From 2337072ac18b66e523818702ba6dce6b462472b1 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <tlenz@iaik.tugraz.at>
Date: Thu, 8 Aug 2013 15:50:28 +0200
Subject: MOA-ID Configuration Tool Beta

---
 id/ConfigWebTool/pom.xml                           |  19 ++
 .../moa/id/configuration/Constants.java            |   3 +
 .../id/configuration/auth/AuthenticatedUser.java   |  18 +-
 .../id/configuration/data/UserDatabaseFrom.java    | 237 +++++++++++++
 .../id/configuration/data/oa/OAGeneralConfig.java  |   3 +
 .../configuration/filter/AuthenticationFilter.java |   4 +-
 .../configuration/helper/AuthenticationHelper.java |  35 ++
 .../struts/action/ImportExportAction.java          | 353 ++++++++++++++++++++
 .../configuration/struts/action/IndexAction.java   | 141 +++++++-
 .../struts/action/UserManagementAction.java        | 368 ++++++++++++++++++++-
 .../validation/UserDatabaseFormValidator.java      | 147 ++++++++
 .../main/resources/applicationResources.properties | 298 +++++++++++++++++
 .../resources/applicationResources_de.properties   | 234 -------------
 id/ConfigWebTool/src/main/resources/struts.xml     | 194 +++++++++--
 id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml   |  12 +-
 id/ConfigWebTool/src/main/webapp/css/index.css     |  29 +-
 id/ConfigWebTool/src/main/webapp/index.jsp         |  35 +-
 id/ConfigWebTool/src/main/webapp/js/common.js      |   4 +
 id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp  | 142 ++++++++
 .../src/main/webapp/jsp/importexport.jsp           |  76 +++++
 id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp  |   2 +-
 .../main/webapp/jsp/snippets/header_userinfos.jsp  |   9 +-
 .../src/main/webapp/jsp/snippets/main_menu.jsp     |  22 +-
 .../src/main/webapp/jsp/snippets/oas_list.jsp      |   2 +-
 .../src/main/webapp/jsp/snippets/user_list.jsp     |  42 +++
 .../src/main/webapp/jsp/usermanagement.jsp         |  50 +++
 .../id/config/auth/AuthConfigurationProvider.java  |   2 +-
 .../pvp2x/metadata/MOAMetadataProvider.java        |   4 +-
 .../moa/id/util/SessionEncrytionUtil.java          |   1 +
 .../moa/id/commons/db/ConfigurationDBRead.java     |  44 ++-
 .../moa/id/commons/db/ConfigurationDBUtils.java    |   1 +
 31 files changed, 2233 insertions(+), 298 deletions(-)
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
 create mode 100644 id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
 create mode 100644 id/ConfigWebTool/src/main/resources/applicationResources.properties
 delete mode 100644 id/ConfigWebTool/src/main/resources/applicationResources_de.properties
 create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
 create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
 create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
 create mode 100644 id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp

(limited to 'id')

diff --git a/id/ConfigWebTool/pom.xml b/id/ConfigWebTool/pom.xml
index c55a1e04f..411ef55e6 100644
--- a/id/ConfigWebTool/pom.xml
+++ b/id/ConfigWebTool/pom.xml
@@ -8,11 +8,30 @@
   <description>Web based Configuration Tool for MOA-ID 2.x</description>
   
   <dependencies>
+      <dependency>
+				<groupId>javax.servlet</groupId>
+				<artifactId>jstl</artifactId>
+				<version>1.2</version>
+				<scope>provided</scope>
+			</dependency>
+			<dependency>
+				<groupId>javax.servlet</groupId>
+				<artifactId>servlet-api</artifactId>
+				<version>2.5</version>
+				<scope>provided</scope>
+			</dependency>
+      
+      
       <dependency>
     		<groupId>MOA.id.server</groupId>
     		<artifactId>moa-id-commons</artifactId>
     		<version>1.5.2</version>
     	</dependency>
+      <dependency>
+    		<groupId>MOA.id.server</groupId>
+    		<artifactId>moa-id-lib</artifactId>
+    		<version>1.9.90-SNAPSHOT</version>
+    	</dependency>
       
       <dependency>
 				<groupId>at.gv.util</groupId>
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
index 8ef3ec2f0..d088edf34 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/Constants.java
@@ -23,4 +23,7 @@ public class Constants {
 	
 	public static final String MOA_CONFIG_PROTOCOL_SAML1 = "id_saml1";
 	public static final String MOA_CONFIG_PROTOCOL_PVP2 = "id_pvp2x";
+	
+	public static final String DEFAULT_LOCALBKU_URL = "https://127.0.0.1:3496/https-security-layer-request";
+	public static final String DEFAULT_HANDYBKU_URL = "https://www.handy-signatur.at/mobile/https-security-layer-request/default.aspx";
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
index 3ff48e92b..8f75a357c 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/auth/AuthenticatedUser.java
@@ -10,17 +10,19 @@ public class AuthenticatedUser {
 	private long userID;
 	private String givenName;
 	private String familyName;
+	private String userName;
 	private Date lastLogin;
 
 	public AuthenticatedUser() {
 		
 	}
 	
-	public AuthenticatedUser(long userID, String givenName, String familyName,
+	public AuthenticatedUser(long userID, String givenName, String familyName, String userName,
 			boolean isAuthenticated, boolean isAdmin) {
 		
 		this.familyName = familyName;
 		this.givenName = givenName;
+		this.userName = userName;
 		this.userID = userID;
 		this.isAdmin = isAdmin;
 		this.isAuthenticated = isAuthenticated;
@@ -110,6 +112,20 @@ public class AuthenticatedUser {
 	public void setLastLogin(Date lastLogin) {
 		this.lastLogin = lastLogin;
 	}
+
+	/**
+	 * @return the userName
+	 */
+	public String getUserName() {
+		return userName;
+	}
+
+	/**
+	 * @param userName the userName to set
+	 */
+	public void setUserName(String userName) {
+		this.userName = userName;
+	}
 	
 	
 	
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
new file mode 100644
index 000000000..e62160285
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/UserDatabaseFrom.java
@@ -0,0 +1,237 @@
+package at.gv.egovernment.moa.id.configuration.data;
+
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.util.MiscUtil;
+import at.gv.util.data.BPK;
+
+public class UserDatabaseFrom {
+	
+	private String bpk;
+	private String familyName;
+	private String givenName;
+	private String institut;
+	private String mail;
+	private String phone;
+	private String username;
+	private String password;
+	private boolean active = false;
+	private boolean admin = false;
+	private boolean passwordActive;
+	private String userID = null;
+	
+	public UserDatabaseFrom() {
+		
+	}
+	
+	public UserDatabaseFrom(UserDatabase db) {
+		bpk = db.getBpk();
+		familyName = db.getFamilyname();
+		givenName = db.getGivenname();
+		institut = db.getInstitut();
+		mail = db.getMail();
+		phone = db.getPhone();
+		username = db.getUsername();
+		
+		if (MiscUtil.isNotEmpty(db.getPassword()))
+			passwordActive = true;
+		else
+			passwordActive = false;
+		
+		active = db.isIsActive();
+		admin = db.isIsAdmin();
+		
+		userID = String.valueOf(db.getHjid());
+	}
+
+
+	/**
+	 * @return the bpk
+	 */
+	public String getBpk() {
+		return bpk;
+	}
+
+
+	/**
+	 * @param bpk the bpk to set
+	 */
+	public void setBpk(String bpk) {
+		this.bpk = bpk;
+	}
+
+
+	/**
+	 * @return the familyName
+	 */
+	public String getFamilyName() {
+		return familyName;
+	}
+
+
+	/**
+	 * @param familyName the familyName to set
+	 */
+	public void setFamilyName(String familyName) {
+		this.familyName = familyName;
+	}
+
+
+	/**
+	 * @return the givenName
+	 */
+	public String getGivenName() {
+		return givenName;
+	}
+
+
+	/**
+	 * @param givenName the givenName to set
+	 */
+	public void setGivenName(String givenName) {
+		this.givenName = givenName;
+	}
+
+
+	/**
+	 * @return the institut
+	 */
+	public String getInstitut() {
+		return institut;
+	}
+
+
+	/**
+	 * @param institut the institut to set
+	 */
+	public void setInstitut(String institut) {
+		this.institut = institut;
+	}
+
+
+	/**
+	 * @return the mail
+	 */
+	public String getMail() {
+		return mail;
+	}
+
+
+	/**
+	 * @param mail the mail to set
+	 */
+	public void setMail(String mail) {
+		this.mail = mail;
+	}
+
+
+	/**
+	 * @return the phone
+	 */
+	public String getPhone() {
+		return phone;
+	}
+
+
+	/**
+	 * @param phone the phone to set
+	 */
+	public void setPhone(String phone) {
+		this.phone = phone;
+	}
+
+
+	/**
+	 * @return the username
+	 */
+	public String getUsername() {
+		return username;
+	}
+
+
+	/**
+	 * @param username the username to set
+	 */
+	public void setUsername(String username) {
+		this.username = username;
+	}
+
+
+	/**
+	 * @return the password
+	 */
+	public String getPassword() {
+		return password;
+	}
+
+
+	/**
+	 * @param password the password to set
+	 */
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+
+	/**
+	 * @return the active
+	 */
+	public boolean isActive() {
+		return active;
+	}
+
+
+	/**
+	 * @param active the active to set
+	 */
+	public void setActive(boolean active) {
+		this.active = active;
+	}
+
+
+	/**
+	 * @return the admin
+	 */
+	public boolean isAdmin() {
+		return admin;
+	}
+
+
+	/**
+	 * @param admin the admin to set
+	 */
+	public void setAdmin(boolean admin) {
+		this.admin = admin;
+	}
+
+
+	/**
+	 * @return the passwordActive
+	 */
+	public boolean isPasswordActive() {
+		return passwordActive;
+	}
+
+
+	/**
+	 * @param passwordActive the passwordActive to set
+	 */
+	public void setPasswordActive(boolean passwordActive) {
+		this.passwordActive = passwordActive;
+	}
+
+	/**
+	 * @return the userID
+	 */
+	public String getUserID() {
+		return userID;
+	}
+
+	/**
+	 * @param userID the userID to set
+	 */
+	public void setUserID(String userID) {
+		this.userID = userID;
+	}
+	
+	
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
index f3b513019..129d62346 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/data/oa/OAGeneralConfig.java
@@ -67,6 +67,9 @@ public class OAGeneralConfig {
 		 for (int i=0; i<values.length; i++) {
 			 keyBoxIdentifierList.put(values[i].value(), values[i].value());
 		 }
+		 
+		 bkuLocalURL = Constants.DEFAULT_LOCALBKU_URL;
+		 bkuHandyURL = Constants.DEFAULT_HANDYBKU_URL;
 	}
 	
 	
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
index 4eccfdf5d..a58b20214 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/filter/AuthenticationFilter.java
@@ -128,7 +128,7 @@ public class AuthenticationFilter implements Filter{
 							
 				if (authuser == null) {
 
-					authuser = new AuthenticatedUser(1, "Max", "TestUser", true, true);
+					authuser = new AuthenticatedUser(0, "Max", "TestUser", "maxtestuser", true, true);
 					//authuser = new AuthenticatedUser(1, "Max", "TestUser", true, false);
 					httpServletRequest.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
 				}
@@ -150,6 +150,8 @@ public class AuthenticationFilter implements Filter{
 	            if (MiscUtil.isNotEmpty(getAuthenticatedPage())) {
 	                log.debug("Unable to find authentication data. Authenticated page is given so there is no need to save original request url. " + (loginPageForward ? "Forwarding" : "Redirecting") + " to login page \"" + loginPage + "\".");
 	                
+	                
+	                
 	            } 
 	            else {
 	            	log.debug("Unable to find authentication data. Storing request url and " + (loginPageForward ? "forwarding" : "redirecting") + " to login page \"" + loginPage + "\".");
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
new file mode 100644
index 000000000..b2f1b106f
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/helper/AuthenticationHelper.java
@@ -0,0 +1,35 @@
+package at.gv.egovernment.moa.id.configuration.helper;
+
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.util.Base64Utils;
+
+public class AuthenticationHelper {
+	
+	private static final Logger log = Logger.getLogger(AuthenticationHelper.class);
+	
+	public static String generateKeyFormPassword(String password) {
+		SecretKeyFactory factory;
+
+		try {
+			factory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
+			KeySpec spec = new PBEKeySpec(password.toCharArray(), "TestSALT".getBytes(), 1024, 128);
+			SecretKey tmp = factory.generateSecret(spec);
+			SecretKeySpec secret = new SecretKeySpec(tmp.getEncoded(), "AES");
+			return Base64Utils.encode(secret.getEncoded());
+			
+		} catch (Exception e) {
+			log.info("Key generation form password failed.");
+			return null;
+		}
+		
+	}
+
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
new file mode 100644
index 000000000..a8992e6b8
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/ImportExportAction.java
@@ -0,0 +1,353 @@
+package at.gv.egovernment.moa.id.configuration.struts.action;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.io.StringReader;
+import java.io.StringWriter;
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+import javax.xml.bind.JAXBContext;
+import javax.xml.bind.JAXBException;
+import javax.xml.bind.Marshaller;
+import javax.xml.bind.Unmarshaller;
+import javax.xml.transform.Result;
+
+import org.apache.commons.io.IOUtils;
+import org.apache.log4j.Logger;
+import org.apache.struts2.interceptor.ServletRequestAware;
+import org.apache.struts2.interceptor.ServletResponseAware;
+import org.hibernate.lob.ReaderInputStream;
+import org.w3c.dom.Node;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.MOAIDConfiguration;
+import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
+import at.gv.egovernment.moa.id.config.ConfigurationException;
+import at.gv.egovernment.moa.id.config.legacy.BuildFromLegacyConfig;
+import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.iaik.commons.util.IOUtil;
+
+import com.opensymphony.xwork2.ActionSupport;
+
+import eu.stork.vidp.messages.common.STORKBootstrap;
+
+public class ImportExportAction extends ActionSupport 
+implements ServletRequestAware, ServletResponseAware {
+	
+	private static final Logger log = Logger.getLogger(ImportExportAction.class);
+
+	private static final long serialVersionUID = 1L;
+	private HttpServletRequest request;
+	private HttpServletResponse response;
+	
+	private AuthenticatedUser authUser; 
+	
+	private File fileUpload = null;
+	private String fileUploadContentType = null;
+	private String fileUploadFileName = null;
+	
+	private InputStream fileInputStream;
+	
+	public String init() {
+		
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+								
+				return Constants.STRUTS_SUCCESS;
+				
+			} else {
+				log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+				addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
+	
+	public String importLegacyConfig() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+			
+				//load legacy config if it is configured
+			
+				if (fileUpload == null) {
+					addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+				
+				//Initialize OpenSAML for STORK
+				log.info("Starting initialization of OpenSAML...");
+				try {
+					STORKBootstrap.bootstrap();
+					
+				} catch (org.opensaml.xml.ConfigurationException e1) {
+					log.info("Legacy configuration has an Import Error", e1);
+					addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e1.getMessage()}));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+				log.debug("OpenSAML successfully initialized");
+				
+			
+				MOAIDConfiguration moaconfig;
+				try {
+					log.warn("WARNING! The legacy import deletes the hole old config");
+					
+					List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+					if (oas != null && oas.size() > 0) {
+						for (OnlineApplication oa : oas)
+							ConfigurationDBUtils.delete(oa);
+					}
+					
+
+					moaconfig = BuildFromLegacyConfig.build(fileUpload, "");
+					
+				} catch (ConfigurationException e) {
+					log.info("Legacy configuration has an Import Error", e);
+					addActionError(LanguageHelper.getErrorString("errors.importexport.legacyimport", new Object[] {e.getMessage()}));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+					
+				//check if XML config should be use
+				log.warn("WARNING! MOA-ID 2.0 is started with XML configuration. This setup overstrike the actual configuration in the Database!");
+				try {
+					MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+					if (moaidconfig != null)
+						ConfigurationDBUtils.delete(moaidconfig);
+			
+					ConfigurationDBUtils.save(moaconfig);
+					
+				} catch (MOADatabaseException e) {
+					log.warn("General MOA-ID config can not be stored in Database");
+					addActionError(e.getMessage());
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+				
+				finally {
+					ConfigurationDBUtils.closeSession();
+				}
+				
+				log.info("Legacy Configuration load is completed.");
+				addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success"));
+				return Constants.STRUTS_SUCCESS;
+				
+			} else {
+				log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+				addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+	}
+	
+	public String downloadXMLConfig() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+							
+				log.info("Write MOA-ID 2.x xml config");
+				JAXBContext jc;
+				try {
+					jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
+		
+					Marshaller m = jc.createMarshaller();
+					m.setProperty(Marshaller.JAXB_FORMATTED_OUTPUT, true);
+//					File test = new File(xmlconfigout);
+//					m.marshal(moaidconfig, test);
+					MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+					
+					if (moaidconfig == null) {
+						log.info("No MOA-ID 2.x configruation available");
+						addActionError(LanguageHelper.getErrorString("errors.importexport.export.noconfig"));
+						return Constants.STRUTS_ERROR_VALIDATION;
+					}
+					
+					List<OnlineApplication> oaconfigs = ConfigurationDBRead.getAllOnlineApplications();
+					moaidconfig.setOnlineApplication(oaconfigs);
+					
+					StringWriter writer = new StringWriter();
+					m.marshal(moaidconfig, writer);
+					fileInputStream = IOUtils.toInputStream(writer.toString(), "UTF-8"); 
+					
+				} catch (JAXBException e) {
+					log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
+					addActionError(LanguageHelper.getErrorString("errors.importexport.export",
+							new Object[]{e.getMessage()}));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				} catch (IOException e) {
+					log.info("MOA-ID 2.x configruation could not be exported into a XML file.", e);
+					addActionError(LanguageHelper.getErrorString("errors.importexport.export",
+							new Object[]{e.getMessage()}));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+				
+				finally {
+					ConfigurationDBUtils.closeSession();
+				}
+				
+				return Constants.STRUTS_SUCCESS;
+			} else {
+				log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+				addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+	}
+	
+	
+	public String importXMLConfig() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+				
+				if (fileUpload == null) {
+					addActionError(LanguageHelper.getErrorString("errors.importexport.nofile"));
+					return Constants.STRUTS_ERROR_VALIDATION;
+				}
+				
+				log.warn("WARNING! The XML import deletes the hole old config");
+				
+				List<OnlineApplication> oas = ConfigurationDBRead.getAllOnlineApplications();
+				if (oas != null && oas.size() > 0) {
+					for (OnlineApplication oa : oas)
+						ConfigurationDBUtils.delete(oa);
+				}				
+				MOAIDConfiguration moaidconfig = ConfigurationDBRead.getMOAIDConfiguration();
+				if (moaidconfig != null)
+					ConfigurationDBUtils.delete(moaidconfig);
+				
+
+				log.info("Load configuration from MOA-ID 2.x XML configuration");
+				
+				try {
+					JAXBContext jc = JAXBContext.newInstance("at.gv.egovernment.moa.id.commons.db.dao.config");
+					Unmarshaller m = jc.createUnmarshaller(); 
+					MOAIDConfiguration moaconfig = (MOAIDConfiguration) m.unmarshal(fileUpload);
+
+					List<OnlineApplication> importoas = moaconfig.getOnlineApplication();
+					for (OnlineApplication importoa : importoas) {
+						ConfigurationDBUtils.saveOrUpdate(importoa);
+					}
+					
+					moaconfig.setOnlineApplication(null);
+					ConfigurationDBUtils.saveOrUpdate(moaconfig);
+					
+				} catch (Exception e) {
+					log.warn("MOA-ID XML configuration can not be loaded from File.", e);
+					addActionError(LanguageHelper.getErrorString("errors.importexport.import",
+							new Object[]{e.getMessage()}));
+					return Constants.STRUTS_ERROR_VALIDATION;
+					
+				}
+				
+				finally {
+					ConfigurationDBUtils.closeSession();
+				}
+				
+				log.info("XML Configuration load is completed.");
+				addActionMessage(LanguageHelper.getGUIString("webpages.inportexport.success"));
+				return Constants.STRUTS_SUCCESS;
+			
+			} else {
+				log.info("No access to Import/Export for User with ID" + authUser.getUserID());
+				addActionError(LanguageHelper.getErrorString("errors.notallowed"));
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+			
+	}
+	
+	/**
+	 * @return the fileUpload
+	 */
+	public File getFileUpload() {
+		return fileUpload;
+	}
+
+
+
+	/**
+	 * @param fileUpload the fileUpload to set
+	 */
+	public void setFileUpload(File fileUpload) {
+		this.fileUpload = fileUpload;
+	}
+
+
+
+	/**
+	 * @return the fileUploadContentType
+	 */
+	public String getFileUploadContentType() {
+		return fileUploadContentType;
+	}
+
+
+
+	/**
+	 * @param fileUploadContentType the fileUploadContentType to set
+	 */
+	public void setFileUploadContentType(String fileUploadContentType) {
+		this.fileUploadContentType = fileUploadContentType;
+	}
+
+
+
+	/**
+	 * @return the fileUploadFileName
+	 */
+	public String getFileUploadFileName() {
+		return fileUploadFileName;
+	}
+
+
+
+	/**
+	 * @param fileUploadFileName the fileUploadFileName to set
+	 */
+	public void setFileUploadFileName(String fileUploadFileName) {
+		this.fileUploadFileName = fileUploadFileName;
+	}
+
+	/**
+	 * @return the authUser
+	 */
+	public AuthenticatedUser getAuthUser() {
+		return authUser;
+	}
+
+	public void setServletResponse(HttpServletResponse response) {
+		this.response = response;
+	}
+	public void setServletRequest(HttpServletRequest request) {
+		this.request = request;
+	}
+	
+	public InputStream getFileInputStream() {
+		return fileInputStream;
+	}
+}
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
index 4e8e44007..6aeebcf7b 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/IndexAction.java
@@ -1,32 +1,169 @@
 package at.gv.egovernment.moa.id.configuration.struts.action;
 
+import java.util.Date;
+
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
+import javax.servlet.http.HttpSession;
 
+import org.apache.log4j.Logger;
 import org.apache.struts2.interceptor.ServletRequestAware;
 import org.apache.struts2.interceptor.ServletResponseAware;
 
+import com.opensymphony.xwork2.ActionSupport;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.configuration.Constants;
+import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
 import at.gv.egovernment.moa.id.configuration.config.ConfigurationProvider;
 import at.gv.egovernment.moa.id.configuration.exception.ConfigurationException;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
 
-public class IndexAction implements ServletRequestAware,
+public class IndexAction extends ActionSupport implements ServletRequestAware,
 	ServletResponseAware {
 	
+	private static final Logger log = Logger.getLogger(IndexAction.class);
+	
 	private HttpServletRequest request;
 	private HttpServletResponse response;
 	
+	private String password;
+	private String username;
+	
 	public String start() {
 				
 		return Constants.STRUTS_SUCCESS;
 	}
 	
+	public String authenticate() {
+		
+		String key = null;
+		
+		if (MiscUtil.isNotEmpty(username)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(username, false)) {
+				log.warn("Username contains potentail XSS characters: " + username);
+				addActionError(LanguageHelper.getErrorString("validation.edituser.username.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+				return Constants.STRUTS_ERROR;
+			}
+		} else {
+			log.warn("Username is empty");
+			addActionError(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+			return Constants.STRUTS_ERROR;
+		}
+		
+		if (MiscUtil.isEmpty(password)) {
+			log.warn("Password is empty");
+			addActionError(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+			return Constants.STRUTS_ERROR;
+			
+		} else {
+			key = AuthenticationHelper.generateKeyFormPassword(password);
+			if (key == null) {
+				addActionError(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+				return Constants.STRUTS_ERROR;
+			}
+		}
+		
+		UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(username);
+		if (dbuser == null) {
+			log.warn("Unknown Username");
+			addActionError(LanguageHelper.getErrorString("webpages.index.username.unkown"));
+			return Constants.STRUTS_ERROR;
+			
+		} else {
+			if (!dbuser.isIsActive()) {
+				log.warn("Username " + dbuser.getUsername() + " is not active");
+				addActionError(LanguageHelper.getErrorString("webpages.index.username.notactive"));
+				return Constants.STRUTS_ERROR;
+			}
+			
+			if (!dbuser.getPassword().equals(key)) {
+				log.warn("Username " + dbuser.getUsername() + " use a false password");
+				addActionError(LanguageHelper.getErrorString("webpages.index.password.false"));
+				return Constants.STRUTS_ERROR;
+			}
+			
+			AuthenticatedUser authuser = new AuthenticatedUser(
+					dbuser.getHjid(), 
+					dbuser.getGivenname(), 
+					dbuser.getFamilyname(), 
+					dbuser.getUsername(), 
+					true, 
+					dbuser.isIsAdmin());
+			
+			authuser.setLastLogin(dbuser.getLastLoginItem());
+			
+			dbuser.setLastLoginItem(new Date());
+			
+			try {
+				ConfigurationDBUtils.saveOrUpdate(dbuser);
+				
+			} catch (MOADatabaseException e) {
+				log.warn("UserDatabase communicaton error", e);
+				addActionError(LanguageHelper.getErrorString("error.login"));
+				return Constants.STRUTS_ERROR;
+			}
+			finally {
+				ConfigurationDBUtils.closeSession();
+			}
+			request.getSession().setAttribute(Constants.SESSION_AUTH, authuser);
+			return Constants.STRUTS_SUCCESS;	
+		}
+	}
+	
+	public String logout() {
+		
+		HttpSession session = request.getSession();
+		
+		if (session != null)
+			session.invalidate();
+		
+		return Constants.STRUTS_SUCCESS;
+	}
 	
 	public void setServletResponse(HttpServletResponse arg0) {
 		this.response = arg0;
 	}
 	public void setServletRequest(HttpServletRequest arg0) {
 		this.request =  arg0;
-	}	
+	}
+
+	/**
+	 * @return the password
+	 */
+	public String getPassword() {
+		return password;
+	}
+
+	/**
+	 * @param password the password to set
+	 */
+	public void setPassword(String password) {
+		this.password = password;
+	}
+
+	/**
+	 * @return the username
+	 */
+	public String getUsername() {
+		return username;
+	}
+
+	/**
+	 * @param username the username to set
+	 */
+	public void setUsername(String username) {
+		this.username = username;
+	}
+	
+	
 
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
index 3f4b21fdd..c022d0057 100644
--- a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/struts/action/UserManagementAction.java
@@ -1,51 +1,331 @@
 package at.gv.egovernment.moa.id.configuration.struts.action;
 
+import java.util.ArrayList;
 import java.util.Date;
+import java.util.List;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.apache.log4j.Logger;
 import org.apache.struts2.interceptor.ServletRequestAware;
 import org.apache.struts2.interceptor.ServletResponseAware;
 
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
 import at.gv.egovernment.moa.id.commons.db.ex.MOADatabaseException;
 import at.gv.egovernment.moa.id.configuration.Constants;
 import at.gv.egovernment.moa.id.configuration.auth.AuthenticatedUser;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.id.configuration.validation.UserDatabaseFormValidator;
+import at.gv.egovernment.moa.id.configuration.validation.ValidationHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
 
 import com.opensymphony.xwork2.ActionSupport;
 
 public class UserManagementAction extends ActionSupport 
 	implements ServletRequestAware, ServletResponseAware {
 	
+	private static final Logger log = Logger.getLogger(UserManagementAction.class);
+	
 	private static final long serialVersionUID = 1L;
 
 	private HttpServletRequest request;
 	private HttpServletResponse response;
+
+	private AuthenticatedUser authUser = null; 
+
+	private List<AuthenticatedUser> userlist = null;
+	private UserDatabaseFrom user = null;
+	
+	private String useridobj = null;
+	private static boolean newUser = false;
 	
-	private AuthenticatedUser authUser; 
+	public String init() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+				
+				log.info("Show UserList");
+				
+				List<UserDatabase> dbuserlist = ConfigurationDBRead.getAllUsers();
+				if (dbuserlist != null) {
+					userlist = new ArrayList<AuthenticatedUser>();
+					
+					for (UserDatabase dbuser : dbuserlist) {
+						userlist.add(new AuthenticatedUser(
+								dbuser.getHjid(), 
+								dbuser.getGivenname(), 
+								dbuser.getFamilyname(),
+								dbuser.getUsername(),
+								dbuser.isIsActive(), 
+								dbuser.isIsAdmin()));
+					}
+				}
+				
+				ConfigurationDBUtils.closeSession();
+				return Constants.STRUTS_SUCCESS;
+				
+			} else {
+				log.info("User with ID " + authUser.getUserID() + " is not admin. Show only EditUser Frame");
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+				if (dbuser == null) {
+					return Constants.STRUTS_REAUTHENTICATE;
+				}
+				user = new UserDatabaseFrom(dbuser);
+				ConfigurationDBUtils.closeSession();
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
 	
+	public String createuser() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+								
+				user = new UserDatabaseFrom();
+				
+				newUser = true;
+				return Constants.STRUTS_SUCCESS;
+				
+			} else {
+				return Constants.STRUTS_NOTALLOWED;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
+	
+	public String edituser() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+			
+			if (authUser.isAdmin()) {
+				long userid = -1;
+				
+				if (!ValidationHelper.validateOAID(useridobj)) {
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+					return Constants.STRUTS_ERROR;
+				}
+				userid = Long.valueOf(useridobj);
+				
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userid);
+				if (dbuser == null) {
+					log.info("No User with ID " + userid + " in Database");;
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.userid", request));
+					return Constants.STRUTS_ERROR;
+				}
+				user = new UserDatabaseFrom(dbuser);
+				
+				newUser = false;
+				
+				ConfigurationDBUtils.closeSession();
+				
+				return Constants.STRUTS_SUCCESS;
+				
+			} else {
+				log.info("User with ID " + authUser.getUserID() + " is not admin. Show his own EditUser Frame");
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(authUser.getUserID());
+				user = new UserDatabaseFrom(dbuser);
+				return Constants.STRUTS_SUCCESS;
+			}
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
+	
+	public String saveuser() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+
+			String useridobj = user.getUserID();
+			long userID = -1;
+			if (MiscUtil.isEmpty(useridobj)) {
+				userID = -1;
+				
+			} else {
+				if (!ValidationHelper.validateOAID(useridobj)){
+					log.warn("User with ID " + authUser.getUserID() 
+							+ " would access UserDatabase ID " + useridobj);
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+					return Constants.STRUTS_ERROR;
+				}	
+				userID = Long.valueOf(useridobj);
+			}
+			
+			List<String> errors;
+			UserDatabaseFormValidator validator = new UserDatabaseFormValidator();
+			errors = validator.validate(user, userID);
+
+			if (errors.size() > 0) {
+				log.info("UserDataForm has some erros.");
+				for (String el : errors)
+					addActionError(el);	
+				user.setPassword("");
+				
+				if (MiscUtil.isEmpty(user.getUsername()))
+					newUser = true;
+				
+				return Constants.STRUTS_ERROR_VALIDATION;
+			}
+			
+			if (!authUser.isAdmin()) {
+				if (authUser.getUserID() != userID) {
+					log.warn("User with ID " + authUser.getUserID() 
+							+ " would access UserDatabase Entry " + user.getUsername());
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+					return Constants.STRUTS_ERROR;
+				}
+								
+			}
+
+			String error = saveFormToDB();
+			if (error != null) {
+				log.warn("UserData can not be stored in Database");
+				addActionError(error);
+				return Constants.STRUTS_SUCCESS;
+			}
+			
+			ConfigurationDBUtils.closeSession();
+			return Constants.STRUTS_SUCCESS;
+				
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
+	
+	public String deleteuser() {
+		Object authUserObj = request.getSession().getAttribute(Constants.SESSION_AUTH);
+		
+		if (authUserObj != null && authUserObj instanceof AuthenticatedUser) {
+			authUser = (AuthenticatedUser) authUserObj;
+								
+			String useridobj = user.getUserID();
+			long userID = -1;
+			if (MiscUtil.isEmpty(useridobj)) {
+				userID = -1;
+				
+			} else {
+				if (!ValidationHelper.validateOAID(useridobj)){
+					log.warn("User with ID " + authUser.getUserID() 
+							+ " would access UserDatabase ID " + useridobj);
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+					return Constants.STRUTS_ERROR;
+				}	
+				userID = Long.valueOf(useridobj);
+			}
+						
+			if (!authUser.isAdmin()) {
+				if (authUser.getUserID() != userID) {
+					log.warn("User with ID " + authUser.getUserID() 
+							+ " would access UserDatabase Entry " + user.getUsername());
+					addActionError(LanguageHelper.getErrorString("errors.edit.user.notallowed", request));
+					return Constants.STRUTS_ERROR;
+				}
+			}
+			
+			UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+			if (dbuser != null) {
+				dbuser.setOnlineApplication(null);
+				
+				try {
+					ConfigurationDBUtils.saveOrUpdate(dbuser);
+					ConfigurationDBUtils.delete(dbuser);
+					
+				} catch (MOADatabaseException e) {
+					log.warn("UserData can not be deleted from Database");
+					addActionError(e.getMessage());
+					return Constants.STRUTS_SUCCESS;
+				}
+				
+				finally {
+					ConfigurationDBUtils.closeSession();
+				}
+			}
+			
+			ConfigurationDBUtils.closeSession();
+			return Constants.STRUTS_SUCCESS;
+
+		}
+		return Constants.STRUTS_REAUTHENTICATE;
+		
+	}
 	
-	public String createTestUser() throws MOADatabaseException {
+	private String saveFormToDB() {
+		
+		UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(user.getUsername());
 		
-		UserDatabase user = new UserDatabase();
-		user.setBpk("");
-		user.setFamilyname("Max");
-		user.setGivenname("Mustermann");
-		user.setIsActive(true);
-		user.setIsAdmin(false);
-		user.setInstitut("EGIZ");
-		user.setLastLoginItem(new Date());
-		user.setMail("masdf@amfasdf.com");
-		user.setPhone("00660011542");
-		user.setUsername("testuser");
+		if( dbuser == null) {
+			dbuser = new UserDatabase();
+		}
 		
-		ConfigurationDBUtils.save(user);
+		dbuser.setBpk(user.getBpk());
+		dbuser.setFamilyname(user.getFamilyName());
+		dbuser.setGivenname(user.getGivenName());
+		dbuser.setInstitut(user.getInstitut());
+		dbuser.setMail(user.getMail());
+		dbuser.setPhone(user.getPhone());
+		dbuser.setUsername(user.getUsername());
 		
-		return Constants.STRUTS_SUCCESS;
+		if (authUser.isAdmin()) {
+			dbuser.setIsActive(user.isActive());
+			dbuser.setIsAdmin(user.isAdmin());
+		}
+		
+		if (MiscUtil.isNotEmpty(user.getPassword())) {
+			String key = AuthenticationHelper.generateKeyFormPassword(user.getPassword());
+			if (key == null) {
+				return LanguageHelper.getErrorString("errors.edit.user.save");
+			}
+			dbuser.setPassword(key);			
+		}
+
+		
+		try {
+			ConfigurationDBUtils.saveOrUpdate(dbuser);
+		} catch (MOADatabaseException e) {
+			log.warn("User information can not be stored in Database.", e);
+			return LanguageHelper.getErrorString("errors.edit.user.save");
+		}
+		
+		return null;
 	}
 	
+//	public String createTestUser() throws MOADatabaseException {
+//		
+//		UserDatabase user = new UserDatabase();
+//		user.setBpk("");
+//		user.setFamilyname("Max");
+//		user.setGivenname("Mustermann");
+//		user.setIsActive(true);
+//		user.setIsAdmin(false);
+//		user.setInstitut("EGIZ");
+//		user.setLastLoginItem(new Date());
+//		user.setMail("masdf@amfasdf.com");
+//		user.setPhone("00660011542");
+//		user.setUsername("testuser");
+//		
+//		ConfigurationDBUtils.save(user);
+//		
+//		return Constants.STRUTS_SUCCESS;
+//	}
+	
 	
 	public void setServletResponse(HttpServletResponse response) {
 		this.response = response;
@@ -56,7 +336,63 @@ public class UserManagementAction extends ActionSupport
 		this.request = request;
 		
 	}
+
+	/**
+	 * @return the userlist
+	 */
+	public List<AuthenticatedUser> getUserlist() {
+		return userlist;
+	}
+
+	/**
+	 * @param userlist the userlist to set
+	 */
+	public void setUserlist(List<AuthenticatedUser> userlist) {
+		this.userlist = userlist;
+	}
+
+	/**
+	 * @return the user
+	 */
+	public UserDatabaseFrom getUser() {
+		return user;
+	}
+
+	/**
+	 * @param user the user to set
+	 */
+	public void setUser(UserDatabaseFrom user) {
+		this.user = user;
+	}
+
+	/**
+	 * @return the useridobj
+	 */
+	public String getUseridobj() {
+		return useridobj;
+	}
+
+	/**
+	 * @param useridobj the useridobj to set
+	 */
+	public void setUseridobj(String useridobj) {
+		this.useridobj = useridobj;
+	}
+
+	/**
+	 * @return the authUser
+	 */
+	public AuthenticatedUser getAuthUser() {
+		return authUser;
+	}
+
+	/**
+	 * @return the newUser
+	 */
+	public boolean isNewUser() {
+		return newUser;
+	}
+	
 	
 	
-
 }
diff --git a/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
new file mode 100644
index 000000000..8e6edf52a
--- /dev/null
+++ b/id/ConfigWebTool/src/main/java/at/gv/egovernment/moa/id/configuration/validation/UserDatabaseFormValidator.java
@@ -0,0 +1,147 @@
+package at.gv.egovernment.moa.id.configuration.validation;
+
+import java.util.ArrayList;
+import java.util.List;
+
+import org.apache.log4j.Logger;
+
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.dao.config.UserDatabase;
+import at.gv.egovernment.moa.id.configuration.data.UserDatabaseFrom;
+import at.gv.egovernment.moa.id.configuration.helper.AuthenticationHelper;
+import at.gv.egovernment.moa.id.configuration.helper.LanguageHelper;
+import at.gv.egovernment.moa.util.MiscUtil;
+
+public class UserDatabaseFormValidator {
+
+	private static final Logger log = Logger.getLogger(UserDatabaseFormValidator.class);
+	
+	public List<String> validate(UserDatabaseFrom form, long userID) {
+		List<String> errors = new ArrayList<String>();
+				
+		String check = form.getGivenName();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("GivenName contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		} else {
+			log.warn("GivenName is empty");
+			errors.add(LanguageHelper.getErrorString("validation.edituser.givenname.empty"));			
+		}
+		
+		
+		check = form.getFamilyName();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("FamilyName contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		} else {
+			log.warn("FamilyName is empty");
+			errors.add(LanguageHelper.getErrorString("validation.edituser.familyname.empty"));			
+		}
+
+		check = form.getInstitut();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("Organisation contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.institut.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		} else {
+			log.warn("Organisation is empty");
+			errors.add(LanguageHelper.getErrorString("validation.edituser.institut.empty"));			
+		}
+		
+		check = form.getMail();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (!ValidationHelper.isEmailAddressFormat(check)) {
+				log.warn("Mailaddress is not valid: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.mail.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		} else {
+			log.warn("Mailaddress is empty");
+			errors.add(LanguageHelper.getErrorString("validation.edituser.mail.empty"));			
+		}
+		
+		check = form.getPhone();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("Phonenumber contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.phone.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		} else {
+			log.warn("Phonenumber is empty");
+			errors.add(LanguageHelper.getErrorString("validation.edituser.phone.empty"));			
+		}
+		
+		check = form.getUsername();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("Username contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.username.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+				
+			} else {
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithUserName(check);
+				if (dbuser != null && userID != dbuser.getHjid()) {
+					log.warn("Username " + check + " exists in UserDatabase");
+					errors.add(LanguageHelper.getErrorString("validation.edituser.username.duplicate"));
+					form.setUsername("");
+				}	
+			}
+		} else {
+			if (userID == -1) {
+				log.warn("Username is empty");
+				errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+			} else {
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+				if (dbuser == null) {
+					log.warn("Username is empty");
+					errors.add(LanguageHelper.getErrorString("validation.edituser.username.empty"));
+				} else {
+					form.setUsername(dbuser.getUsername());
+				}
+			}
+		}
+		
+		check = form.getPassword();
+		if (MiscUtil.isEmpty(check)) {
+			if (userID == -1) {
+				log.warn("Password is empty");
+				errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+			} else {
+				UserDatabase dbuser = ConfigurationDBRead.getUserWithID(userID);
+				if (dbuser == null || MiscUtil.isEmpty(dbuser.getPassword())) {
+					log.warn("Password is empty");
+					errors.add(LanguageHelper.getErrorString("validation.edituser.password.empty"));
+				}
+			}
+			
+		} else {
+			String key = AuthenticationHelper.generateKeyFormPassword(check);
+			if (key == null) {
+				errors.add(LanguageHelper.getErrorString("validation.edituser.password.valid"));
+			}
+		}
+		
+		
+		
+		check = form.getBpk();
+		if (MiscUtil.isNotEmpty(check)) {
+			if (ValidationHelper.containsPotentialCSSCharacter(check, false)) {
+				log.warn("BPK contains potentail XSS characters: " + check);
+				errors.add(LanguageHelper.getErrorString("validation.edituser.bpk.valid", 
+						new Object[] {ValidationHelper.getPotentialCSSCharacter(false)} ));
+			}
+		}
+		
+		return errors;
+		
+	}
+}
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources.properties b/id/ConfigWebTool/src/main/resources/applicationResources.properties
new file mode 100644
index 000000000..9ceaa75b3
--- /dev/null
+++ b/id/ConfigWebTool/src/main/resources/applicationResources.properties
@@ -0,0 +1,298 @@
+title=MOA-ID 2.x Configuration Tool
+
+
+config.01=Configfile is not found.
+config.02=Configfile is not readable.
+config.03=Hibernate Database connector can not be initialized
+
+error.title=Fehler:
+errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
+errors.edit.oa.oaid=Es wurde keine g\u00FCtige Online-Applikations-ID \u00FCbergeben.
+errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00F6tigen Rechte um auf diese Online-Applikation zuzugreifen. 
+error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden.
+error.db.oa.store=Die Konfiguration konnte nicht in der Datenbank gespeichert werden.
+errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen. 
+errors.importexport.nofile=Es wurde keine Datei angegeben.
+errors.importexport.legacyimport=Der Importvorgang der Legacy-Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export=Die MOA-ID 2.x Konfiguration konnte nicht in ein XML File exportiert werden. (Fehler={0})
+errors.importexport.import=Der Importvorgang der XML Konfiguration wurde mit einem Fehler abgebrochen (Fehler={0}).
+errors.importexport.export.noconfig=Die Konfiguration kann nicht exportiert werden da keine MOA-ID Konfiguration vorhanden ist.
+errors.edit.user.userid=Es wurde keine g\u00FCtige User ID \u00FCbergeben.
+errors.edit.user.save=Der Benutzer konnte nicht in die Datenbank eingetragen werden.
+errors.edit.user.notallowed=Das Bearbeiten fremder Benutzereinstellungen ist nur dem Admin erlaubt.
+error.login=Der Anmeldevorgang durch einen internen Fehler unterbrochen. Bitte Versuchen sie es noch einmal.
+
+
+webpages.error.header=Es ist ein Fehler aufgetreten
+webpages.index.header=Willkommen bei der MOA-ID 2.x Konfigurationsapplikation
+webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
+webpages.index.login=Anmelden
+webpages.index.logout=Abmelden
+webpages.index.username.unkown=Der Benutzer ist nicht bekannt.
+webpages.index.username.notactive=Der Benutzer wurde durch den Administrator noch nicht freigeschalten.
+webpages.index.password.false=Das Passwort stimmt nicht.
+
+webpages.inportexport.header=Konfiguration Importieren/Exportieren
+webpages.inportexport.success=Die Konfiguration konnte erfolgreich importiert werden.
+webpages.inportexport.legacyimport.header=Legacy Konfiguration importieren (MOA-ID < 2.0)
+webpages.inportexport.legacyimport.upload=Legacy Konfiguration
+webpages.edit.import=Importieren
+webpages.edit.export=Exportieren
+webpages.inportexport.import.header=MOA-ID 2.x Konfiguration
+webpages.inportexport.import.upload=Konfiguration importieren
+webpages.inportexport.import.download=Konfiguration exportieren
+webpages.inportexport.descripten=ACHTUNG\: Die importierte Konfiguration ersetzt eine aktuell vorhandene Konfiguration vollst\u00E4ndig\! 
+
+webpages.usermanagement.newuser=Neuen Benutzer erstellen
+webpages.usermanagement.header=Benutzerverwaltung
+webpages.listUsers.list.header=Liste aller vorhandenen Benutzer
+webpages.listUsers.list.first=Vorname
+webpages.listUsers.list.second=Familienname
+webpages.listUsers.list.third=Benutzername
+webpages.edituser.header=Benutzerdaten
+webpages.edituser.givenname=Vorname
+webpages.edituser.familyName=Familienname
+webpages.edituser.institut=Organisation
+webpages.edituser.phone=Telefonnummer
+webpages.edituser.mail=EMail Adresse
+webpages.edituser.access.header=Zugangsdaten
+webpages.edituser.username=Benutzername
+webpages.edituser.password=Kennwort
+webpages.edituser.bpk=BPK
+webpages.edituser.role.header=Rechte und Role
+webpages.edituser.active=Benutzer ist aktiviert
+webpages.edituser.admin=Benutzer ist Admin
+webpages.edit.delete.user=Benutzer l\u00F6schen
+
+webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
+webpages.mainpage.menu.oa.display=Meine Applikationen
+webpages.mainpage.menu.oa.search=Applikation suchen
+webpages.mainpage.menu.general.user=Meine Daten
+webpages.mainpage.menu.general.importexport=Importieren/Exportieren
+webpages.mainpage.menu.general.config.moaid=Allgemeine Konfiguration
+webpages.mainpage.menu.general.usermanagement=Benutzerverwaltung
+
+webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
+webpages.moaconfig.header=Allgemeine Konfiguration
+webpages.moaconfig.defaultbkus.header=Default BKUs
+webpages.moaconfig.slrequesttemplates.header=SecurtiyLayer Request Templates
+webpages.moaconfig.slrequesttemplates.local=Locale BKU
+webpages.moaconfig.slrequesttemplates.handy=Handy BKU
+webpages.moaconfig.slrequesttemplates.online=Online BKU
+webpages.moaconfig.certificates.header=Zertifikatspr\u00FCfung
+webpages.moaconfig.certificates.certstore=CertStoreDirecorty
+webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking
+webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates
+webpages.moaconfig.certificates.chainingmode=ChainingMode
+webpages.moaconfig.timeout.header=Session TimeOuts
+webpages.moaconfig.timeout.assertion=Assertion [sec]
+webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
+webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzter Zugriff [sec]
+webpages.moaconfig.moasp.header=MOA-SP Konfiguration
+webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil 
+webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil 
+webpages.moaconfig.moasp.authblocktransform=Authentfizierungsblock Transformationen
+webpages.moaconfig.moasp.url=URL zum MOA-SP Service
+webpages.moaconfig.identitylinksigners=IdentityLinkSigners
+webpages.moaconfig.services.header=Externe Services
+webpages.moaconfig.services.mandates=Online-Vollmachten Service URL
+webpages.moaconfig.services.szrgw=SZR Gateway Service URL
+webpages.moaconfig.sso.header=Single Sign-On
+webpages.moaconfig.sso.PublicUrl=SSO Service URL-Prefix
+webpages.moaconfig.sso.FriendlyName=SSO Service Name
+webpages.moaconfig.services.sso.Target=SSO Service Target
+webpages.moaconfig.services.sso.SpecialText=SSO AuthBlockText
+webpages.moaconfig.protocols.header=Protokolle 
+webpages.moaconfig.protocols.legacy.header=Legacy Modus aktivieren
+webpages.moaconfig.protocols.legacy.saml1=SAML1
+webpages.moaconfig.protocols.legacy.pvp2=PVP2.1
+webpages.moaconfig.protocols.pvp2.header=PVP2 Konfiguration
+webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
+webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
+webpages.moaconfig.protocols.pvp2.org.header=Organisation
+webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung
+webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00E4ndiger Name
+webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation
+webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten
+webpages.moaconfig.protocols.pvp2.contact.surename=Familienname
+webpages.moaconfig.protocols.pvp2.contact.givenname=Vorname
+webpages.moaconfig.protocols.pvp2.contact.email=Mailadresse
+webpages.moaconfig.protocols.pvp2.contact.company=Unternehmen
+webpages.moaconfig.protocols.pvp2.contact.phone=Telefonnummer
+webpages.moaconfig.protocols.pvp2.contact.type=Type des Kontakts
+webpages.moaconfig.sl.transormations.header=SecurityLayer Transformationen
+webpages.moaconfig.sl.transormations.filename=Dateiname
+webpages.moaconfig.sl.transormations.upload=Neue Transformation hochladen
+
+webpages.listOAs.list.first=Eindeutige Kennung
+webpages.listOAs.list.second=Name der Online-Applikation
+
+webpages.searchoa.header=Online-Applikation suchen
+webpages.searchoa.search.friendlyname=Name der Online-Applikation
+webpages.searchoa.butten.search=Suchen
+
+webpages.oaconfig.header=Konfiguration der Onlineapplikation
+webpages.oaconfig.general.isActive=Online-Applikation ist aktiviert
+webpages.oaconfig.general.bku.header=BKU Konfiguration
+webpages.oaconfig.general.bku.local=Locale BKU
+webpages.oaconfig.general.bku.online=Online BKU
+webpages.oaconfig.general.bku.handy=Handy BKU
+webpages.oaconfig.general.bku.slversion=SecurityLayer Version
+webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
+webpages.oaconfig.general.identification=Eindeutiger Identifikatior
+webpages.oaconfig.general.mandate.header=Vollmachten
+webpages.oaconfig.general.mandate.profiles=Profile
+webpages.oaconfig.general.friendlyname=Name der Online-Applikation
+webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation
+webpages.oaconfig.general.public.header=&Ouml;ffentlicher Bereich
+webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs
+webpages.oaconfig.general.target=Bereich (Target)
+webpages.oaconfig.general.business.header=Privatwirtschaftlicher Bereich
+webpages.oaconfig.general.business.value=Identificationsnummer
+webpages.oaconfig.general.aditional.header=Zus&auml;tzliche allgemeine Einstellungen
+webpages.oaconfig.general.aditional.authblocktext=AuthblockText
+webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame
+webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden
+webpages.oaconfig.general.aditional.calculateHPI="TODO!"
+
+webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden
+webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden
+webpages.oaconfig.menu.pvp2.show=PVP2 Konfiguration einblenden
+webpages.oaconfig.menu.pvp2.hidden=PVP2 Konfiguration ausblenden
+
+webpages.oaconfig.menu.stork=STORK Konfiguration
+
+webpages.oaconfig.protocols.header=Authentifizierungsprotokolle
+
+webpages.oaconfig.sso.header=Single Sign-On
+webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
+webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
+webpages.oaconfig.sso.usesso=Single Sign-On verwenden
+
+webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
+webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
+webpages.oaconfig.saml1.provideAuthBlock=Authentifizierungsblock \u00FCbertragen
+webpages.oaconfig.saml1.provideIdentityLink=Personenbindung \u00FCbertragen
+webpages.oaconfig.saml1.provideCertificate=Zertifikat \u00FCbertragen
+webpages.oaconfig.saml1.provideFullMandateData=Vollst\u00E4ndige Vollmacht \u00FCbertragen
+webpages.oaconfig.saml1.useCondition=Usecondition
+webpages.oaconfig.saml1.conditionLength=ConditionLength
+
+webpages.oaconfig.protocols.pvp2.header=PVP2.x Konfiguration
+webpages.oaconfig.pvp2.metaDataURL=URL zu den Metadaten
+webpages.oaconfig.pvp2.certifcate=Zertifikat hochladen
+webpages.oaconfig.pvp2.certifcate.info=Infos zum Zertifikat
+
+message.title=Meldung:
+webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.
+webpages.oaconfig.cancle=Die Bearbeitung der Online-Applikation {0} wurde abgebrochen.
+
+webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00F6scht.
+webpages.oaconfig.delete.error=Die Online-Applikation {0} konnte nicht gel\u00F6scht werden. 
+
+webpages.edit.save=\u00C4nderungen Speichern
+webpages.edit.back=Zur\u00FCck und \u00C4nderungen verwerfen
+webpages.edit.delete=Online-Applikation l\u00F6schen
+
+webpages.header.info=Sie sind angemeldet als:
+webpages.header.lastlogin=Letzte Anmeldung am: 
+
+validation.edituser.familyname.empty=Der Familienname ist leer.
+validation.edituser.familyname.valid=Der Familienname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.givenname.empty=Der Vorname ist leer.
+validation.edituser.givenname.valid=Der Vorname enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.institut.empty=Die Organisation ist leer.
+validation.edituser.institut.valid=Die Organisation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.mail.empty=Die EMail Adresse ist leer.
+validation.edituser.mail.valid=Die EMail Adresse hat kein g\u00FCltiges Format.
+validation.edituser.phone.empty=Die Telefonnummer ist leer.
+validation.edituser.phone.valid=Die Telefonnummer hat kein g\u00FCltiges Form
+validation.edituser.username.empty=Der Benutzername ist leer.
+validation.edituser.username.valid=Der Benutzername enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.edituser.username.duplicate=Der Benutzername ist bereits vergeben
+validation.edituser.password.empty=Das Passwort ist leer.
+validation.edituser.password.valid=Das Passwort konnte nicht in einen g\u00FCltigen Schl\u00FCssel transferiert werden.
+validation.edituser.bpk.valid=Die BPK enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+
+validation.general.AlternativeSourceID=Die AlternaticeSourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
+validation.general.certStoreDirectory.valid=Das CertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00E4hlt.
+validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00E4lt einen ung\u00F6ltigen Wert.
+validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben
+validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00F6ltiges Format.
+validation.general.moasp.auth.transformation.empty=Die Transformation f\u00F6r den Authentfizierungsblock ist leer.
+validation.general.moasp.auth.transformation.valid=Die Transformation f\u00F6r den Authentfizierungsblock  in der Zeile {0} enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
+validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock ist leer.
+validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung des Authentfizierungsblock enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00F6fung der Personenbindung ist leer.
+validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00F6fung der Personenbindung  enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.issuername.valid=PVP2\: Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation\: Vollst\u00E4ndiger Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation\: Kurzbezeichnung enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation\: URL hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.serviceurl.valid=PVP2\: Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten\: Der Firmenname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten\: Der Familienname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten\: Der Vorname enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht. 
+validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten\: Die EMail Adresse ist nicht g\u00FCltig.
+validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten\: Die Telefonnummer ist nicht g\u00FCltig.
+validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00F6ltigen Wert.
+validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00FCltigen Wert.
+validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00FCltigen Wert.
+
+validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU ist leer.
+validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00F6r die Handy-BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00F6r die locale BKU ist leer.
+validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00F6r die locale BKU hat kein g\u00F6ltiges Format.
+validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU ist leer.
+validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00F6r die Online-BKU hat kein g\u00F6ltiges Format.
+validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00F6ltiges Format.
+validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.sso.target.empty=Das SSO Target Feld ist leer.
+validation.general.sso.target.valid=Das SSO Target Feld enth\u00E4lt ein ung\u00FCltiges Target.
+validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00F6ltiges Format.
+validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
+validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00E4lt ein ung\u00FCltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden.
+
+validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer.
+validation.general.bku.handy.valid=Die URL f\u00FCr die Handy-BKU hat kein g\u00FCltiges Format.
+validation.general.bku.local.empty=Die URL f\u00FCr die lokale BKU ist leer.
+validation.general.bku.local.valid=Die URL f\u00FCr die locale BKU hat kein g\u00FCltiges Format.
+validation.general.bku.online.empty=Die URL f\u00FCr die Online-BKU ist leer.
+validation.general.bku.online.valid=Die URL f\u00FCr die Online-BKU hat kein g\u00FCltiges Format.
+validation.general.oafriendlyname.empty=Es wurde keine Online-Applikation angegeben.
+validation.general.oafriendlyname=Der Name der Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.keyboxidentifier.empty=Es wurde kein KeyBoxIdentifier ausgew\u00E4hlt.
+validation.general.keyboxidentifier.valid=Der KeyBoxIdentifier hat ein ung\u00FCltiges Format.
+validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.target.empty=Der Target f\u00FCr die Online-Applikation ist leer.
+validation.general.target.valid=Der Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
+validation.general.slversion=Die SecurtiyLayer Version ist kein Zahlenformat.
+validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00E4ndert.
+validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationnumber.empty=Im privatwirtschaftlichen Bereich ist eine Identifikationsnummer erforderlich.
+validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00FCr den privatwirtschaftlichen Bereich enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.identificationnumber.fa.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
+validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00FCr die Online-Applikation angegeben.
+validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
+validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
+
+validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
+validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
+validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00DFt kein g\u00FCltiges Format auf. 
+validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt.
+
+validation.sso.logouturl.empty=Eine URL zum Single Log-Out Service ist erforderlich.
+validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kein g\u00FCltiges Format auf.
+
+validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden.
+
diff --git a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties b/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
deleted file mode 100644
index 00825c15c..000000000
--- a/id/ConfigWebTool/src/main/resources/applicationResources_de.properties
+++ /dev/null
@@ -1,234 +0,0 @@
-title=MOA-ID 2.x Configuration Tool
-
-
-config.01=Configfile is not found.
-config.02=Configfile is not readable.
-config.03=Hibernate Database connector can not be initialized
-
-error.title=Fehler:
-errors.listOAs.noOA=Es wurden keine Online-Applikationen in der Datenbank gefunden.
-errors.edit.oa.oaid=Es wurde keine g\u00FCtige Onlineapplikations ID \u00FCbergeben.
-errors.edit.oa.oaid.allowed=Sie besitzen nicht die ben\u00f6tigen Rechte um auf diese Online-Applikation zuzugreifen. 
-error.oa.pvp2.certificate=Das hinterlegte PVP2 Zertifikat konnte nicht gelesen werden.
-error.db.oa.store=Die Konfigruation konnte nicht in der Datenbank gespeichert werden.
-errors.notallowed=Sie besitzen nicht die n\u00F6tigen Rechte um diese Funktion zu benutzen. 
-
-webpages.error.header=Es ist ein Fehler aufgetreten
-webpages.index.header=Willkommen beim MOA-ID 2.x Configuration Tool
-webpages.index.desciption.head=Um dieses Service nutzen zu k\u00F6nnen m\u00FCssen sie sich einloggen.
-
-webpages.mainpage.menu.oa.insert=Neue Applikation anlegen
-webpages.mainpage.menu.oa.display=Meine Applikationen
-webpages.mainpage.menu.oa.search=Applikation suchen
-webpages.mainpage.menu.general.user=Meine Daten
-webpages.mainpage.menu.general.importexport=Importieren/Exportieren
-webpages.mainpage.menu.general.config.moaid=Allgemeine Konfiguration
-webpages.mainpage.menu.general.usermanagement=Benutzerverwaltung
-
-webpages.moaconfig.save.success=Die MOA-ID Konfiguration wurde erfolgreich gespeichert.
-webpages.moaconfig.header=Allgemeine Konfiguration
-webpages.moaconfig.defaultbkus.header=Default BKUs
-webpages.moaconfig.slrequesttemplates.header=SecurtiyLayer Request Templates
-webpages.moaconfig.slrequesttemplates.local=Locale BKU
-webpages.moaconfig.slrequesttemplates.handy=Handy BKU
-webpages.moaconfig.slrequesttemplates.online=Online BKU
-webpages.moaconfig.certificates.header=Zertifikatspr\u00FCfung
-webpages.moaconfig.certificates.certstore=CertStoreDirecorty
-webpages.moaconfig.certificates.trustmanagerrev=TrustManagerRevocationChecking
-webpages.moaconfig.certificates.trustCACerts=TrustedCACertificates
-webpages.moaconfig.certificates.chainingmode=ChainingMode
-webpages.moaconfig.timeout.header=Session TimeOuts
-webpages.moaconfig.timeout.assertion=Assertion [sec]
-webpages.moaconfig.timeout.MOASessionCreated=SSO Session authentifiziert [sec]
-webpages.moaconfig.timeout.MOASessionUpdated=SSO Session letzer Zugriff [sec]
-webpages.moaconfig.moasp.header=MOA-SP Konfiguration
-webpages.moaconfig.moasp.idltrustprofile=Personenbindung Trustprofil 
-webpages.moaconfig.moasp.authtrustprofile=Authentfizierungsblock Trustprofil 
-webpages.moaconfig.moasp.authblocktransform=Authentfizierungsblock Transformationen
-webpages.moaconfig.moasp.url=URL zum MOA-SP Service
-webpages.moaconfig.identitylinksigners=IdentityLinkSigners
-webpages.moaconfig.services.header=Externe Services
-webpages.moaconfig.services.mandates=Online-Vollmachten Service URL
-webpages.moaconfig.services.szrgw=SZR Gateway Service URL
-webpages.moaconfig.sso.header=Single Sign-On
-webpages.moaconfig.sso.PublicUrl=SSO Service URL-Prefix
-webpages.moaconfig.sso.FriendlyName=SSO Service Name
-webpages.moaconfig.services.sso.Target=SSO Service Target
-webpages.moaconfig.services.sso.SpecialText=SSO AuthBlockText
-webpages.moaconfig.protocols.header=Protokolle 
-webpages.moaconfig.protocols.legacy.header=Legacy Modus aktivieren
-webpages.moaconfig.protocols.legacy.saml1=SAML1
-webpages.moaconfig.protocols.legacy.pvp2=PVP2.1
-webpages.moaconfig.protocols.pvp2.header=PVP2 Konfiguration
-webpages.moaconfig.protocols.pvp2.PublicUrlPrefix=PVP2 Service URL-Prefix
-webpages.moaconfig.protocols.pvp2.IssuerName=PVP Service Name
-webpages.moaconfig.protocols.pvp2.org.header=Organisation
-webpages.moaconfig.protocols.pvp2.org.name=Kurzbezeichnung
-webpages.moaconfig.protocols.pvp2.org.displayname=Vollst\u00e4ndiger Name
-webpages.moaconfig.protocols.pvp2.org.url=URL der Organisation
-webpages.moaconfig.protocols.pvp2.contact.header=Kontaktdaten
-webpages.moaconfig.protocols.pvp2.contact.surename=Familienname
-webpages.moaconfig.protocols.pvp2.contact.givenname=Vorname
-webpages.moaconfig.protocols.pvp2.contact.email=Mailadresse
-webpages.moaconfig.protocols.pvp2.contact.company=Unternehmen
-webpages.moaconfig.protocols.pvp2.contact.phone=Telefonnummer
-webpages.moaconfig.protocols.pvp2.contact.type=Type des Kontakts
-webpages.moaconfig.sl.transormations.header=SecurityLayer Transformationen
-webpages.moaconfig.sl.transormations.filename=Dateiname
-webpages.moaconfig.sl.transormations.upload=Neue Transformation hochladen
-
-webpages.listOAs.list.first=Eindeutige Kennung
-webpages.listOAs.list.second=Name der Online-Applikation
-
-webpages.searchoa.header=Online-Applikation suchen
-webpages.searchoa.search.friendlyname=Name der Online-Applikation
-webpages.searchoa.butten.search=Suchen
-
-webpages.oaconfig.header=Konfiguration der Onlineapplikation
-webpages.oaconfig.general.isActive=Online-Applikation ist aktiviert
-webpages.oaconfig.general.bku.header=BKU Konfiguration
-webpages.oaconfig.general.bku.local=Locale BKU
-webpages.oaconfig.general.bku.online=Online BKU
-webpages.oaconfig.general.bku.handy=Handy BKU
-webpages.oaconfig.general.bku.slversion=SecurityLayer Version
-webpages.oaconfig.general.bku.keyboxidentifier=KeyBoxIdentifier
-webpages.oaconfig.general.identification=Eindeutiger Identifikatior
-webpages.oaconfig.general.mandate.header=Vollmachten
-webpages.oaconfig.general.mandate.profiles=Profile
-webpages.oaconfig.general.friendlyname=Name der Online-Applikation
-webpages.oaconfig.general.isbusinessservice=Privatwirtschaftliche Applikation
-webpages.oaconfig.general.public.header=&Ouml;ffentlicher Bereich
-webpages.oaconfig.general.target.friendlyname=Bezeichnung des Bereichs
-webpages.oaconfig.general.target=Bereich (Target)
-webpages.oaconfig.general.business.header=Privatwirtschaftlicher Bereich
-webpages.oaconfig.general.business.value=Identificationsnummer
-webpages.oaconfig.general.aditional.header=Zus&auml;tzliche allgemeine Einstellungen
-webpages.oaconfig.general.aditional.authblocktext=AuthblockText
-webpages.oaconfig.general.aditional.iframe=B\u00FCrgerkartenauswahl im IFrame
-webpages.oaconfig.general.aditional.useUTC=UTC Zeit verwenden
-webpages.oaconfig.general.aditional.calculateHPI="TODO!"
-
-webpages.oaconfig.menu.saml1.show=SAML1 Konfiguration einblenden
-webpages.oaconfig.menu.saml1.hidden=SAML1 Konfiguration ausblenden
-webpages.oaconfig.menu.pvp2.show=PVP2 Konfiguration einblenden
-webpages.oaconfig.menu.pvp2.hidden=PVP2 Konfiguration ausblenden
-
-webpages.oaconfig.menu.stork=STORK Konfiguration
-
-webpages.oaconfig.protocols.header=Authentifizierungsprotokolle
-
-webpages.oaconfig.sso.header=Single Sign-On
-webpages.oaconfig.sso.singlelogouturl=Single Log-Out URL
-webpages.oaconfig.sso.useauthdataframe=Zus\u00E4tzliche Userabfrage
-webpages.oaconfig.sso.usesso=Single Sign-On verwenden
-
-webpages.oaconfig.protocols.saml1.header=SAML1 Konfiguration
-webpages.oaconfig.saml1.provideStammZahl=Stammzahl \u00FCbertragen
-webpages.oaconfig.saml1.provideAuthBlock=Authentifizierungsblock \u00FCbertragen
-webpages.oaconfig.saml1.provideIdentityLink=Personenbindung \u00FCbertragen
-webpages.oaconfig.saml1.provideCertificate=Zertifikat \u00FCbertragen
-webpages.oaconfig.saml1.provideFullMandateData=Vollst\u00E4ndige Vollmacht \u00FCbertragen
-webpages.oaconfig.saml1.useCondition=Usecondition
-webpages.oaconfig.saml1.conditionLength=ConditionLength
-
-webpages.oaconfig.protocols.pvp2.header=PVP2.x Konfiguration
-webpages.oaconfig.pvp2.metaDataURL=URL zu den Metadaten
-webpages.oaconfig.pvp2.certifcate=Zertifikat hochladen
-webpages.oaconfig.pvp2.certifcate.info=Infos zum Zertifikat
-
-message.title=Meldung:
-webpages.oaconfig.success=Die Online-Applikation {0} konnte erfolgreich gespeichert werden.
-webpages.oaconfig.cancle=Die Bearbeitung der Online-Applikation {0} wurde abgebrochen.
-
-webpages.oaconfig.delete.message=Die Online-Applikation {0} wurde erfolgreich gel\u00F6scht.
-webpages.oaconfig.delete.error=Die Online-Applikation {0} konnte nicht gel\u00F6scht werden. 
-
-webpages.edit.save=\u00C4nderungen Speichern
-webpages.edit.back=Zur\u00FCck und \u00C4nderungen verwerfen
-webpages.edit.delete=Online-Applikation l\u00F6schen
-
-webpages.header.info=Sie sind angemeldet als:
-webpages.header.lastlogin=Letzte Anmeldung am: 
-
-validation.general.AlternativeSourceID=Die alternatice SourceID enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.certStoreDirectory.empty=CertStoreDirectory Feld ist leer.
-validation.general.certStoreDirectory.valid=Das ertStoreDirectory Feld enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.Defaultchainigmode.empty=Es wurde kein DefaultChainingMode gew\u00e4hlt.
-validation.general.Defaultchainigmode.valid=Der DefaultChainingMode enth\u00e4lt einen ung\u00f6ltigen Wert.
-validation.general.IdentityLinkSigners.empty=Es wurde kein IdentityLinkSigner angegeben
-validation.general.IdentityLinkSigners.valid=Der IdentityLinkSigner in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
-validation.general.mandateservice.valid=Die URL zum Online-Vollmachten Service hat kein g\u00f6ltiges Format.
-validation.general.moasp.auth.transformation.empty=Die Transformation f\u00f6r den Authentfizierungsblock ist leer.
-validation.general.moasp.auth.transformation.valid=Die Transformation f\u00f6r den Authentfizierungsblock  in der Zeile {0} enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {1}
-validation.general.moasp.auth.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock ist leer.
-validation.general.moasp.auth.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung des Authentfizierungsblock enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.moasp.idl.trustprofile.empty=Das TrustProfile zur Pr\u00f6fung der Personenbindung ist leer.
-validation.general.moasp.idl.trustprofile.valid=Das TrustProfile zur Pr\u00f6fung der Personenbindung  enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.moaspss.url.valid=Die URL zum MOA-SP/SS Service hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.issuername.valid=PVP2: Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.displayname.valid=PVP2 Organisation: Vollst\u00e4ndiger Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.name.valid=PVP2 Organisation: Kurzbezeichnung enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.org.url.valid=PVP2 Organisation: URL hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.serviceurl.valid=PVP2: Service URL-Prefix hat kein g\u00f6ltiges Format.
-validation.general.protocol.pvp2.contact.company.valid=PVP2 Kontaktdaten: Der Firmenname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.contact.givenname.valid=PVP2 Kontaktdaten: Der Familienname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.contact.surename.valid=PVP2 Kontaktdaten: Der Vorname enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.protocol.pvp2.contact.type.valid=PVP2 Kontaktdaten: Der angegebene Kontakttyp existiert nicht. 
-validation.general.protocol.pvp2.contact.mail.valid=PVP2 Kontaktdaten: Die EMail Adresse ist nicht g\u00fcltig.
-validation.general.protocol.pvp2.contact.phone.valid=PVP2 Kontaktdaten: Die Telefonnummer ist nicht g\u00fcltig.
-validation.general.timeouts.assertion.valid=Das Feld Assertion TimeOut hat keinen g\u00f6ltigen Wert.
-validation.general.timeouts.moasessioncreated.valid=Das Feld MOASessionCreated TimeOut hat keinen g\u00fcltigen Wert.
-validation.general.timeouts.moasessionupdated.valid=Das Feld MOASessionUpdated TimeOut hat keinen g\u00fcltigen Wert.
-
-validation.general.slrequest.handy.empty=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU ist leer.
-validation.general.slrequest.handy.valid=Die URL zum SecurityLayer Template f\u00f6r die Handy-BKU hat kein g\u00f6ltiges Format.
-validation.general.slrequest.local.empty=Die URL zum SecurityLayer Template f\u00f6r die locale BKU ist leer.
-validation.general.slrequest.local.valid=Die URL zum SecurityLayer Template f\u00f6r die locale BKU hat kein g\u00f6ltiges Format.
-validation.general.slrequest.online.empty=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU ist leer.
-validation.general.slrequest.online.valid=Die URL zum SecurityLayer Template f\u00f6r die Online-BKU hat kein g\u00f6ltiges Format.
-validation.general.sso.friendlyname.valid=Der SSO Service Name enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.sso.identificationnumber.valid=Die SSO IdentificationNumber enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.sso.publicurl.valid=Der SSO Service URL-Prefix hat kein g\u00f6ltiges Format.
-validation.general.sso.specialauthtext.valid=Der SSO AuthBlockText enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.sso.target.empty=Das SSO Target Feld ist leer.
-validation.general.sso.target.valid=Das SSO Target Feld enth\u00e4lt ein ung\u00fcltiges Target.
-validation.general.szrgw.url.valid=Die URL des SZR Gateways hat kein g\u00f6ltiges Format.
-validation.general.trustedcacerts.empty=Das Feld TrustedCACertificates ist leer.
-validation.general.trustedcacerts.valid=Das Feld TrustedCACertificates enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.slrequest.filename.valid=Der Dateiname der angegebenen SecurtityLayer Transformation enth\u00e4lt ein ung\u00fcltiges Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.slrequest.file.valid=Die angegebenen SecurtityLayer Transformation konnte nicht geladen werden.
-
-validation.general.aditionalauthblocktext=Der Zusatztext f\u00FCr den AuthBlock enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.bku.handy.empty=Die URL f\u00FCr die Handy-BKU ist leer.
-validation.general.bku.handy.valid=Die URL f\u00FCr die Handy-BKU hat kein g\u00FCltiges Format.
-validation.general.bku.local.empty=Die URL f\u00FCr die lokale BKU ist leer.
-validation.general.bku.local.valid=Die URL f\u00FCr die locale BKU hat kein g\u00FCltiges Format.
-validation.general.bku.online.empty=Die URL f\u00FCr die Online-BKU ist leer.
-validation.general.bku.online.valid=Die URL f\u00FCr die Online-BKU hat kein g\u00FCltiges Format.
-validation.general.oafriendlyname.empty=Es wurde keine Online-Applikation angegeben.
-validation.general.oafriendlyname=Der Name der Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.keyboxidentifier.empty=Es wurde kein KeyBoxIdentifier ausgew\u00E4hlt.
-validation.general.keyboxidentifier.valid=Der KeyBoxIdentifier hat ein ung\u00FCltiges Format.
-validation.general.mandate.profiles=Die Liste von Vollmachtsprofilen enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.target.empty=Der Target f\u00FCr die Online-Applikation ist leer.
-validation.general.target.valid=Der Target f\u00FCr die Online-Applikation hat kein g\u00FCltiges Format.
-validation.general.slversion=Die SecurtiyLayer Version ist kein Zahlenformat.
-validation.general.slversion.business=Im privatwirtschaftlichen Bereich muss die SecurityLayerversion mindestes 1.2 betragen. Die SLVersion wurde auf 1.2 ge\u00E4ndert.
-validation.general.targetfriendlyname=Der Name des Bereichs (Target) enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.identificationnumber.empty=Im privatwirtschaftlichen Bereich ist eine Identifikationsnummer erforderlich.
-validation.general.identificationnumber.valid=Die Identifikationsnummer f\u00FCr den privatwirtschaftlichen Bereich enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.identificationnumber.fa.valid=Die Firmenbuchnummer hat kein g\u00FCltiges Format.
-validation.general.oaidentifier.empty=Es wurde kein eindeutiger Identifier f\u00FCr die Online-Applikation angegeben.
-validation.general.oaidentifier.valid=Der eindeutige Identifier f\u00FCr die Online-Applikation enth\u00E4lt nicht erlaubte Zeichen. Folgende Zeichen sind nicht erlaubt\: {0}
-validation.general.oaidentifier.notunique=Der gew\u00E4hlte eindeutige Identifier ist bereits vorhanden. Eine Eintragung der Online-Applikation ist nicht m\u00F6glich.
-
-validation.pvp2.metadataurl.empty=Keine Metadaten URL angegeben.
-validation.pvp2.metadataurl.valid=Die Metadaten URL wei\u00DFt kein g\u00FCltiges URL Format auf.
-validation.pvp2.certificate.format=Das angegebene PVP2 Zertifikat wei\u00DFt kein g\u00FCltiges Format auf. 
-validation.pvp2.certificate.notfound=Kein PVP2 Zertifikat eingef\u00FCgt.
-
-validation.sso.logouturl.empty=Eine URL zum Single Log-Out Service ist erforderlich.
-validation.sso.logouturl.valid=Die URL zum Single Log-Out Service wei\u00DFt kein g\u00FCltiges Format auf.
-
-validation.saml1.providestammzahl=ProvideStammZahl kann nicht mit Applikationen aus dem privatwirtschaftlichen Bereich kombiniert werden.
-
diff --git a/id/ConfigWebTool/src/main/resources/struts.xml b/id/ConfigWebTool/src/main/resources/struts.xml
index 83234ba3c..a729f5f57 100644
--- a/id/ConfigWebTool/src/main/resources/struts.xml
+++ b/id/ConfigWebTool/src/main/resources/struts.xml
@@ -16,6 +16,23 @@
 			  <interceptor-ref name="defaultStack"/>
 		 </action>
 		 
+ 		 <action name="authenticate" method="authenticate" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction"> 
+ 		    <result name="success" type="redirectAction">
+	          <param name="actionName">main</param>
+            <param name="namespace">/secure</param>
+	      </result>
+			  <result name="error">/index.jsp</result>
+			  <interceptor-ref name="defaultStack"/>
+		 </action>
+		 
+ 		 <action name="logout" method="logout" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
+			  <result name="success" type="redirectAction">
+	          <param name="actionName">index</param>
+            <param name="namespace">/</param>
+         </result>
+			  <interceptor-ref name="defaultStack"/>
+		 </action>
+ 		 
  		 <action name="error" method="error" class="at.gv.egovernment.moa.id.configuration.struts.action.IndexAction">
 			  <result name="error">/error.jsp</result>
 			  <interceptor-ref name="defaultStack"/>
@@ -25,45 +42,70 @@
 	<package name="secure" namespace="/secure" extends="struts-default">
 	    
 	  <default-interceptor-ref name="defaultStack"/>
-	    
+	  
+	  <action name="index">
+	      <result type="redirectAction">
+	          <param name="actionName">index</param>
+            <param name="namespace">/</param>
+	      </result>
+	  </action>
+	  
  		<action name="main" method="generateMainFrame" class="at.gv.egovernment.moa.id.configuration.struts.action.MainAction">
 			<result name="success">/jsp/mainpage.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
-		</action> 
-		
+		</action>
+				
  		 <action name="listallapplications" method="listAllOnlineAppliactions" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
 			<result name="success">/jsp/listOAs.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
 		
 		<action name="searchOAInit" method="searchOAInit" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
 			<result name="success">/jsp/searchOAs.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>	
  	 	
  	 	<action name="searchOA" method="searchOA" class="at.gv.egovernment.moa.id.configuration.struts.action.ListOAsAction">
 			<result name="success">/jsp/searchOAs.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>	
  		  
  		<action name="newOA" method="newOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
 			<result name="editOA">/jsp/editOAGeneral.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
  		 		
  		<action name="loadOA" method="inital" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
 			<result name="editOA">/jsp/editOAGeneral.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
  		
@@ -71,27 +113,39 @@
 			<result name="success" type="chain">main</result>
 			<result name="error_validation">/jsp/editOAGeneral.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
 		
  		<action name="cancleandbackOA" method="cancleAndBackOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
 			<result type="chain">main</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action> 		
  	
  		<action name="deleteOA" method="deleteOA" class="at.gv.egovernment.moa.id.configuration.struts.action.EditOAAction">
 			<result type="chain">main</result>
 			<result name="error_validation">/jsp/editOAGeneral.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action> 
  		
  		<action name="loadGeneralConfig" method="loadConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction">
 			<result name="success">/jsp/editMOAConfig.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<result name="notallowed" type="chain">main</result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
@@ -100,7 +154,10 @@
 			<result name="success" type="chain">main</result>
 			<result name="error_validation">/jsp/editMOAConfig.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<result name="notallowed" type="chain">main</result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
@@ -108,17 +165,116 @@
  		<action name="backGeneralConfig" method="back" class="at.gv.egovernment.moa.id.configuration.struts.action.EditGeneralConfigAction">
 			<result name="success" type="chain">main</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+ 				
+ 		<action name="importexport" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+			<result name="success">/jsp/importexport.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<result name="notallowed" type="chain">main</result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
  		
- 		<action name="addTestUser" method="createTestUser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
-			<result name="success" type="chain">main</result>
+ 		<action name="importlegacy" method="importLegacyConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+			<result name="success">/jsp/mainpage.jsp</result>
+			<result name="error_validation">/jsp/importexport.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<result name="notallowed">/jsp/mainpage.jsp</result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+		
+ 		<action name="importConfig" method="importXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+			<result name="success">/jsp/mainpage.jsp</result>
+			<result name="error_validation">/jsp/importexport.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<result name="notallowed">/jsp/mainpage.jsp</result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+ 			
+		<action name="exportConfig" method="downloadXMLConfig" class="at.gv.egovernment.moa.id.configuration.struts.action.ImportExportAction">
+			<result name="success" type="stream">
+				<param name="contentType">application/octet-stream</param>
+	  		<param name="inputName">fileInputStream</param>
+	  		<param name="contentDisposition">attachment;filename="MOAID-2.0_config.xml"</param>
+	  		<param name="bufferSize">1024</param>   
+			</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<result name="error_validation">/jsp/importexport.jsp</result>
+			<result name="notallowed">/jsp/mainpage.jsp</result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+		
+		<action name="usermanagementInit" method="init" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+			<result name="success">/jsp/usermanagement.jsp</result>
+			<result name="notallowed">/jsp/edituser.jsp</result>
 			<result name="error">/error.jsp</result>
-			<result name="reauthentication">/index.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
 			<interceptor-ref name="defaultStack"/>
 		</action>
- 		
+		
+		<action name="createUser" method="createuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+			<result name="success">/jsp/edituser.jsp</result>
+			<result name="notallowed" type="chain">main</result>
+			<result name="error">/error.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+			
+		<action name="editUser" method="edituser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+			<result name="success">/jsp/edituser.jsp</result>
+			<result name="error">/error.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+		
+		<action name="deleteUser" method="deleteuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+			<result name="success" type="chain">usermanagementInit</result>
+			<result name="notallowed" type="chain">main</result>
+			<result name="error">/error.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+		
+		<action name="saveUser" method="saveuser" class="at.gv.egovernment.moa.id.configuration.struts.action.UserManagementAction">
+			<result name="success" type="chain">usermanagementInit</result>
+			<result name="error_validation">/jsp/edituser.jsp</result>
+			<result name="notallowed" type="chain">main</result>
+			<result name="error">/error.jsp</result>
+			<result name="reauthentication" type="redirectAction">
+	          <param name="actionName">logout</param>
+            <param name="namespace">/</param> 
+	     </result>
+			<interceptor-ref name="defaultStack"/>
+		</action>
+		
  	</package>
 			
 </struts>
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
index c8ba8ab8a..7b27b0c4d 100644
--- a/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
+++ b/id/ConfigWebTool/src/main/webapp/WEB-INF/web.xml
@@ -8,23 +8,23 @@
 		<filter-class>at.gv.egovernment.moa.id.configuration.filter.AuthenticationFilter</filter-class>
 		<init-param>
 			<param-name>loginPage</param-name>
-			<param-value>index.action</param-value>
+			<param-value>./index.action</param-value>
 		</init-param>
 		<init-param>
 			<param-name>errorPage</param-name>
-			<param-value>error.action</param-value>
+			<param-value>./error.action</param-value>
 		</init-param>
 		<init-param>
 			<param-name>sessionLostPage</param-name>
-			<param-value>/</param-value>
+			<param-value>./authenticate.action</param-value>
 		</init-param>
-		<init-param>
+ 		<init-param>
 			<param-name>authenticatedPage</param-name>
-			<param-value>main.action</param-value>
+			<param-value>./secure/main.action</param-value>
 		</init-param>
 		<init-param>
 			<param-name>allowed</param-name>
-			<param-value>^.*((/index.action)|(/error.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value>
+			<param-value>^.*((/index.action)|(/error.action)|(/authenticate.action)|(/logout.action)|(/jsp/.*)|(/css/.*)|(/images/.*)|(/js/.*))$</param-value>
 		</init-param>
 	</filter>
 	<filter-mapping>
diff --git a/id/ConfigWebTool/src/main/webapp/css/index.css b/id/ConfigWebTool/src/main/webapp/css/index.css
index 5edddd506..49e9f41d1 100644
--- a/id/ConfigWebTool/src/main/webapp/css/index.css
+++ b/id/ConfigWebTool/src/main/webapp/css/index.css
@@ -6,12 +6,17 @@
 	display: block;
 }
 
-#header_area>p {
+#header_area>div {
 	font-size: 20px;
   margin-left: 25px;
   padding-top: 8px;
 }
 
+#header_area #logoutbutton {
+	  float: right;
+    padding-right: 25px;
+}
+
 #menu_area {
 	margin-top: 25px;
 	border-color: black;
@@ -245,6 +250,28 @@ div .wwgrp br {
 	float: left;
 }
 
+.userListFirst {
+	position: relative;
+	width: 200px;
+	float: left;
+	
+}
+
+.userListSecond {
+	position: relative;
+	float: left;
+	width: 200px;
+}
+
+.userListThird {
+	position: relative;
+	float: left;
+}
+
+.disabled {
+
+}
+
 #footer_area {
     background-color: green;
     clear: both;
diff --git a/id/ConfigWebTool/src/main/webapp/index.jsp b/id/ConfigWebTool/src/main/webapp/index.jsp
index 44d3bef5a..4e49eac75 100644
--- a/id/ConfigWebTool/src/main/webapp/index.jsp
+++ b/id/ConfigWebTool/src/main/webapp/index.jsp
@@ -14,10 +14,41 @@
 	<body>
 		<h1><%=LanguageHelper.getGUIString("webpages.index.header", request) %></h1>
 		
+		<div id="information_area">
+			<s:if test="hasActionErrors()">
+   			<div id="error_area">
+   			<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+    		<s:actionerror/>
+   		</div>
+		</s:if>	
+		
 		<div id="information_area">
 			<p><%=LanguageHelper.getGUIString("webpages.index.desciption.head", request) %></p>
-			<br/>
-			<a href="secure/main.action">Login</a>
+			
+			<div class="oa_config_block">
+				
+					<s:form namespace="/" method="POST" enctype="multipart/form-data">
+				
+							<s:textfield name="username" 
+								value="%{username}" 
+								labelposition="left"
+								key="webpages.edituser.username"
+								cssClass="textfield_long"
+								maxlength="16">
+							</s:textfield>
+								
+							<s:password name="password"  
+								labelposition="left"
+								key="webpages.edituser.password"
+								cssClass="textfield_long"
+								maxlength="16">
+							</s:password>
+							
+							<s:submit key="webpages.index.login" action="authenticate"/>		
+							
+					</s:form>
+			</div>
+			
 		</div>
 		
 	</body>
diff --git a/id/ConfigWebTool/src/main/webapp/js/common.js b/id/ConfigWebTool/src/main/webapp/js/common.js
index 431824c2a..5271a4006 100644
--- a/id/ConfigWebTool/src/main/webapp/js/common.js
+++ b/id/ConfigWebTool/src/main/webapp/js/common.js
@@ -48,6 +48,10 @@ function editOA(oaid){
 	$('#selectOAForm_OAID').val(oaid);
 	$('#selectOAForm').submit();
 }
+function userOA(userid){
+	$('#selectUserForm_OAID').val(userid);
+	$('#selectUserForm').submit();	
+}
 function oaOnLoad() {
 	oaBusinessService();
 	oaSSOService();
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
new file mode 100644
index 000000000..a332fb425
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/edituser.jsp
@@ -0,0 +1,142 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+	<head>
+		<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+		<link rel="stylesheet" type="text/css" href="../css/index.css">
+		<title><%=LanguageHelper.getGUIString("title", request) %></title>
+		<script type="text/javascript" src="../js/common.js"></script>
+		<script src="../js/jquery.js"></script>
+	</head>
+	
+	<body>
+		
+ 		<jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+		<jsp:include page="snippets/main_menu.jsp"></jsp:include>
+		
+		<div id="information_area">
+			<s:if test="hasActionErrors()">
+   			<div id="error_area">
+   				<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+      			<s:actionerror/>
+   			</div>
+			</s:if>	
+						
+			<div id="list_area">
+							
+					<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+				
+						<div class="oa_config_block">	
+							<h3><%=LanguageHelper.getGUIString("webpages.edituser.header", request) %></h3>												
+							<s:textfield name="user.givenName" 
+								value="%{user.givenName}" 
+								labelposition="left"
+								key="webpages.edituser.givenname"
+								cssClass="textfield_long">
+							</s:textfield>	
+							<s:textfield name="user.familyName" 
+								value="%{user.familyName}" 
+								labelposition="left"
+								key="webpages.edituser.familyName"
+								cssClass="textfield_long">
+							</s:textfield>
+							<s:textfield name="user.institut" 
+								value="%{user.institut}" 
+								labelposition="left"
+								key="webpages.edituser.institut"
+								cssClass="textfield_long">
+							</s:textfield>
+							<s:textfield name="user.mail" 
+								value="%{user.mail}" 
+								labelposition="left"
+								key="webpages.edituser.mail"
+								cssClass="textfield_long">
+							</s:textfield>
+							<s:textfield name="user.phone" 
+								value="%{user.phone}" 
+								labelposition="left"
+								key="webpages.edituser.phone"
+								cssClass="textfield_long">
+							</s:textfield>
+						</div>
+						
+						<div class="oa_config_block">	
+							<h3><%=LanguageHelper.getGUIString("webpages.edituser.access.header", request) %></h3>
+							<s:if test="isNewUser()">	
+								<s:textfield name="user.username" 
+									value="%{user.username}" 
+									labelposition="left"
+									key="webpages.edituser.username"
+									cssClass="textfield_long"
+									maxlength="16">
+								</s:textfield>
+							</s:if>
+							<s:else>
+								<s:textfield name="user.username" 
+									value="%{user.username}" 
+									labelposition="left"
+									key="webpages.edituser.username"
+									cssClass="textfield_long"
+									disabled="true"
+									maxlength="16">
+								</s:textfield>
+							</s:else>
+								
+							<s:password name="user.password"  
+								labelposition="left"
+								key="webpages.edituser.password"
+								cssClass="textfield_long"
+								maxlength="16">
+							</s:password>
+													
+							<s:textfield name="user.bpk" 
+								value="%{user.bpk}" 
+								labelposition="left"
+								key="webpages.edituser.bpk"
+								cssClass="textfield_long">
+							</s:textfield>							
+						</div>
+						
+						<s:if test="authUser.isAdmin()">
+							<div class="oa_config_block">	
+								<h3><%=LanguageHelper.getGUIString("webpages.edituser.role.header", request) %></h3>	
+								<s:checkbox name="user.active" 
+									value="%{user.active}" 
+									labelposition="left"
+									key="webpages.edituser.active"
+									cssClass="checkbox">
+								</s:checkbox>
+								<s:checkbox name="user.admin" 
+									value="%{user.admin}"
+									labelposition="left"
+									key="webpages.edituser.admin"
+									cssClass="checkbox">
+								</s:checkbox>
+							</div>
+						</s:if>
+						
+						<s:hidden name="user.userID" value="%{user.userID}"></s:hidden>
+						
+						<div id="button_area">
+							
+							<s:if test="authUser.isAdmin()">
+								<s:submit key="webpages.edit.back" action="usermanagementInit"/>
+							</s:if>		
+							<s:submit key="webpages.edit.save" action="saveUser"/>
+							<s:if test="!isNewUser()">
+								<s:submit key="webpages.edit.delete.user" action="deleteUser"/>
+							</s:if>								
+					</div>												
+					</s:form>
+				</div>
+		</div>
+		
+		<jsp:include page="snippets/footer.jsp"></jsp:include>
+		
+	</body>
+</html>
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
new file mode 100644
index 000000000..b28bc5f57
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/importexport.jsp
@@ -0,0 +1,76 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+	<head>
+		<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+		<link rel="stylesheet" type="text/css" href="../css/index.css">
+		<title><%=LanguageHelper.getGUIString("title", request) %></title>
+		<script type="text/javascript" src="../js/common.js"></script>
+		<script src="../js/jquery.js"></script>
+	</head>
+	
+	<body>
+		
+ 		<jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+		<jsp:include page="snippets/main_menu.jsp"></jsp:include>
+		
+		<div id="information_area">
+			<s:if test="hasActionErrors()">
+   			<div id="error_area">
+   				<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+      			<s:actionerror/>
+   			</div>
+			</s:if>	
+						
+			<div id="list_area">
+				<h2><%=LanguageHelper.getGUIString("webpages.inportexport.header", request) %></h2>
+				
+				
+				<s:if test="authUser.isAdmin()">
+				
+					<p><%=LanguageHelper.getGUIString("webpages.inportexport.descripten", request) %></p>
+					
+					<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+				
+				
+						<div class="oa_config_block">
+							<h3><%=LanguageHelper.getGUIString("webpages.inportexport.legacyimport.header", request) %></h3>					
+							<s:file name="fileUpload" key="webpages.inportexport.legacyimport.upload" cssClass="textfield_long"></s:file>
+							
+							<div id="button_area">
+								<%-- <s:submit key="webpages.edit.back" action="main"/> --%>		
+								<s:submit key="webpages.edit.import" action="importlegacy"/>
+							</div>	
+						</div>
+									
+					</s:form>
+					
+					<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+				
+				
+						<div class="oa_config_block">
+							<h3><%=LanguageHelper.getGUIString("webpages.inportexport.import.header", request) %></h3>					
+ 							<s:file name="fileUpload" key="webpages.inportexport.import.upload" cssClass="textfield_long"></s:file>
+
+							<div id="button_area">
+								<s:submit key="webpages.edit.import" action="importConfig"/>		
+								<s:submit key="webpages.edit.export" action="exportConfig"/>
+							</div>							
+							
+						</div>
+					</s:form>
+				</s:if>
+
+			</div>
+			
+		</div>
+		
+		<jsp:include page="snippets/footer.jsp"></jsp:include>
+		
+	</body>
+</html>
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
index c3a4921e9..b700970cc 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/mainpage.jsp
@@ -26,7 +26,7 @@
    			</div>
 			</s:if>	
 		
-			<p>das ist ein Test Text</p>
+			<p>Im Menü auf der rechten Seite können Sie die einzelnen Operationen wählen.</p>
 		</div>
 		
 		<jsp:include page="snippets/footer.jsp"></jsp:include>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
index a10b6e202..56fcf9681 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/header_userinfos.jsp
@@ -4,9 +4,14 @@
 
 <html>
 	<div id="header_area"> 
-		<p><%=LanguageHelper.getGUIString("webpages.header.info", request) %> 
+		<div><%=LanguageHelper.getGUIString("webpages.header.info", request) %> 
 			<s:property value="authUser.givenName"/> <s:property value="authUser.familyName"/>,&nbsp;&nbsp;&nbsp; 
 		 	<%=LanguageHelper.getGUIString("webpages.header.lastlogin", request) %> <s:property value="authUser.lastLogin"/>
-		</p>
+		 	
+		 	<s:url action="logout" var="logoutURL" namespace="/"/>
+			<a id="logoutbutton" href="<s:property value="#logoutURL" />"><%=LanguageHelper.getGUIString("webpages.index.logout", request) %></a>
+		</div>
+
+		
 	</div>
 </html>  
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
index 06bb1130c..26b12cdcb 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/main_menu.jsp
@@ -5,34 +5,38 @@
 <html>
 		<div id="menu_area">
 			<div class="menu_element">
-					<s:url action="newOA.action" var="newOA" namespace="/secure"/>
+					<s:url action="newOA" var="newOA" namespace="/secure"/>
 					<a href="<s:property value="#newOA" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.insert", request) %></a>
 			</div>
 			<div class="menu_element">
-					<s:url action="searchOAInit.action" var="searchOAs" namespace="/secure"/>
+					<s:url action="searchOAInit" var="searchOAs" namespace="/secure"/>
 					<a href="<s:property value="#searchOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.search", request) %></a>
 			</div>
 			<div class="menu_element">
-					<s:url action="listallapplications.action" var="listAllOAs" namespace="/secure"/>
+					<s:url action="listallapplications" var="listAllOAs" namespace="/secure"/>
 					<a href="<s:property value="#listAllOAs" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.oa.display", request) %></a>
 			</div>
 			
 			<s:if test="authUser.isAdmin()">
 				<div class="menu_element">
-						<s:url action="loadGeneralConfig.action" var="generalConfig" namespace="/secure"/>
+						<s:url action="loadGeneralConfig" var="generalConfig" namespace="/secure"/>
 						<a href="<s:property value="#generalConfig" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.config.moaid", request) %></a>
 				</div>
 				<div class="menu_element">
-						<a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a>
-				</div>
-				<div class="menu_element">
-						<a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a>
+						<s:url action="importexport" var="importexportUrl" namespace="/secure"/>
+						<a href="<s:property value="#importexportUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.importexport", request) %></a>
 				</div>
 			</s:if>
 			
 			<div class="menu_element">
-				<a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a>			
+					<s:url action="usermanagementInit" var="userManagementUrl" namespace="/secure"/>
+					<a href="<s:property value="#userManagementUrl" />"><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.usermanagement", request) %></a>
 			</div>
 
+			
+<%-- 			<div class="menu_element">
+				<a href=""><%=LanguageHelper.getGUIString("webpages.mainpage.menu.general.user", request) %></a>			
+			</div> --%>
+
 		</div>  
 </html>
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
index 2e1b0365f..113e822f8 100644
--- a/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/oas_list.jsp
@@ -28,7 +28,7 @@
 				</s:iterator>
 			</div>
 			
-			<s:form namespace="/" method="GET" id="selectOAForm" action="loadOA" namespace="/secure">
+			<s:form method="POST" id="selectOAForm" action="loadOA" namespace="/secure">
 				<s:hidden id="selectOAForm_OAID" name="oaidobj"></s:hidden>
 			</s:form> 
 		</s:if>
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
new file mode 100644
index 000000000..c5b67cbac
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/snippets/user_list.jsp
@@ -0,0 +1,42 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<html>
+		<s:if test="userlist && userlist.size > 0">	
+			<h3><%=LanguageHelper.getGUIString("webpages.listUsers.list.header", request) %></h3>
+			<div id="list_area">
+					<div id="listHeader" class="listElement">
+						<div class="userListFirst">
+							<%=LanguageHelper.getGUIString("webpages.listUsers.list.first", request) %>
+						</div>
+						<div class="userListSecond">
+							<%=LanguageHelper.getGUIString("webpages.listUsers.list.second", request) %>
+						</div>
+						<div class="userListThird">
+							<%=LanguageHelper.getGUIString("webpages.listUsers.list.third", request) %>
+						</div>
+					</div>
+					
+				<s:iterator var="UserElement" value="userlist">
+
+					<div class="listElement" onclick="userOA(<s:property value='userID'/>);">
+						<div class="userListFirst">
+							<s:property value="givenName"/>
+						</div>
+						<div class="userListSecond">
+							<s:property value="familyName"/>
+						</div>
+						<div class="userListThird">
+							<s:property value="userName"/>
+						</div>
+					</div>
+					
+				</s:iterator>
+			</div>
+			
+			<s:form method="POST" id="selectUserForm" action="editUser" namespace="/secure">
+				<s:hidden id="selectUserForm_OAID" name="useridobj"></s:hidden>
+			</s:form> 
+		</s:if>
+</html>
\ No newline at end of file
diff --git a/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
new file mode 100644
index 000000000..a29780cff
--- /dev/null
+++ b/id/ConfigWebTool/src/main/webapp/jsp/usermanagement.jsp
@@ -0,0 +1,50 @@
+<%@page import="at.gv.egovernment.moa.id.configuration.helper.LanguageHelper"%>
+
+<%@ page language="java" contentType="text/html; charset=UTF-8" pageEncoding="UTF-8"%>
+<%@ taglib prefix="s" uri="/struts-tags" %>
+
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
+<html>
+	<head>
+		<meta content="text/html; charset=utf-8" http-equiv="Content-Type">
+		<link rel="stylesheet" type="text/css" href="../css/index.css">
+		<title><%=LanguageHelper.getGUIString("title", request) %></title>
+		<script type="text/javascript" src="../js/common.js"></script>
+		<script src="../js/jquery.js"></script>
+	</head>
+	
+	<body>
+		
+ 		<jsp:include page="snippets/header_userinfos.jsp"></jsp:include>
+
+		<jsp:include page="snippets/main_menu.jsp"></jsp:include>
+		
+		<div id="information_area">
+			<s:if test="hasActionErrors()">
+   			<div id="error_area">
+   				<label><%=LanguageHelper.getGUIString("error.title", request) %></label>
+      			<s:actionerror/>
+   			</div>
+			</s:if>	
+			
+			<h2><%=LanguageHelper.getGUIString("webpages.usermanagement.header", request) %></h2>
+			
+			<s:if test="authUser.isAdmin()">
+						
+				<jsp:include page="snippets/user_list.jsp"></jsp:include>
+			
+				<div id="list_area">
+					<s:form namespace="/secure" method="POST" enctype="multipart/form-data">
+						<div id="button_area">		
+							<s:submit key="webpages.usermanagement.newuser" action="createUser"/>
+						</div>
+					</s:form>
+				</div>
+			</s:if>
+				
+		</div>
+		
+		<jsp:include page="snippets/footer.jsp"></jsp:include>
+		
+	</body>
+</html>
\ No newline at end of file
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
index 3fc59a78d..da3a79d32 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/config/auth/AuthConfigurationProvider.java
@@ -344,7 +344,7 @@ public class AuthConfigurationProvider extends ConfigurationProvider {
 		if (MiscUtil.isNotEmpty(legacyconfig)) {
 			Logger.warn("WARNING! MOA-ID 2.0 is started with legacy configuration. This setup is not recommended!");
 			
-			MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(legacyconfig, rootConfigFileDir, props);		
+			MOAIDConfiguration moaconfig = BuildFromLegacyConfig.build(new File(legacyconfig), rootConfigFileDir);		
 			ConfigurationDBUtils.save(moaconfig);
 			Logger.info("Legacy Configuration load is completed.");
 			
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
index e70830f93..99567478d 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/protocols/pvp2x/metadata/MOAMetadataProvider.java
@@ -24,6 +24,7 @@ import org.opensaml.xml.parse.BasicParserPool;
 
 import at.gv.egovernment.moa.id.auth.validator.parep.client.szrgw.SZRGWSecureSocketFactory;
 import at.gv.egovernment.moa.id.commons.db.ConfigurationDBRead;
+import at.gv.egovernment.moa.id.commons.db.ConfigurationDBUtils;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OAPVP2;
 import at.gv.egovernment.moa.id.commons.db.dao.config.OnlineApplication;
 import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProvider;
@@ -93,8 +94,9 @@ public class MOAMetadataProvider implements MetadataProvider {
 				Logger.error(
 						"Failed to add Metadata (unhandled reason: "
 								+ e.getMessage(), e);
-			}
+			}			
 		}
+		
 		internalProvider = chainProvider;
 	}
 
diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index 4ae4e5c44..1f8c31bb5 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -32,6 +32,7 @@ public class SessionEncrytionUtil {
 					SecretKey tmp = factory.generateSecret(spec);
 					secret = new SecretKeySpec(tmp.getEncoded(), "AES");
 					
+					
 			} else {
 				Logger.warn("MOASession encryption is deaktivated.");
 			}
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
index 08cb32625..795981777 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBRead.java
@@ -24,6 +24,8 @@ public class ConfigurationDBRead {
     	  QUERIES.put("getAllActiveOnlineApplications", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.isActive = '1'");
     	  QUERIES.put("getMOAIDConfiguration", "select moaidconfiguration from MOAIDConfiguration moaidconfiguration");
     	  QUERIES.put("getUserWithUserID", "select userdatabase from UserDatabase userdatabase where userdatabase.hjid = :id");
+    	  QUERIES.put("getUserWithUserUsername", "select userdatabase from UserDatabase userdatabase where userdatabase.username = :username");
+    	  QUERIES.put("getAllUsers", "select userdatabase from UserDatabase userdatabase");
     	  QUERIES.put("searchOnlineApplicationsWithID", "select onlineapplication from OnlineApplication onlineapplication where onlineapplication.friendlyName like :id");      }
       
 	  @SuppressWarnings("rawtypes")
@@ -133,6 +135,24 @@ public class ConfigurationDBRead {
 		    return result;
 	  }
 	  
+	  public static List<UserDatabase> getAllUsers() {
+			Logger.trace("Get All OnlineApplications from database.");
+			
+			List<UserDatabase> result;
+		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
+			  	
+		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getAllUsers"));  	
+			result = query.getResultList();
+		  	
+		    Logger.trace("Found entries: " + result.size());
+		    
+		    if (result.size() == 0) {
+		    	Logger.trace("No entries found.");
+		    	return null;
+		    }
+		    return result;
+	  }
+	  
 	  public static List<OnlineApplication> getAllActiveOnlineApplications() {
 			Logger.trace("Get All active OnlineApplications from database.");
 			
@@ -192,5 +212,27 @@ public class ConfigurationDBRead {
 		    	return null;
 		    }
 		    return (UserDatabase) result.get(0);
-		  }
+	  }
+	  
+	  
+	  
+	  public static UserDatabase getUserWithUserName(String username) {
+		  	MiscUtil.assertNotNull(username, "UserName");
+			Logger.trace("Getting Userinformation with ID " + username + " from database.");
+			
+			List<UserDatabase> result;
+		  	EntityManager session = ConfigurationDBUtils.getCurrentSession();
+			  	
+		  	javax.persistence.Query query = session.createQuery(QUERIES.get("getUserWithUserUsername"));  	
+		  	query.setParameter("username", username);
+			result = query.getResultList();
+		  	
+		    Logger.trace("Found entries: " + result.size());
+		    
+		    if (result.size() == 0) {
+		    	Logger.trace("No entries found.");
+		    	return null;
+		    }
+		    return (UserDatabase) result.get(0);
+	  }
 }
diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
index c8bacb470..16cea07d8 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/db/ConfigurationDBUtils.java
@@ -80,6 +80,7 @@ public final class ConfigurationDBUtils {
     	  	query.getResultList();
     		  
     	  } catch (Throwable e) {
+    		  Logger.warn("JPA Session Handling Warning!!!! - This error should not occur.");
         	  session = getNewSession();
     	  }
     	  
-- 
cgit v1.2.3