactParser;
 import at.gv.egovernment.moa.id.auth.parser.VerifyXMLSignatureResponseParser;
-import at.gv.egovernment.moa.id.auth.servlet.AuthServlet;
 import at.gv.egovernment.moa.id.auth.servlet.PEPSConnectorServlet;
 import at.gv.egovernment.moa.id.auth.stork.STORKAuthnRequestProcessor;
 import at.gv.egovernment.moa.id.auth.validator.CreateXMLSignatureResponseValidator;
@@ -111,16 +100,12 @@ import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWConstants
 import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.config.ConfigurationException;
-import at.gv.egovernment.moa.id.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.config.ConnectionParameter;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameter;
-import at.gv.egovernment.moa.id.config.auth.VerifyInfoboxParameters;
 import at.gv.egovernment.moa.id.config.stork.CPEPS;
 import at.gv.egovernment.moa.id.config.stork.STORKConfig;
 import at.gv.egovernment.moa.id.data.AuthenticationData;
-import at.gv.egovernment.moa.id.moduls.IRequest;
 import at.gv.egovernment.moa.id.storage.AssertionStorage;
 import at.gv.egovernment.moa.id.storage.AuthenticationSessionStoreage;
 import at.gv.egovernment.moa.id.util.HTTPUtils;
@@ -130,8 +115,6 @@ import at.gv.egovernment.moa.id.util.SSLUtils;
 import at.gv.egovernment.moa.id.util.client.mis.simple.MISMandate;
 import at.gv.egovernment.moa.logging.LogMsg;
 import at.gv.egovernment.moa.logging.Logger;
-import at.gv.egovernment.moa.util.Base64Utils;
-import at.gv.egovernment.moa.util.BoolUtils;
 import at.gv.egovernment.moa.util.Constants;
 import at.gv.egovernment.moa.util.DOMUtils;
 import at.gv.egovernment.moa.util.DateTimeUtils;
@@ -332,32 +315,32 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 //		}
 //	}
 
-	/**
-	 * Method readBKUSelectTag.
-	 * 
-	 * @param conf
-	 *            the ConfigurationProvider
-	 * @param connParam
-	 *            the ConnectionParameter for that connection
-	 * @return String
-	 * @throws ConfigurationException
-	 *             on config-errors
-	 * @throws PKIException
-	 *             on PKI errors
-	 * @throws IOException
-	 *             on any data error
-	 * @throws GeneralSecurityException
-	 *             on security errors
-	 */
-	private String readBKUSelectTag(ConfigurationProvider conf,
-			ConnectionParameter connParam) throws ConfigurationException,
-			PKIException, IOException, GeneralSecurityException {
-
-		if (connParam.isHTTPSURL())
-			return SSLUtils.readHttpsURL(conf, connParam);
-		else
-			return HTTPUtils.readHttpURL(connParam.getUrl());
-	}
+//	/**
+//	 * Method readBKUSelectTag.
+//	 * 
+//	 * @param conf
+//	 *            the ConfigurationProvider
+//	 * @param connParam
+//	 *            the ConnectionParameter for that connection
+//	 * @return String
+//	 * @throws ConfigurationException
+//	 *             on config-errors
+//	 * @throws PKIException
+//	 *             on PKI errors
+//	 * @throws IOException
+//	 *             on any data error
+//	 * @throws GeneralSecurityException
+//	 *             on security errors
+//	 */
+//	private String readBKUSelectTag(ConfigurationProvider conf,
+//			ConnectionParameter connParam) throws ConfigurationException,
+//			PKIException, IOException, GeneralSecurityException {
+//
+//		if (connParam.isHTTPSURL())
+//			return SSLUtils.readHttpsURL(conf, connParam);
+//		else
+//			return HTTPUtils.readHttpURL(connParam.getUrl());
+//	}
 
 	/**
 	 * Processes the beginning of an authentication session.
@@ -472,7 +455,7 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		
 		String htmlForm = new GetIdentityLinkFormBuilder().build(template,
 				session.getBkuURL(), infoboxReadRequest, dataURL, certInfoRequest,
-				certInfoDataURL, pushInfobox);
+				certInfoDataURL, pushInfobox, oaParam);
 		
 		return htmlForm;
 	}
@@ -608,13 +591,8 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 		session.setIdentityLink(identityLink);
 		// now validate the extended infoboxes
 		
-		//TODO: check correctness
-//		verifyInfoboxes(session, infoboxReadResponseParameters, !oaParam
-//				.getProvideStammzahl());
 		verifyInfoboxes(session, infoboxReadResponseParameters, false);
 
-
-		//TODO: make it better!!
 		return "found!";
 	}
 
@@ -760,22 +738,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 					.getOnlineApplicationParameter(
 							session.getPublicOAURLPrefix());
 
-		//TODO: CHECK!! is moved to buildAuthenticationBlock to hold the baseID in identitylink 		
-		// if (!fromMandate) {
-		// BZ.., calculate bPK for signing to be already present in AuthBlock
-//		IdentityLink identityLink = session.getIdentityLink();
-//		if (identityLink.getIdentificationType().equals(
-//				Constants.URN_PREFIX_BASEID)) {
-//			// only compute bPK if online application is a public service and we
-//			// have the Stammzahl
-//			String bpkBase64 = new BPKBuilder().buildBPK(identityLink
-//					.getIdentificationValue(), session.getTarget());
-//			identityLink.setIdentificationValue(bpkBase64);
-//			identityLink.setIdentificationType(Constants.URN_PREFIX_CDID + "+" + session.getTarget());
-//		}
-		// ..BZ
-		// }
-
 		// builds the AUTH-block
 		String authBlock = buildAuthenticationBlock(session, oaParam);
 
@@ -1924,7 +1886,6 @@ public class AuthenticationServer implements MOAIDAuthConstants {
 				null, VerifyXMLSignatureResponseValidator.CHECK_AUTH_BLOCK,
 				false);
 
-		// TODO See Bug #144
 		// Compare AuthBlock Data with information stored in session, especially
 		// date and time
 		CreateXMLSignatureResponseValidator.getInstance().validateSigningDateTime(csresp);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
index bd8d52031..56cb3a3db 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilder.java
@@ -29,6 +29,8 @@ import java.io.StringReader;
 import java.io.StringWriter;
 
 import at.gv.egovernment.moa.id.BuildException;
+import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 /**
  * Builder for HTML form requesting the security layer implementation
@@ -54,6 +56,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
   private static final String PUSHINFOBOX_TAG = "<PushInfobox>";
   /** special tag in the HTML template to be substituted for the BKU URL */
   private static final String MANDATE_TAG = "<Mandate>";
+  private static final String COLOR_TAG = "<COLOR>";
   /** private static int all contains the representation to replace all tags*/
   private static final int ALL = -1;
 
@@ -112,6 +115,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
    * @param bkuURL URL of the "B&uuml;rgerkartenumgebung" the form will be submitted to;
    *         may be <code>null</code>, in this case the default URL will be used
    * @param dataURL DataURL to be sent as a parameter in the form
+ * @param oaParam 
    */
   public String build(
   	String htmlTemplate, 
@@ -120,7 +124,7 @@ public class GetIdentityLinkFormBuilder extends Builder {
     String dataURL, 
     String certInfoXMLRequest, 
     String certInfoDataURL, 
-    String pushInfobox)
+    String pushInfobox, OAAuthParameter oaParam)
   throws BuildException 
   {      
   	String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
@@ -131,6 +135,17 @@ public class GetIdentityLinkFormBuilder extends Builder {
 //new:wird oben mitreplaced    htmlForm = replaceTag(htmlForm, BKU_TAG, bkuURL);
     htmlForm = replaceTag(htmlForm, CERTINFO_XMLREQUEST_TAG, encodeParameter(certInfoXMLRequest), true, ALL);
     htmlForm = replaceTag(htmlForm, CERTINFO_DATAURL_TAG, certInfoDataURL, true, ALL);
+    
+    if (oaParam != null) {
+    	if (MiscUtil.isNotEmpty(oaParam.getBKUSelectionBackGroundColor()))
+    		htmlForm = replaceTag(htmlForm, COLOR_TAG, oaParam.getBKUSelectionBackGroundColor(), false, ALL);
+    	else
+    		htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL);
+    	
+    } else
+    	htmlForm = replaceTag(htmlForm, COLOR_TAG, "#DDDDDD", false, ALL);
+    
+
   	return htmlForm;
   }
   
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
index f90634ab4..3282036b4 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/LoginFormBuilder.java
@@ -10,17 +10,24 @@ import java.net.URI;
 import org.apache.commons.io.IOUtils;
 
 import at.gv.egovernment.moa.id.auth.servlet.GenerateIFrameTemplateServlet;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.config.OAParameter;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class LoginFormBuilder {
 
 	private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
 	private static final String HTMLTEMPLATEFULL = "loginFormFull.html";
 	
+	private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\"";
+	private static final String TEMPLATEVISIBLE = " display: none";
+	private static final String TEMPLATEDISABLED =  "disabled=\"true\"";
+	private static final String TEMPLATECHECKED = "checked=\"true\"";
+	
 	private static String AUTH_URL = "#AUTH_URL#";
 	private static String MODUL = "#MODUL#";
 	private static String ACTION = "#ACTION#";
@@ -30,6 +37,12 @@ public class LoginFormBuilder {
 	private static String BKU_LOCAL =  "#LOCAL#"; 
 	private static String CONTEXTPATH = "#CONTEXTPATH#";
 	private static String MOASESSIONID = "#SESSIONID#";
+	private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#";
+	private static String COLOR = "#COLOR#";
+	private static String MANDATEVISIBLE = "#MANDATEVISIBLE#";
+	private static String MANDATECHECKED = "#MANDATECHECKED#";
+
+	
 	
 	private static String SERVLET = CONTEXTPATH+"/GenerateIframeTemplate";
 	
@@ -79,7 +92,7 @@ public class LoginFormBuilder {
 			return template;
 	}
 
-	public static String buildLoginForm(String modul, String action, String oaname, String contextpath, String moaSessionID) {
+	public static String buildLoginForm(String modul, String action, OAAuthParameter oaParam, String contextpath, String moaSessionID) {
 		String value = getTemplate();
 		
 		if(value != null) {
@@ -91,9 +104,28 @@ public class LoginFormBuilder {
 			}
 			value = value.replace(MODUL, modul);
 			value = value.replace(ACTION, action);
-			value = value.replace(OANAME, oaname);
+			value = value.replace(OANAME, oaParam.getFriendlyName());
 			value = value.replace(CONTEXTPATH, contextpath);
 			value = value.replace(MOASESSIONID, moaSessionID);
+			
+			String bgcolor = oaParam.getBKUSelectionBackGroundColor();
+			if (MiscUtil.isNotEmpty(bgcolor)) {
+				value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR);
+				value = value.replace(COLOR, bgcolor);
+			} else
+				value = value.replace(BACKGROUNDCOLOR, "");
+			
+			if (oaParam.isShowMandateCheckBox())
+				value = value.replace(MANDATEVISIBLE, "");
+			else
+				value = value.replace(MANDATEVISIBLE, TEMPLATEVISIBLE);
+			
+			if (oaParam.isOnlyMandateAllowed()) {
+				value = value.replace(MANDATECHECKED, TEMPLATECHECKED + " " + TEMPLATEDISABLED);
+				
+			} else
+				value = value.replace(MANDATECHECKED, "");
+			
 		}
 		return value;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
deleted file mode 100644
index bfc86d608..000000000
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SelectBKUFormBuilder.java
+++ /dev/null
@@ -1,87 +0,0 @@
-/*
- * Copyright 2003 Federal Chancellery Austria
- * MOA-ID has been developed in a cooperation between BRZ, the Federal
- * Chancellery Austria - ICT staff unit, and Graz University of Technology.
- *
- * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
- * the European Commission - subsequent versions of the EUPL (the "Licence");
- * You may not use this work except in compliance with the Licence.
- * You may obtain a copy of the Licence at:
- * http://www.osor.eu/eupl/
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the Licence is distributed on an "AS IS" basis,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the Licence for the specific language governing permissions and
- * limitations under the Licence.
- *
- * This product combines work with different licenses. See the "NOTICE" text
- * file for details on the various modules and licenses.
- * The "NOTICE" text file is part of the distribution. Any derivative works
- * that you distribute must include a readable copy of the "NOTICE" text file.
- */
-
-
-package at.gv.egovernment.moa.id.auth.builder;
-
-import at.gv.egovernment.moa.id.BuildException;
-
-/**
- * Builder for the BKU selection form requesting the user to choose
- * a BKU from a list.
- * 
- * @author Paul Ivancsics
- * @version $Id$
- */
-public class SelectBKUFormBuilder extends Builder {
-  /** private static String NL contains the NewLine representation in Java*/
-  private static final String nl = "\n";
-  /** special tag in the HTML template to be substituted for the form action which is
-   *  a URL of MOA-ID Auth */
-  private static final String ACTION_TAG = "<StartAuth>";
-  /** special tag in the HTML template to be substituted for the <code>&lt;select;gt;</code> tag
-   *  containing the BKU selection options */
-  private static final String SELECT_TAG = "<BKUSelect>";
-  /**
-   * Template for the default html-code to be returned as security-layer-selection to be built
-   */
-  private static final String DEFAULT_HTML_TEMPLATE = 
-  "<html>" + nl +
-  "<head>" + nl +
-  "<meta http-equiv=\"content-type\" content=\"text/html; charset=UTF-8\">" + nl +
-  "<title>Auswahl der B&uuml;rgerkartenumgebung</title>" + nl +
-  "</head>" + nl +
-  "<body>" + nl +
-  "<form name=\"BKUSelectionForm\"" + nl +
-  "      action=\"" + ACTION_TAG + "\"" + nl +
-  "      method=\"post\">" + nl +
-  SELECT_TAG + nl +
-  "  <input type=\"submit\" value=\"B&uuml;rgerkartenumgebung ausw&auml;hlen\"/>" + nl +
-  "</form>" + nl +
-  "</body>" + nl +
-  "</html>";
-  
-  /**
-   * Constructor
-   */
-  public SelectBKUFormBuilder() {
-    super();
-  }
-  /**
-   * Method build. Builds the form
-   * @param htmlTemplate to be used
-   * @param startAuthenticationURL the url where the startAuthenticationServlet can be found
-   * @param bkuSelectTag if a special bku should be used
-   * @return String
-   * @throws BuildException on any error
-   */
-  public String build(String htmlTemplate, String startAuthenticationURL, String bkuSelectTag) 
-    throws BuildException {
-    
-    String htmlForm = htmlTemplate == null ? DEFAULT_HTML_TEMPLATE : htmlTemplate;
-    htmlForm = replaceTag(htmlForm, ACTION_TAG, startAuthenticationURL, true, 1);
-    htmlForm = replaceTag(htmlForm, SELECT_TAG, bkuSelectTag, true, 1);
-    return htmlForm;
-  }
-
-}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
index 3f6a7d9d6..1796af94b 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/builder/SendAssertionFormBuilder.java
@@ -15,18 +15,23 @@ import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.id.config.auth.OAAuthParameter;
 import at.gv.egovernment.moa.id.protocols.saml1.SAML1Protocol;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 public class SendAssertionFormBuilder {
 	
 	private static final String HTMLTEMPLATESDIR = "htmlTemplates/";
 	private static final String HTMLTEMPLATEFULL = "sendAssertionFormFull.html";
 	
+	private static final String TEMPLATEBGCOLOR = "style=\"background-color: #COLOR#\"";
+	
 	private static String URL = "#URL#";
 	private static String MODUL = "#MODUL#";
 	private static String ACTION = "#ACTION#";
 	private static String ID = "#ID#";
 	private static String OANAME = "#OAName#";
 	private static String CONTEXTPATH = "#CONTEXTPATH#";
+	private static String BACKGROUNDCOLOR = "#BACKGROUNDCOLOR#";
+	private static String COLOR = "#COLOR#";
 	
 	private static String SERVLET = CONTEXTPATH+"/SSOSendAssertionServlet";
 	
@@ -69,7 +74,7 @@ public class SendAssertionFormBuilder {
 		return template;
 	}
 
-	public static String buildForm(String modul, String action, String id, String oaname, String contextpath) {
+	public static String buildForm(String modul, String action, String id, OAAuthParameter oaParam, String contextpath) {
 		String value = getTemplate();
 		
 		if(value != null) {
@@ -82,8 +87,16 @@ public class SendAssertionFormBuilder {
 			value = value.replace(MODUL, modul);
 			value = value.replace(ACTION, action);
 			value = value.replace(ID, id);
-			value = value.replace(OANAME, oaname);
+			value = value.replace(OANAME, oaParam.getFriendlyName());
 			value = value.replace(CONTEXTPATH, contextpath);
+			
+			String bgcolor = oaParam.getBKUSelectionBackGroundColor();
+			if (MiscUtil.isNotEmpty(bgcolor)) {
+				value = value.replace(BACKGROUNDCOLOR, TEMPLATEBGCOLOR);
+				value = value.replace(COLOR, bgcolor);
+			} else
+				value = value.replace(BACKGROUNDCOLOR, "");
+			
 		}
 		return value;
 	}
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
index 4560e69cf..540311231 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/data/AuthenticationSession.java
@@ -196,8 +196,6 @@ public class AuthenticationSession implements Serializable {
 	 */
 	private List extendedSAMLAttributesAUTH;
 
-	
-	//TODO: check if it is in use!
 	/**
 	 * If infobox validators are needed after signing, they can be stored in
 	 * this list.
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
index d4484a97c..dfabfccf6 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/servlet/GenerateIFrameTemplateServlet.java
@@ -98,6 +98,12 @@ public class GenerateIFrameTemplateServlet extends AuthServlet {
 		    	String bkuURL = oaParam.getBKUURL(bkuid);
 		    	String templateURL = AuthConfigurationProvider.getInstance().getSLRequestTemplates(bkuid);
 		    	
+		    	if (oaParam.isOnlyMandateAllowed()) 
+		    		useMandate = "true";
+		    	
+		    	if (!oaParam.isShowMandateCheckBox())
+		    		useMandate = "false";
+		    	
 		    	//parse all OA parameters i
 		    	StartAuthentificationParameterParser.parse(moasession, 
 		    											   target, 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index f2b068568..cc1a1304d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -24,16 +24,12 @@
 
 package at.gv.egovernment.moa.id.config.auth;
 
-import iaik.security.cipher.AESKeyGenerator;
-
 import java.io.File;
 import java.io.FileInputStream;
 import java.io.FileNotFoundException;
 import java.io.IOException;
 import java.math.BigInteger;
 import java.net.MalformedURLException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
 import java.util.ArrayList;
 import java.util.Date;
 import java.util.HashMap;
@@ -41,17 +37,11 @@ import java.util.List;
 import java.util.Map;
 import java.util.Properties;
 
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.NoSuchPaddingException;
 import javax.xml.bind.JAXBContext;
-import javax.xml.bind.Marshaller;
 import javax.xml.bind.Unmarshaller;
 
-import org.apache.commons.io.CopyUtils;
 import org.hibernate.cfg.Configuration;
 
-
 import at.gv.egovernment.moa.id.auth.AuthenticationServer;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
index 99d15a612..d2a70c527 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/OAAuthParameter.java
@@ -28,6 +28,7 @@ import java.util.ArrayList;
 import java.util.List;
 
 import at.gv.egovernment.moa.id.commons.db.dao.config.AuthComponentOA;
+import at.gv.egovernment.moa.id.commons.db.dao.config.BKUSelectionCustomizationType;
 import at.gv.egovernment.moa.id.commons.db.dao.config.BKUURLS;
 import at.gv.egovernment.moa.id.commons.db.dao.config.IdentificationNumber;
 import at.gv.egovernment.moa.id.commons.db.dao.config.Mandates;
@@ -41,6 +42,7 @@ import at.gv.egovernment.moa.id.commons.db.dao.config.TransformsInfoType;
 import at.gv.egovernment.moa.id.config.ConfigurationUtils;
 import at.gv.egovernment.moa.id.config.OAParameter;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.egovernment.moa.util.MiscUtil;
 import eu.stork.vidp.messages.builder.STORKMessagesBuilder;
 import eu.stork.vidp.messages.common.STORKConstants;
 import eu.stork.vidp.messages.stork.QualityAuthenticationAssuranceLevel;
@@ -283,6 +285,43 @@ public String getIdentityLinkDomainIdentifierType() {
 	return null;
 }
 
+public String getBKUSelectionBackGroundColor() {
+	TemplatesType templates = oa_auth.getTemplates();
+	if (templates != null) {
+		BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+		if (bkuselection != null) {
+			if (MiscUtil.isNotEmpty(bkuselection.getBackGroundColor()))
+				return bkuselection.getBackGroundColor();
+		}
+	}
+	return null;
+}
+
+
+public boolean isShowMandateCheckBox() {
+	TemplatesType templates = oa_auth.getTemplates();
+	if (templates != null) {
+		BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+		if (bkuselection != null) {
+			if (bkuselection.isMandateLoginButton() != null)
+				return bkuselection.isMandateLoginButton();
+		}
+	}
+	return true;
+}
+
+public boolean isOnlyMandateAllowed() {
+	TemplatesType templates = oa_auth.getTemplates();
+	if (templates != null) {
+		BKUSelectionCustomizationType bkuselection = templates.getBKUSelectionCustomization();
+		if (bkuselection != null) {
+			if (bkuselection.isOnlyMandateLoginAllowed() != null)
+				return bkuselection.isOnlyMandateLoginAllowed();
+		}
+	}
+	return false;
+}
+
 /**
  * @return the qaaLevel
  */
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
index 10729e981..651690166 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/legacy/BuildFromLegacyConfig.java
@@ -168,21 +168,18 @@ public class BuildFromLegacyConfig {
 	    	authGeneral.setTimeOuts(timeOuts);    	
 	    	generalAuth.setGeneralConfiguration(authGeneral);
 	    	
-	    	
-	    	//TODO: set Protocols!!!!
 	    	Protocols auth_protocols = new Protocols();
 	    	generalAuth.setProtocols(auth_protocols);
 	    	
 	    	LegacyAllowed prot_legacy = new LegacyAllowed();
 	    	auth_protocols.setLegacyAllowed(prot_legacy);
-	    	final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x"); //TODO: set default values
+	    	final List<String> PROTOCOLS_LEGACY_ALLOWED = Arrays.asList("id_saml1","id_pvp2x");
 	    	prot_legacy.setProtocolName(PROTOCOLS_LEGACY_ALLOWED);
 	    	
-	    	//TODO: remove beta test values
 	    	PVP2 prot_pvp2 = new PVP2();
 	    	auth_protocols.setPVP2(prot_pvp2);
-	    	prot_pvp2.setPublicURLPrefix("https://labda.iaik.tugraz.at:8443/moa-id-auth/");
-	    	prot_pvp2.setIssuerName("MOA-ID 2.0 Demo IDP");
+	    	prot_pvp2.setPublicURLPrefix("https://....");
+	    	prot_pvp2.setIssuerName("MOA-ID 2.x IDP");
 	    	
 	    	Organization pvp2_org = new Organization();
 	    	prot_pvp2.setOrganization(pvp2_org);
@@ -213,8 +210,8 @@ public class BuildFromLegacyConfig {
 	    	//SSO
 	    	SSO auth_sso = new SSO();
 	    	generalAuth.setSSO(auth_sso);
-	    	auth_sso.setTarget("BF");
-	    	auth_sso.setFriendlyName("EGIZ MOAID 2.0 Beta");
+	    	auth_sso.setTarget("");
+	    	auth_sso.setFriendlyName("");
 
 	    	
 	    	//set SecurityLayer Transformations
@@ -268,7 +265,6 @@ public class BuildFromLegacyConfig {
 	    	auth_moaSP.setVerifyAuthBlock(auth_moaSP_verifyAuthBlock);
 	    	
 	    	
-	    	//TODO: check correctness!!!
 	    	//set IdentityLinkSigners
 	    	IdentityLinkSigners auth_idsigners = new IdentityLinkSigners();
 	    	generalAuth.setIdentityLinkSigners(auth_idsigners);
@@ -399,7 +395,7 @@ public class BuildFromLegacyConfig {
 	        	//set general OA configuration
 	        	moa_oa.setCalculateHPI(false); //TODO: Bernd fragen warum das nicht direkt über den Bereichsidentifyer definert wird
 	        	moa_oa.setFriendlyName(oa.getFriendlyName()); 
-	        	moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier())); //TODO: check correctness
+	        	moa_oa.setKeyBoxIdentifier(MOAKeyBoxSelector.fromValue(oa.getKeyBoxIdentifier()));
 	        	moa_oa.setPublicURLPrefix(oa.getPublicURLPrefix());
 	        	moa_oa.setTarget(oa.getTarget());
 	        	moa_oa.setTargetFriendlyName(oa.getTargetFriendlyName());
@@ -481,22 +477,7 @@ public class BuildFromLegacyConfig {
 	        	//OA_PVP2
 	        	OAPVP2 oa_pvp2 = new OAPVP2();
 	        	oa_auth.setOAPVP2(oa_pvp2);
-	        	
-//	        	oa_pvp2.setMetadataURL("empty");
-//	        	
-//	        	//TODO: is only a workaround!!!!
-//	        	Properties props = getGeneralPVP2ProperiesConfig(properies);
-//	        	File dir = new File(props.getProperty("idp.truststore"));
-//	        	File[] files = dir.listFiles();
-//	        	if (files.length > 0) {		
-//	        		FileInputStream filestream = new FileInputStream(files[0]);
-//	        		X509Certificate signerCertificate = new X509Certificate(filestream);
-//	        		oa_pvp2.setCertificate(signerCertificate.getEncoded());
-//	        		
-//	        	} else {
-//	        		oa_pvp2.setCertificate(null);
-//	        	}
-	        	
+	        		        	
 	        	moa_oas.add(moa_oa);
 	        	//ConfigurationDBUtils.save(moa_oa);
 	        }
@@ -531,11 +512,7 @@ public class BuildFromLegacyConfig {
 	    	//set trustedCACertificate path
 	    	moaIDConfig.setTrustedCACertificates(builder.getTrustedCACertificates());
 	    	
-	    	
-	    	//TODO: move to read config functionality
-	    	//trustedCACertificates = FileUtils.makeAbsoluteURL(trustedCACertificates, rootConfigFileDir);
-	    	
-	    	
+	   	    	
 	    	//Not required in MOAID 2.0 config (DefaultBKUs & SLRequestTemplates)
 	    	//trustedBKUs = builder.getTrustedBKUs();
 	    	//trustedTemplateURLs = builder.getTrustedTemplateURLs();
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
index f2352e11e..76bf64f3a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/AuthenticationManager.java
@@ -284,7 +284,7 @@ public class AuthenticationManager extends AuthServlet {
 			
 			
 			String loginForm = LoginFormBuilder.buildLoginForm(target.requestedModule(), 
-					target.requestedAction(), oaParam.getFriendlyName(), request.getContextPath(), moasession.getSessionID());
+					target.requestedAction(), oaParam, request.getContextPath(), moasession.getSessionID());
 			
 			//store MOASession
 			try {
@@ -310,7 +310,7 @@ public class AuthenticationManager extends AuthServlet {
 			throws ServletException, IOException, MOAIDException { 
 		
 			String form = SendAssertionFormBuilder.buildForm(target.requestedModule(), 
-					target.requestedAction(), target.getRequestID(), oaParam.getFriendlyName(), request.getContextPath());
+					target.requestedAction(), target.getRequestID(), oaParam, request.getContextPath());
 						
 			response.setContentType("text/html;charset=UTF-8");
 			PrintWriter out = new PrintWriter(response.getOutputStream()); 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
index 18eeae58e..e8639a162 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/moduls/SSOManager.java
@@ -37,7 +37,6 @@ public class SSOManager {
 		if (instance == null) {
 			instance = new SSOManager();
 			
-			//TODO: move to config based timeout!
 			try {
 				sso_timeout = (int) AuthConfigurationProvider.getInstance().getTimeOuts().getMOASessionUpdated().longValue();
 
@@ -101,7 +100,6 @@ public class SSOManager {
 
 		  if (correspondingMoaSession == null) {
 				Logger.info("Get request with old SSO SessionID but no corresponding SSO Session is found.");
-				//TODO: ist der OldSSOSessionStore zum Aufräumen?
 				return null;
 		  }
 		  
@@ -159,7 +157,7 @@ public class SSOManager {
 		if (cookies != null) {
 			for (Cookie cookie : cookies) {
 				
-				//TODO: funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox) 
+				//funktioniert nicht, da Cookie seltsamerweise immer unsecure übertragen wird (firefox) 
 				//if (cookie.getName().equals(SSOCOOKIE) && cookie.getSecure()) {
 								
 				if (cookie.getName().equals(SSOCOOKIE)) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
index 24261780a..84aea44a3 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/monitoring/DatabaseTestModule.java
@@ -10,8 +10,10 @@ import org.hibernate.Session;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.MOASessionDBUtils;
+import at.gv.egovernment.moa.id.commons.db.StatisticLogDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
 import at.gv.egovernment.moa.id.commons.db.dao.session.AssertionStore;
+import at.gv.egovernment.moa.id.commons.db.dao.statistic.StatisticLog;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
 import at.gv.egovernment.moa.logging.Logger;
 import at.gv.egovernment.moa.util.MiscUtil;
@@ -48,19 +50,25 @@ public class DatabaseTestModule implements TestModuleInterface{
 		
 		Date expioredate = new Date(new Date().getTime() - 120);
  
-		List<AssertionStore> results;
-		Session session = MOASessionDBUtils.getCurrentSession();
-		
-		synchronized (session) {			
-			session.beginTransaction();
-			Query query = session.getNamedQuery("getAssertionWithTimeOut");
-			query.setTimestamp("timeout", expioredate);		
-			results = query.list();
-			session.getTransaction().commit();
+		try {
+			List<AssertionStore> results;
+			Session session = MOASessionDBUtils.getCurrentSession();
+			
+			synchronized (session) {			
+				session.beginTransaction();
+				Query query = session.getNamedQuery("getAssertionWithTimeOut");
+				query.setTimestamp("timeout", expioredate);		
+				results = query.list();
+				session.getTransaction().commit();
+			}
+			
+			Logger.trace("Finish Test: MOASessionDatabase");
+			return null;
+			
+		} catch (Throwable e) {
+			Logger.warn("Failed Test: MOASessionDatabase", e);
+			return "MOASessionDatabase: " + e.getMessage();
 		}
-		
-		Logger.trace("Finish Test: MOASessionDatabase");
-		return null;
 	}
 	
 	private String testMOAConfigurationDatabase() throws Exception{
@@ -76,8 +84,26 @@ public class DatabaseTestModule implements TestModuleInterface{
 	
 	private String testMOAAdvancedLoggingDatabase() {
 		
-		//TODO: insert advanced Logging Database Tests 
+		Date expioredate = new Date(new Date().getTime() - 120);
+		try {
+			Session session = StatisticLogDBUtils.getCurrentSession();
+		
+			List<StatisticLog> results;
 		
-		return null;
+			synchronized (session) {			
+				session.beginTransaction();
+				Query query = session.getNamedQuery("getAllEntriesNotBeforeTimeStamp");
+				query.setTimestamp("timeout", expioredate);		
+				results = query.list();
+				session.getTransaction().commit();
+			}
+		
+			Logger.trace("Finish Test: AdvancedLoggingDataBase");
+			return null;
+			
+		} catch (Throwable e) {
+			Logger.warn("Failed Test: AdvancedLoggingDataBase", e);
+			return "AdvancedLoggingDataBase: " + e.getMessage();
+		}
 	}
 }
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
index 6055484f7..d507385cd 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/PVP2XProtocol.java
@@ -49,6 +49,7 @@ import at.gv.egovernment.moa.id.protocols.pvp2x.verification.SAMLVerificationEng
 import at.gv.egovernment.moa.id.protocols.pvp2x.verification.TrustEngineFactory;
 import at.gv.egovernment.moa.id.util.ParamValidatorUtils;
 import at.gv.egovernment.moa.id.util.VelocityLogAdapter;
+import at.gv.egovernment.moa.logging.Logger;
 
 public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 
@@ -184,6 +185,8 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			String binding = consumerService.getBinding();
 			String entityID = moaRequest.getEntityMetadata().getEntityID();
 			
+			Logger.info("Dispatch PVP2 Request: OAURL=" + oaURL + " Binding=" + binding);
+			
 			//String oaURL = (String) request.getParameter(PARAM_OA);
 			oaURL = StringEscapeUtils.escapeHtml(oaURL);
 //			if (!ParamValidatorUtils.isValidOA(oaURL))
@@ -194,10 +197,7 @@ public class PVP2XProtocol implements IModulInfo, MOAIDAuthConstants {
 			config.setBinding(binding);
 			config.setRequest(moaRequest);
 			config.setConsumerURL(consumerService.getLocation());
-			
-			//TODO: set correct target;
-			config.setTarget(PVPConfiguration.getInstance().getTargetForSP(entityID));
-			
+						
 			String useMandate = request.getParameter(PARAM_USEMANDATE);
 			if(useMandate != null) {
 				if(useMandate.equals("true")) {
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
index baea32f28..c486d3ff2 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/binding/ArtifactBinding.java
@@ -29,7 +29,6 @@ public class ArtifactBinding implements IDecoder, IEncoder {
 	public void encodeRequest(HttpServletRequest req, HttpServletResponse resp,
 			RequestAbstractType request, String targetLocation)
 			throws MessageEncodingException, SecurityException {
-		// TODO Auto-generated method stub
 
 	}
 
@@ -82,19 +81,19 @@ public class ArtifactBinding implements IDecoder, IEncoder {
 	public MOARequest decodeRequest(HttpServletRequest req,
 			HttpServletResponse resp) throws MessageDecodingException,
 			SecurityException {
-		// TODO Auto-generated method stub
+
 		return null;
 	}
 
 	public MOAResponse decodeRespone(HttpServletRequest req,
 			HttpServletResponse resp) throws MessageDecodingException,
 			SecurityException {
-		// TODO Auto-generated method stub
+
 		return null;
 	}
 
 	public boolean handleDecode(String action, HttpServletRequest req) {
-		// TODO Auto-generated method stub
+
 		return false;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
index f8270cf33..1444cdecf 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/requestHandler/AuthnRequestHandler.java
@@ -93,13 +93,16 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_REDIRECT_BINDING_URI)) {
 			binding = new RedirectBinding();
+			
 		} else if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_ARTIFACT_BINDING_URI)) {
 			// TODO: not supported YET!!
 			binding = new ArtifactBinding();
+			
 		} else if (consumerService.getBinding().equals(
 				SAMLConstants.SAML2_POST_BINDING_URI)) {
 			binding = new PostBinding();
+			
 		}
 
 		if (binding == null) {
@@ -109,6 +112,7 @@ public class AuthnRequestHandler implements IRequestHandler, PVPConstants {
 		try {
 			binding.encodeRespone(req, resp, authResponse, oaURL);
 			// TODO add remoteSessionID to AuthSession ExternalPVPSessionStore
+			
 		} catch (MessageEncodingException e) {
 			Logger.error("Message Encoding exception", e);
 			throw new MOAIDException("pvp2.01", null, e);
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
index a310b16ff..66124df4a 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/saml1/SAML1Protocol.java
@@ -88,6 +88,8 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 					"auth.12");
 		config.setOAURL(oaURL);
 		
+		Logger.info("Dispatch SAML1 Request: OAURL=" + oaURL);
+		
 		//load Target only from OA config
 		OAAuthParameter oaParam = AuthConfigurationProvider.getInstance()
 				.getOnlineApplicationParameter(oaURL);
@@ -97,10 +99,7 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 					new Object[] { oaURL });
 		
 		config.setTarget(oaParam.getTarget());
-		
-		
-		//TODO: set reauthenticate if OA.useSSO=false
-		
+			
 		request.getSession().setAttribute(PARAM_OA, oaURL);
 		request.getSession().setAttribute(PARAM_TARGET, oaParam.getTarget());
 		return config;
@@ -139,26 +138,6 @@ public class SAML1Protocol implements IModulInfo, MOAIDAuthConstants {
 
 	public boolean validate(HttpServletRequest request,
 			HttpServletResponse response, IRequest pending) {
-
-		//TODO: funktioniert so nicht!!!
-		
-//		String oaURL = (String) request.getParameter(PARAM_OA);
-//		oaURL = StringEscapeUtils.escapeHtml(oaURL);
-//		String target = (String) request.getParameter(PARAM_TARGET);
-//		target = StringEscapeUtils.escapeHtml(target);
-//		
-//		//the target parameter is used to define the OA in SAML1 standard
-//		if (target.startsWith("http")) {
-//			oaURL = target;
-//			target = null;
-//		}
-//		
-//		if (oaURL != null) {
-//			if (oaURL.equals(pending.getOAURL()))
-//				return true;
-//			else
-//				return false;
-//		}
 		
 		return true;
 	}
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
index c6b98dc85..55290d05e 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/loginFormFull.html
@@ -176,43 +176,30 @@
 						<h2 id="tabheader" class="dunkel">
 							Login mit Bürgerkarte
 						</h2>
-						<div id="bkulogin" class="hell">
+						<div id="bkulogin" class="hell" #BACKGROUNDCOLOR#>
 
-							<div id="mandateLogin" style="margin-top: 10px; margin-bottom: 10px">
+							<div id="mandateLogin" style="margin-bottom: 10px;#MANDATEVISIBLE#">
 								<table style="margin-left: auto; margin-right: auto;">
 									<tr>
 										<td><input tabindex="1" type="checkbox" name="Mandate"
-											style="vertical-align: middle; margin-right: 5px"
-											id="mandateCheckBox"></td>
+											style="vertical-align: middle; margin-right: 5px;"
+											id="mandateCheckBox" #MANDATECHECKED#></td>
 										<td><label for="mandateCheckBox">in Vertretung anmelden</label></td>
 										<td><a href="info_mandates.html" target="_blank"
 											class="infobutton" style="margin-left: 5px" tabindex="5">i</a></td>
 									</tr>
-<!-- 									<tr>
-										<td><input tabindex="1" type="checkbox" name="SSO"
-											style="vertical-align: middle; margin-right: 5px"
-											id="SSOCheckBox"></td>
-										<td><label for="SSOCheckBox">Single Sign-On</label></td>
-										<td></td>
-									</tr> -->
 								</table>
 							</div>
 	
-							<div id="bkukarte" class="hell">
+							<div id="bkukarte">
 								<button name="bkuButton" type="button" onClick="bkuOnlineClicked();">KARTE</button>
 							</div>
 	
-							<div id="bkuhandy" class="hell">
+							<div id="bkuhandy">
 								<button name="bkuButton" type="button" onClick="bkuHandyClicked();">HANDY</button>
 							</div>
-	
-	<!-- 						<div id="mandate">
-								<input type="checkbox" name="Mandate" style="vertical-align: middle; margin-right: 5px;" id="mandateCheckBox">
-								<label>in Vertretung anmelden</label>
-								<a href="info_mandates.html" target="_blank" class="infobutton" style="color:#FFF">i</a>
-							</div> -->
-		
-    					<div id="localBKU" class="hell">
+			
+    					<div id="localBKU">
 								<hr>
 								<form method="get" id="moaidform" action="#AUTH_URL#">
 									<input type="hidden" name="bkuURI" value="#LOCAL#">
@@ -229,7 +216,7 @@
 								</p>
 							</div>
     
-							<div id="stork" class="hell" align="center">
+<!--							<div id="stork" align="center">
 								<div id="leftcontent" style="margin-bottom:10px">
 									<h2 id="tabheader" class="dunkel">
 										Home Country Selection
@@ -253,9 +240,9 @@
 									<a href="info_stork.html" target="_blank" class="infobutton" style="color:#FFF">i</a>								
 								</p>
 							</div>
-						</div>
+						</div>  -->
 
-						<div id="metroDetected" style="display:none" class="hell">
+						<div id="metroDetected" style="display:none">
 							<p>
 								Anscheinend verwenden Sie Internet Explorer im Metro-Modus. Wählen Sie bitte "Auf dem Desktop anzeigen" aus den Optionen um die Karten-Anmeldung starten zu können.
 							</p>
diff --git a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
index f977b1d2e..1e5f4229c 100644
--- a/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
+++ b/id/server/idserverlib/src/main/resources/resources/templates/sendAssertionFormFull.html
@@ -20,13 +20,13 @@
 							  
 						</h2>
 					
-						<div id="selectArea" class="hell full">
+						<div id="selectArea" class="hell full" #BACKGROUNDCOLOR#>
 							<b>Anmeldung an:</b>
 							<p>#OAName#</p>
 						
 
 <!-- 						<div class="hell"> -->
-							<div id="leftbutton" class="hell full">
+							<div id="leftbutton" class="full">
 									<form method="post" id="moaidform_yes" action="#URL#">
 										<input type="hidden" name="value" value="true">
 										<input type="hidden" name="mod" value="#MODUL#">
@@ -35,7 +35,7 @@
 										<input type="submit" size="400" value="Ja" class="setAssertionButton_full">
 									</form>
 							</div>
-							<div id="rightbutton" class="hell full">
+							<div id="rightbutton" class="full">
 										<form method="post" id="moaidform_no" action="#URL#">
 										<input type="hidden" name="value" value="false">
 										<input type="hidden" name="mod" value="#MODUL#">
diff --git a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
index f8c5b565f..28f7a8504 100644
--- a/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/test/at/gv/egovernment/moa/id/auth/builder/GetIdentityLinkFormBuilderTest.java
@@ -77,7 +77,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
 		String dataURL = "https://1.2.3.4/auth/VerifyIdentityLink?MOASessionID=1234567";
     String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
     String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
-		String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null);
+		String form = new GetIdentityLinkFormBuilder().build(null, null, xmlRequest, dataURL, infoRequest, infoDataURL, null, null);
 		String formShould = MessageFormat.format(
 			FORM, new Object[] { BKU, xmlRequest, dataURL, infoRequest, infoDataURL });
 		assertEquals(formShould, form);
@@ -88,7 +88,7 @@ public class GetIdentityLinkFormBuilderTest extends TestCase {
     String infoRequest = new CertInfoVerifyXMLSignatureRequestBuilder().build();
     String infoDataURL = "https://1.2.3.4/auth/StartAuthentication?Target=gb&OA=https://oa.gv.at/";
     String bkuURL = "http://bku.at/";
-    String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null);
+    String form = new GetIdentityLinkFormBuilder().build(null, bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL, null, null);
     String formShould = MessageFormat.format(
       FORM, new Object[] { bkuURL, xmlRequest, dataURL, infoRequest, infoDataURL });
     assertEquals(formShould, form);
-- 
cgit v1.2.3