CXF Webservice adapter

22 files changed, 2582 insertions, 1 deletions

diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java
index 8f579cb..f676ed4 100644
--- a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/service/SignatureVerificationService.java
@@ -38,6 +38,7 @@ import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureRequestParser;
 import at.gv.egovernment.moa.spss.api.xmlbind.VerifyXMLSignatureResponseBuilder;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
 import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
 import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
 import at.gv.egovernment.moa.spss.server.invoke.PDFASInvoker;
 import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
@@ -197,7 +198,7 @@ public class SignatureVerificationService {
     Element[] response = new Element[1];
 
     try {
-
+    	
         // create a parser and builder for binding API objects to/from XML
       VerifyXMLSignatureRequestParser requestParser =
         new VerifyXMLSignatureRequestParser();
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSCreateSignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSCreateSignatureBinding.java
new file mode 100644
index 0000000..c6a1b01
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSCreateSignatureBinding.java
@@ -0,0 +1,14 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.CreateCMSSignatureRequest;
+import at.gv.egiz.moasig.CreateCMSSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+
+public interface CMSCreateSignatureBinding {
+	public at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest buildCMSRequest(
+			CreateCMSSignatureRequest createCMSSignatureRequest) throws MOAApplicationException;
+
+	public CreateCMSSignatureResponseType buildCMSResponse(CreateCMSSignatureResponse response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java
new file mode 100644
index 0000000..0cc3389
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/CMSVerifySignatureBinding.java
@@ -0,0 +1,14 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.VerifyCMSSignatureRequest;
+import at.gv.egiz.moasig.VerifyCMSSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+
+public interface CMSVerifySignatureBinding {
+	public at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest buildCMSRequest(
+			VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException;
+
+	public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFCreateSignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFCreateSignatureBinding.java
new file mode 100644
index 0000000..bb670b7
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFCreateSignatureBinding.java
@@ -0,0 +1,15 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.CreatePDFSignatureRequest;
+import at.gv.egiz.moasig.CreatePDFSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRespone;
+
+public interface PDFCreateSignatureBinding {
+	public CreatePDFRequest buildPDFRequest(
+			CreatePDFSignatureRequest createCMSSignatureRequest) throws MOAApplicationException;
+
+	public CreatePDFSignatureResponseType buildPDFResponse(CreatePDFRespone response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFVerifySignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFVerifySignatureBinding.java
new file mode 100644
index 0000000..6c6a89a
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/PDFVerifySignatureBinding.java
@@ -0,0 +1,15 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.VerifyPDFSignatureRequest;
+import at.gv.egiz.moasig.VerifyPDFSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFResponse;
+
+public interface PDFVerifySignatureBinding {
+	public VerifyPDFRequest buildPDFRequest(
+			VerifyPDFSignatureRequest createCMSSignatureRequest) throws MOAApplicationException;
+
+	public VerifyPDFSignatureResponseType buildPDFResponse(VerifyPDFResponse response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java
new file mode 100644
index 0000000..5da3dfc
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureCreationService.java
@@ -0,0 +1,24 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebService;
+
+@WebService(name = "SignatureCreationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+public interface SignatureCreationService {
+
+	@WebMethod(action = "createXMLSignature", operationName = "createXMLSignature")
+	public at.gv.egiz.moasig.CreateXMLSignatureResponseType createXMLSignature(
+			@WebParam(name = "CreateXMLSignatureRequest") at.gv.egiz.moasig.CreateXMLSignatureRequest createXMLSignatureRequest)
+					throws Exception;
+	
+	@WebMethod(action = "createCMSSignature", operationName = "createCMSSignature")
+	public at.gv.egiz.moasig.CreateCMSSignatureResponseType createCMSSignature(
+			@WebParam(name = "CreateCMSSignatureRequest") at.gv.egiz.moasig.CreateCMSSignatureRequest createCMSSignatureRequest)
+					throws Exception;
+	
+	@WebMethod(action = "createPDFSignature", operationName = "createPDFSignature")
+	public at.gv.egiz.moasig.CreatePDFSignatureResponseType createPDFSignature(
+			@WebParam(name = "CreatePDFSignatureRequest") at.gv.egiz.moasig.CreatePDFSignatureRequest createPDFSignatureRequest)
+					throws Exception;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java
new file mode 100644
index 0000000..dd78aea
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/SignatureVerificationService.java
@@ -0,0 +1,25 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import javax.jws.WebMethod;
+import javax.jws.WebParam;
+import javax.jws.WebService;
+
+@WebService(name = "SignatureVerificationService", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+public interface SignatureVerificationService {
+
+	@WebMethod(action = "verifyXMLSignature", operationName = "verifyXMLSignature")
+	public at.gv.egiz.moasig.VerifyXMLSignatureResponseType verifyXMLSignature(
+			@WebParam(name = "VerifyXMLSignatureRequest") at.gv.egiz.moasig.VerifyXMLSignatureRequest verifyXMLSignatureRequest)
+					throws Exception;
+	
+	@WebMethod(action = "verifyCMSSignature", operationName = "verifyCMSSignature")
+	public at.gv.egiz.moasig.VerifyCMSSignatureResponseType verifyCMSSignature(
+			@WebParam(name = "VerifyCMSSignatureRequest") at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest)
+					throws Exception;
+	
+	@WebMethod(action = "verifyPDFSignature", operationName = "verifyPDFSignature")
+	public at.gv.egiz.moasig.VerifyPDFSignatureResponseType verifyPDFSignature(
+			@WebParam(name = "VerifyPDFSignatureRequest") at.gv.egiz.moasig.VerifyPDFSignatureRequest verifyPDFSignatureRequest)
+					throws Exception;
+	
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLCreateSignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLCreateSignatureBinding.java
new file mode 100644
index 0000000..149095b
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLCreateSignatureBinding.java
@@ -0,0 +1,14 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.CreateXMLSignatureRequest;
+import at.gv.egiz.moasig.CreateXMLSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+
+public interface XMLCreateSignatureBinding {
+	public at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest buildXMLRequest(
+			CreateXMLSignatureRequest createXMLSignatureRequest) throws MOAApplicationException;
+
+	public CreateXMLSignatureResponseType buildXMLResponse(CreateXMLSignatureResponse response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLVerifySignatureBinding.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLVerifySignatureBinding.java
new file mode 100644
index 0000000..4a6d110
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/XMLVerifySignatureBinding.java
@@ -0,0 +1,14 @@
+package at.gv.egovernment.moa.spss.server.webservice;
+
+import at.gv.egiz.moasig.VerifyXMLSignatureRequest;
+import at.gv.egiz.moasig.VerifyXMLSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;;
+
+public interface XMLVerifySignatureBinding {
+	public at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest buildXMLRequest(
+			VerifyXMLSignatureRequest verifyXMLSignatureRequest) throws MOAApplicationException;
+
+	public VerifyXMLSignatureResponseType buildXMLResponse(VerifyXMLSignatureResponse response)
+			throws MOAApplicationException;
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSCreateSignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSCreateSignatureBindingImpl.java
new file mode 100644
index 0000000..31302d3
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSCreateSignatureBindingImpl.java
@@ -0,0 +1,72 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egiz.moasig.CreateCMSSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.server.webservice.CMSCreateSignatureBinding;
+
+public class CMSCreateSignatureBindingImpl implements CMSCreateSignatureBinding {
+
+	private TransformerUtils transformerUtils = new TransformerUtils();
+
+	/** The factory to create API objects. */
+	private SPSSFactory factory;
+
+	private CMSParserUtils cmsParserUtils;
+	
+	public CMSCreateSignatureBindingImpl() {
+		this.factory = SPSSFactory.getInstance();
+		this.cmsParserUtils = new CMSParserUtils();
+	}
+
+	@Override
+	public CreateCMSSignatureRequest buildCMSRequest(
+			at.gv.egiz.moasig.CreateCMSSignatureRequest createCMSSignatureRequest) throws MOAApplicationException {
+
+		String keyIdentifier = createCMSSignatureRequest.getKeyIdentifier();
+		List singleSignatureInfos = this.cmsParserUtils.parseSingleSignatureInfos(
+				createCMSSignatureRequest.getSingleSignatureInfo());
+
+		return this.factory.createCreateCMSSignatureRequest(keyIdentifier, singleSignatureInfos);
+	}
+
+	@Override
+	public CreateCMSSignatureResponseType buildCMSResponse(CreateCMSSignatureResponse response)
+			throws MOAApplicationException {
+
+		Iterator iter = response.getResponseElements().iterator();
+
+		CreateCMSSignatureResponseType createCMSSignatureResponseType = new CreateCMSSignatureResponseType();
+
+		while (iter.hasNext()) {
+			CreateCMSSignatureResponseElement responseElement = (CreateCMSSignatureResponseElement) iter.next();
+
+			switch (responseElement.getResponseType()) {
+			case CreateCMSSignatureResponseElement.CMS_SIGNATURE:
+				CMSSignatureResponse cmsSignatureResponse = (CMSSignatureResponse) responseElement;
+				createCMSSignatureResponseType.getCMSSignatureOrErrorResponse()
+						.add(
+								this.cmsParserUtils.addCMSSignature(cmsSignatureResponse));
+				break;
+
+			case CreateCMSSignatureResponseElement.ERROR_RESPONSE:
+				ErrorResponse errorResponse = (ErrorResponse) responseElement;
+				createCMSSignatureResponseType.getCMSSignatureOrErrorResponse().add(
+						this.cmsParserUtils.addErrorResponse(errorResponse));
+				break;
+			}
+		}
+
+		return createCMSSignatureResponseType;
+	}
+
+	
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSParserUtils.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSParserUtils.java
new file mode 100644
index 0000000..9512761
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSParserUtils.java
@@ -0,0 +1,141 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmssign.CMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmssign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.cmssign.SingleSignatureInfo;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.util.Base64Utils;
+
+public class CMSParserUtils {
+
+	private TransformerUtils transformerUtils = new TransformerUtils();
+
+	/** The factory to create API objects. */
+	private SPSSFactory factory;
+
+	public CMSParserUtils() {
+		this.factory = SPSSFactory.getInstance();
+	}
+
+	/**
+	 * Add a <code>CMSSignature</code> element to the response.
+	 * 
+	 * @param cmsSignatureResponse
+	 *            The content to put under the <code>CMSSignature</code>
+	 *            element.
+	 * @throws IOException
+	 */
+	public byte[] addCMSSignature(CMSSignatureResponse cmsSignatureResponse) throws MOAApplicationException {
+		String base64Value = cmsSignatureResponse.getCMSSignature();
+
+		try {
+			return Base64Utils.decode(base64Value, true);
+		} catch (IOException e) {
+			throw new MOAApplicationException("Base64 decoding failed", null);
+		}
+	}
+
+	/**
+	 * Add a <code>ErrorResponse</code> element to the response.
+	 * 
+	 * @param errorResponse
+	 *            The API object containing the information to put into the
+	 *            <code>ErrorResponse</code> DOM element.
+	 */
+	public at.gv.egiz.moasig.ErrorResponseType addErrorResponse(ErrorResponse errorResponse) {
+		at.gv.egiz.moasig.ErrorResponseType errorResponseType = new at.gv.egiz.moasig.ErrorResponseType();
+
+		errorResponseType.setErrorCode(BigInteger.valueOf(errorResponse.getErrorCode()));
+		errorResponseType.setInfo(errorResponse.getInfo());
+
+		return errorResponseType;
+	}
+	
+	/**
+	 * Parse all <code>SingleSignatureInfo</code> elements of the
+	 * <code>CreateCMSSignatureRequest</code>.
+	 * 
+	 * @param requestElem
+	 *            The <code>CreateCMSSignatureRequest</code> to parse.
+	 * @return A <code>List</code> of <code>SingleSignatureInfo</code> API
+	 *         objects.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing on of the
+	 *             <code>SingleSignatureInfo</code> elements.
+	 */
+	public List parseSingleSignatureInfos(
+			List<at.gv.egiz.moasig.CreateCMSSignatureRequestType.SingleSignatureInfo> singleInfos)
+					throws MOAApplicationException {
+
+		List singleSignatureInfos = new ArrayList();
+
+		Iterator<at.gv.egiz.moasig.CreateCMSSignatureRequestType.SingleSignatureInfo> singleInfoIterator = singleInfos
+				.iterator();
+
+		while (singleInfoIterator.hasNext()) {
+			at.gv.egiz.moasig.CreateCMSSignatureRequestType.SingleSignatureInfo singleSignatureInfo = singleInfoIterator
+					.next();
+
+			singleSignatureInfos.add(parseSingleSignatureInfo(singleSignatureInfo));
+		}
+
+		return singleSignatureInfos;
+	}
+
+	/**
+	 * Parse a <code>SingleSignatureInfo</code> DOM element.
+	 * 
+	 * @param sigInfoElem
+	 *            The <code>SingleSignatureInfo</code> DOM element to parse.
+	 * @return A <code>SingleSignatureInfo</code> API object containing the
+	 *         information of <code>sigInfoElem</code>.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the
+	 *             <code>SingleSignatureInfo</code>.
+	 */
+	public SingleSignatureInfo parseSingleSignatureInfo(
+			at.gv.egiz.moasig.CreateCMSSignatureRequestType.SingleSignatureInfo singleSignatureInfo)
+					throws MOAApplicationException {
+
+		DataObjectInfo dataObjectInfo = parseDataObjectInfo(singleSignatureInfo.getDataObjectInfo());
+		boolean securityLayerConform = singleSignatureInfo.isSecurityLayerConformity();
+
+		return factory.createSingleSignatureInfoCMS(dataObjectInfo, securityLayerConform);
+	}
+
+	/**
+	 * Parse the <code>DataObjectInfo</code> DOM elements contained in the given
+	 * <code>SingleSignatureInfo</code> DOM element.
+	 * 
+	 * @param sigInfoElem
+	 *            The <code>SingleSignatureInfo</code> DOM element whose
+	 *            <code>DataObjectInfo</code>s to parse.
+	 * @return A <code>List</code> of <code>DataObjectInfo</code> API objects
+	 *         containing the data from the <code>DataObjectInfo</code> DOM
+	 *         elements.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing one of the
+	 *             <code>DataObjectInfo</code>s.
+	 */
+	public DataObjectInfo parseDataObjectInfo(
+			at.gv.egiz.moasig.CreateCMSSignatureRequestType.SingleSignatureInfo.DataObjectInfo dataObjectInfo)
+					throws MOAApplicationException {
+
+		String structure = dataObjectInfo.getStructure();
+
+		CMSDataObject dataObject = this.transformerUtils.parseDataObject(dataObjectInfo.getDataObject());
+
+		return factory.createDataObjectInfo(structure, dataObject);
+
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java
new file mode 100644
index 0000000..3799fde
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/CMSVerifySignatureBindingImpl.java
@@ -0,0 +1,139 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Iterator;
+import java.util.List;
+import java.util.StringTokenizer;
+
+import at.gv.egiz.moasig.ObjectFactory;
+import at.gv.egiz.moasig.VerifyCMSSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse;
+import at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.common.CheckResult;
+import at.gv.egovernment.moa.spss.api.common.SignerInfo;
+import at.gv.egovernment.moa.spss.server.webservice.CMSVerifySignatureBinding;
+import at.gv.egovernment.moa.util.CollectionUtils;
+
+public class CMSVerifySignatureBindingImpl implements CMSVerifySignatureBinding {
+
+	private TransformerUtils transformerUtils = new TransformerUtils();
+
+	/** The factory to create API objects. */
+	private SPSSFactory factory = SPSSFactory.getInstance();
+
+	@Override
+	public VerifyCMSSignatureRequest buildCMSRequest(
+			at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) throws MOAApplicationException {
+
+		Date dateTime = null;
+		if (verifyCMSSignatureRequest.getDateTime() == null) {
+			dateTime = verifyCMSSignatureRequest.getDateTime().toGregorianCalendar().getTime();
+		}
+
+		int[] signatories = parseSignatories(verifyCMSSignatureRequest);
+
+		CMSDataObject dataObject = this.transformerUtils.parseDataObject(verifyCMSSignatureRequest.getDataObject());
+
+		String trustProfileID = null;
+
+		if (verifyCMSSignatureRequest.getTrustProfileID() != null) {
+			trustProfileID = verifyCMSSignatureRequest.getTrustProfileID();
+		}
+
+		InputStream cmsSignature = new ByteArrayInputStream(verifyCMSSignatureRequest.getCMSSignature());
+
+		return factory.createVerifyCMSSignatureRequest(signatories, dateTime, cmsSignature, dataObject, trustProfileID);
+	}
+
+	/**
+	 * Parse the <code>Signatories</code> attribute contained in the
+	 * <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * @return The signatories contained in the given
+	 *         <code>VerifyCMSSignatureRequest</code> DOM element.
+	 */
+	private int[] parseSignatories(at.gv.egiz.moasig.VerifyCMSSignatureRequest verifyCMSSignatureRequest) {
+		Iterator<String> signatoriesIterator = verifyCMSSignatureRequest.getSignatories().iterator();
+		List signatoriesList = new ArrayList();
+
+		int[] signatories;
+		while (signatoriesIterator.hasNext()) {
+			String signatorie = signatoriesIterator.next();
+
+			if ("all".equals(signatorie)) {
+				return VerifyCMSSignatureRequest.ALL_SIGNATORIES;
+			} else {
+				StringTokenizer tokenizer = new StringTokenizer(signatorie);
+				// put the signatories into a List
+				while (tokenizer.hasMoreTokens()) {
+					try {
+						signatoriesList.add(new Integer(tokenizer.nextToken()));
+					} catch (NumberFormatException e) {
+						// this cannot occur if the request has been validated
+					}
+				}
+			}
+
+		}
+
+		// convert the List into an int array
+		signatories = CollectionUtils.toIntArray(signatoriesList);
+
+		return signatories;
+	}
+
+	
+
+	@Override
+	public VerifyCMSSignatureResponseType buildCMSResponse(VerifyCMSSignatureResponse response)
+			throws MOAApplicationException {
+
+		VerifyCMSSignatureResponseType verifyCMSSignatureResponseType = new VerifyCMSSignatureResponseType();
+
+		Iterator iter;
+
+		for (iter = response.getResponseElements().iterator(); iter.hasNext();) {
+			VerifyCMSSignatureResponseElement responseElement = (VerifyCMSSignatureResponseElement) iter.next();
+			addResponseElement(verifyCMSSignatureResponseType, responseElement);
+		}
+
+		return verifyCMSSignatureResponseType;
+	}
+
+	/**
+	 * Add an element to the response.
+	 * 
+	 * @param responseElement
+	 *            The element to add to the response.
+	 * @throws MOAApplicationException
+	 *             An error occurred adding the element.
+	 */
+	private void addResponseElement(VerifyCMSSignatureResponseType verifyCMSSignatureResponseType,
+			VerifyCMSSignatureResponseElement responseElement) throws MOAApplicationException {
+
+		SignerInfo signerInfo = responseElement.getSignerInfo();
+		CheckResult signatureCheck = responseElement.getSignatureCheck();
+		CheckResult certCheck = responseElement.getCertificateCheck();
+
+		ObjectFactory of = new ObjectFactory();
+		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck().add(
+				of.createVerifyCMSSignatureResponseTypeSignerInfo(this.transformerUtils.buildSignerInfo(signerInfo)));
+		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck()
+				.add(of.createVerifyCMSSignatureResponseTypeSignatureCheck(
+						this.transformerUtils.buildCheckResult(signatureCheck)));
+
+		verifyCMSSignatureResponseType.getSignerInfoAndSignatureCheckAndCertificateCheck()
+		.add(of.createVerifyCMSSignatureResponseTypeCertificateCheck(
+				this.transformerUtils.buildCheckResult(certCheck)));
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFCreateSignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFCreateSignatureBindingImpl.java
new file mode 100644
index 0000000..dfe3ce5
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFCreateSignatureBindingImpl.java
@@ -0,0 +1,86 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.math.BigInteger;
+import java.util.Iterator;
+
+import at.gv.egiz.moasig.CreatePDFSignatureRequest;
+import at.gv.egiz.moasig.CreatePDFSignatureResponseType;
+import at.gv.egiz.moasig.ErrorResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.server.webservice.PDFCreateSignatureBinding;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRespone;
+import at.gv.egovernment.moa.spss.server.xmlbind.PDFSignatureInfo;
+import at.gv.egovernment.moa.spss.server.xmlbind.SignedPDFInfo;
+
+public class PDFCreateSignatureBindingImpl implements PDFCreateSignatureBinding {
+	
+	public PDFCreateSignatureBindingImpl() {
+	}
+	
+	@Override
+	public CreatePDFRequest buildPDFRequest(CreatePDFSignatureRequest createCMSSignatureRequest)
+			throws MOAApplicationException {
+		String keyIdentifier = createCMSSignatureRequest.getKeyIdentifier();
+		CreatePDFRequest createPDFRequest = new CreatePDFRequest(keyIdentifier);
+		Iterator<at.gv.egiz.moasig.CreatePDFSignatureRequest.SingleSignatureInfo> iter = 
+				createCMSSignatureRequest.getSingleSignatureInfo().iterator();
+
+		while(iter.hasNext()) {
+			at.gv.egiz.moasig.CreatePDFSignatureRequest.SingleSignatureInfo singleSignatureInfo = iter.next();
+			createPDFRequest.getSignatureInfoList().add(parseSingleSignatureInfo(singleSignatureInfo));
+		}
+		
+		return createPDFRequest;
+	}
+
+	@Override
+	public CreatePDFSignatureResponseType buildPDFResponse(CreatePDFRespone response) throws MOAApplicationException {
+		
+		CreatePDFSignatureResponseType createPDFSignatureResponseType = new CreatePDFSignatureResponseType();
+		
+		Iterator<SignedPDFInfo> iter = response.getSignatureInfoList().iterator();
+		
+		while(iter.hasNext()) {
+			SignedPDFInfo signedPDFInfo = iter.next();
+
+			createPDFSignatureResponseType.getPDFSignature().add(buildPDFSignedResponse(signedPDFInfo));
+		}
+		return createPDFSignatureResponseType;
+	}
+
+	public PDFSignatureInfo parseSingleSignatureInfo(
+			at.gv.egiz.moasig.CreatePDFSignatureRequest.SingleSignatureInfo singleSignatureInfo)
+					throws MOAApplicationException {
+		String signatureProfile = singleSignatureInfo.getSignatureProfile();
+		String signaturePosition = singleSignatureInfo.getSignaturePosition();
+		String signatureID = singleSignatureInfo.getSignatureID();
+		byte[] inputPDF = singleSignatureInfo.getPDFDocument();
+		PDFSignatureInfo PDFSignatureInfo = new PDFSignatureInfo(inputPDF,
+				signatureProfile, signaturePosition, signatureID);
+		
+		return PDFSignatureInfo;
+	}
+	
+	public at.gv.egiz.moasig.PDFSignedRepsonse buildPDFSignedResponse(SignedPDFInfo signedPDFInfo) {
+		at.gv.egiz.moasig.PDFSignedRepsonse response = new at.gv.egiz.moasig.PDFSignedRepsonse();
+		
+		response.setSignatureID(signedPDFInfo.getSignatureID());
+		
+		switch (signedPDFInfo.getResponseType()) {
+		case SignedPDFInfo.SUCCESS_SIGNATURE:
+			response.setPDFSignature(signedPDFInfo.getPdfDocument());
+			break;
+
+		default:
+			ErrorResponseType errorResponseType = new ErrorResponseType();
+			errorResponseType.setErrorCode(BigInteger.valueOf(signedPDFInfo.getErrorCode()));
+			errorResponseType.setInfo(signedPDFInfo.getErrorInfo());
+			response.setErrorResponse(errorResponseType);
+			break;
+		}
+		
+		return response;
+	}
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFVerifySignatureBindingImpl.java
new file mode 100644
index 0000000..42301ad
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/PDFVerifySignatureBindingImpl.java
@@ -0,0 +1,25 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import at.gv.egiz.moasig.VerifyPDFSignatureRequest;
+import at.gv.egiz.moasig.VerifyPDFSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.server.webservice.PDFVerifySignatureBinding;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFResponse;
+
+public class PDFVerifySignatureBindingImpl implements PDFVerifySignatureBinding {
+
+	@Override
+	public VerifyPDFRequest buildPDFRequest(VerifyPDFSignatureRequest createCMSSignatureRequest)
+			throws MOAApplicationException {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	@Override
+	public VerifyPDFSignatureResponseType buildPDFResponse(VerifyPDFResponse response) throws MOAApplicationException {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformParser.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformParser.java
new file mode 100644
index 0000000..cd10260
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformParser.java
@@ -0,0 +1,363 @@
+/*
+ * Copyright 2003 Federal Chancellery Austria
+ * MOA-SPSS has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.Serializable;
+import java.io.StringBufferInputStream;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.StringTokenizer;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.parsers.DocumentBuilder;
+import javax.xml.parsers.DocumentBuilderFactory;
+import javax.xml.parsers.ParserConfigurationException;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.traversal.NodeIterator;
+import org.xml.sax.SAXException;
+
+import at.gv.egiz.moasig.MoaTransformType;
+import at.gv.egiz.moasig.MoaTransformsType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Base64Transform;
+import at.gv.egovernment.moa.spss.api.common.CanonicalizationTransform;
+import at.gv.egovernment.moa.spss.api.common.EnvelopedSignatureTransform;
+import at.gv.egovernment.moa.spss.api.common.ExclusiveCanonicalizationTransform;
+import at.gv.egovernment.moa.spss.api.common.Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter;
+import at.gv.egovernment.moa.spss.api.common.XPathFilter2Transform;
+import at.gv.egovernment.moa.spss.api.common.XPathTransform;
+import at.gv.egovernment.moa.spss.api.common.XSLTTransform;
+import at.gv.egovernment.moa.util.Constants;
+import at.gv.egovernment.moa.util.DOMUtils;
+import at.gv.egovernment.moa.util.XPathUtils;
+
+/**
+ * A parser to parse XMLDsig <code>Transform</code> DOM elements into their MOA
+ * SPSS API representation.
+ * 
+ * @author Patrick Peck
+ * @version $Id$
+ */
+public class TransformParser {
+	//
+	// XPath expressions for selecting information from the DOM tree
+	//
+	private static final String DSIG = Constants.DSIG_PREFIX + ":";
+	private static final String DSIG_FILTER2 = Constants.DSIG_FILTER2_PREFIX + ":";
+	private static final String XSLT = Constants.XSLT_PREFIX + ":";
+	private static final String EC = Constants.DSIG_EC_PREFIX + ":";
+	private static final String TRANSFORM_XPATH = DSIG + "Transform";
+	private static final String XPATH_XPATH = DSIG + "XPath";
+	private static final String XSLT_ELEMENT_XPATH = XSLT + "stylesheet";
+	private static final String XPATH2_XPATH = (DSIG_FILTER2 + "XPath[@Filter=\"intersect\"] | ")
+			+ (DSIG_FILTER2 + "XPath[@Filter=\"subtract\"] | ") + (DSIG_FILTER2 + "XPath[@Filter=\"union\"]");
+	private static final String INCLUSIVE_NAMESPACES_XPATH = EC + "InclusiveNamespaces";
+
+	/**
+	 * The <code>SPSSFactory</code> to use for creating new API objects.
+	 */
+	private SPSSFactory factory = SPSSFactory.getInstance();
+
+	/**
+	 * Parse an XMLDsig <code>Transforms</code> DOM element.
+	 * 
+	 * @param transformsElem
+	 *            The <code>Transforms</code> DOM element to parse.
+	 * @return A <code>List</code> of <code>Transform</code> API objects
+	 *         containing the data from the individual <code>Transform</code>
+	 *         DOM elements.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>Transforms</code> DOM
+	 *             element.
+	 */
+	public List parseTransforms(MoaTransformsType moaTransformsType) throws MOAApplicationException {
+		List transforms = new ArrayList();
+		if (moaTransformsType.getMoaTransform() != null) {
+			Iterator<MoaTransformType> transformIterator = moaTransformsType.getMoaTransform().iterator();
+
+			while (transformIterator.hasNext()) {
+				MoaTransformType transformType = transformIterator.next();
+				Transform transform = parseTransform(transformType);
+				transforms.add(transform);
+			}
+		}
+		return transforms;
+	}
+
+	/**
+	 * Parse an XMLDsig <code>Transform</code> DOM element.
+	 * 
+	 * @param transformElem
+	 *            <code>Transform</code> DOM element to parse.
+	 * @return The <code>Transform</code> API object containing the data from
+	 *         the <code>Transform</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>Transform</code> DOM
+	 *             element.
+	 */
+	public Transform parseTransform(MoaTransformType transformType) throws MOAApplicationException {
+
+		String algorithmUri = transformType.getAlgorithm();// transformElem.getAttribute("Algorithm");
+
+		if (CanonicalizationTransform.CANONICAL_XML.equals(algorithmUri)
+				|| CanonicalizationTransform.CANONICAL_XML_WITH_COMMENTS.equals(algorithmUri)) {
+			return factory.createCanonicalizationTransform(algorithmUri);
+		} else if (ExclusiveCanonicalizationTransform.EXCLUSIVE_CANONICAL_XML.equals(algorithmUri)
+				|| ExclusiveCanonicalizationTransform.EXCLUSIVE_CANONICAL_XML_WITH_COMMENTS.equals(algorithmUri)) {
+			return parseExclusiveC14nTransform(algorithmUri, transformType);
+		} else if (Base64Transform.BASE64_DECODING.equals(algorithmUri)) {
+			return factory.createBase64Transform();
+		} else if (EnvelopedSignatureTransform.ENVELOPED_SIGNATURE.equals(algorithmUri)) {
+			return factory.createEnvelopedSignatureTransform();
+		} else if (XPathTransform.XPATH.equals(algorithmUri)) {
+			return parseXPathTransform(transformType);
+		} else if (XPathFilter2Transform.XPATH_FILTER2.equals(algorithmUri)) {
+			return parseXPathFilter2Transform(transformType);
+		} else if (XSLTTransform.XSLT.equals(algorithmUri)) {
+			return parseXSLTTransform(transformType);
+		} else {
+			throw new MOAApplicationException("1108", new Object[] { algorithmUri });
+		}
+	}
+
+	private List<byte[]> getDataObjectFromMoaTransform(MoaTransformType transformType) {
+		Iterator<Serializable> objectsIterator = transformType.getContent().iterator();
+		List<byte[]> dataObjects = new ArrayList<byte[]>();
+		while (objectsIterator.hasNext()) {
+			Serializable serializable = objectsIterator.next();
+			if (serializable instanceof JAXBElement<?>) {
+				JAXBElement<?> jaxb = (JAXBElement<?>) serializable;
+				if (jaxb.getDeclaredType() == byte[].class) {
+					JAXBElement<byte[]> jaxbString = (JAXBElement<byte[]>) serializable;
+					dataObjects.add(jaxbString.getValue());
+				}
+			}
+		}
+		return dataObjects;
+	}
+
+	private List<String> getStringFromMoaTransform(MoaTransformType transformType) {
+		Iterator<Serializable> objectsIterator = transformType.getContent().iterator();
+		List<String> dataObjects = new ArrayList<String>();
+		while (objectsIterator.hasNext()) {
+			Serializable serializable = objectsIterator.next();
+			if (serializable instanceof JAXBElement<?>) {
+				JAXBElement<?> jaxb = (JAXBElement<?>) serializable;
+				if (jaxb.getDeclaredType() == String.class) {
+					JAXBElement<String> jaxbString = (JAXBElement<String>) serializable;
+					dataObjects.add(jaxbString.getValue());
+				}
+			} else if (serializable instanceof String) {
+				dataObjects.add((String) serializable);
+			}
+		}
+		return dataObjects;
+	}
+
+	/**
+	 * Parse an exclusive canonicalization type of transform.
+	 * 
+	 * @param algorithmUri
+	 *            The algorithm URI of the canonicalization algorithm.
+	 * @param transformElem
+	 *            The <code>Transform</code> DOM element to parse.
+	 * @return An <code>ExclusiveCanonicalizationTransform</code> API object
+	 *         containing the data from the <code>transformElem</code>.
+	 * @throws MOAApplicationException
+	 */
+	private Transform parseExclusiveC14nTransform(String algorithmUri, MoaTransformType transformType)
+			throws MOAApplicationException {
+		List<byte[]> data = getDataObjectFromMoaTransform(transformType);
+		List inclusiveNamespaces = new ArrayList();
+		Iterator<byte[]> dataIterator = data.iterator();
+		while (dataIterator.hasNext()) {
+			byte[] dataObject = dataIterator.next();
+			Element transform;
+			try {
+				transform = DOMUtils.parseXmlNonValidating(new ByteArrayInputStream(dataObject));
+			} catch (ParserConfigurationException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			} catch (SAXException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			} catch (IOException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			}
+
+			Element inclusiveNamespacesElem = (Element) XPathUtils.selectSingleNode(transform,
+					INCLUSIVE_NAMESPACES_XPATH);
+
+			if (inclusiveNamespacesElem != null) {
+				StringTokenizer tokenizer = new StringTokenizer(inclusiveNamespacesElem.getAttribute("PrefixList"));
+				while (tokenizer.hasMoreTokens()) {
+					inclusiveNamespaces.add(tokenizer.nextToken());
+				}
+			}
+		}
+		return factory.createExclusiveCanonicalizationTransform(algorithmUri, inclusiveNamespaces);
+	}
+
+	/**
+	 * Parse an <code>XPath</code> type of <code>Transform</code>.
+	 * 
+	 * @param transformElem
+	 *            The <code>Transform</code> DOM element to parse.
+	 * @return The <code>Transform</code> API object representation of the
+	 *         <code>Transform</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>Transform</code> DOM
+	 *             element.
+	 */
+	private Transform parseXPathTransform(MoaTransformType transformType) throws MOAApplicationException {
+		// TODO: XPATH Namespace Declarations
+		List<String> xPathTransforms = getStringFromMoaTransform(transformType);
+		Map nsDecls;
+		if (xPathTransforms.isEmpty()) {
+			throw new MOAApplicationException("2202", null);
+		}
+		nsDecls = new HashMap();
+		return factory.createXPathTransform(xPathTransforms.get(0), nsDecls);
+		/*
+		 * Element xPathElem = (Element)
+		 * XPathUtils.selectSingleNode(transformElem, XPATH_XPATH);
+		 * 
+		 * 
+		 * if (xPathElem == null) { throw new MOAApplicationException("2202",
+		 * null); }
+		 * 
+		 * nsDecls = DOMUtils.getNamespaceDeclarations(xPathElem);
+		 * nsDecls.remove("");
+		 * 
+		 * return factory.createXPathTransform(DOMUtils.getText(xPathElem),
+		 * nsDecls);
+		 */
+	}
+
+	/**
+	 * Parse an <code>XPathFilter2</code> type of <code>Transform</code>.
+	 * 
+	 * @param transformElem
+	 *            The <code>Transform</code> DOM element to parse.
+	 * @return The <code>Transform</code> API object representation of the
+	 *         <code>Transform</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>Transform</code> DOM
+	 *             element.
+	 */
+	private Transform parseXPathFilter2Transform(MoaTransformType transformType) throws MOAApplicationException {
+
+		List<byte[]> data = getDataObjectFromMoaTransform(transformType);
+
+		List filters = new ArrayList();
+		Iterator<byte[]> dataIterator = data.iterator();
+		while (dataIterator.hasNext()) {
+			byte[] dataObject = dataIterator.next();
+			Element transform;
+			try {
+				transform = DOMUtils.parseXmlNonValidating(new ByteArrayInputStream(dataObject));
+			} catch (ParserConfigurationException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			} catch (SAXException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			} catch (IOException e) {
+				throw new MOAApplicationException("failed to parse transform element", null, e);
+			}
+
+			NodeIterator iter = XPathUtils.selectNodeIterator(transform, XPATH2_XPATH);
+			Element filterElem;
+
+			while ((filterElem = (Element) iter.nextNode()) != null) {
+				String filterAttr = filterElem.getAttribute("Filter");
+				String filterType;
+				String expression;
+				Map nsDecls;
+
+				if (filterAttr.equals("intersect")) {
+					filterType = XPathFilter.INTERSECT_TYPE;
+				} else if (filterAttr.equals("subtract")) {
+					filterType = XPathFilter.SUBTRACT_TYPE;
+				} else {
+					filterType = XPathFilter.UNION_TYPE;
+				}
+
+				expression = DOMUtils.getText(filterElem);
+				nsDecls = DOMUtils.getNamespaceDeclarations(filterElem);
+				nsDecls.remove("");
+				filters.add(factory.createXPathFilter(filterType, expression, nsDecls));
+			}
+		}
+		if (filters.size() == 0) {
+			throw new MOAApplicationException("2216", null);
+		}
+
+		return factory.createXPathFilter2Transform(filters);
+	}
+
+	/**
+	 * Parse an <code>XSLT</code> type of <code>Transform</code>.
+	 * 
+	 * @param transformElem
+	 *            The <code>Transform</code> DOM element to parse.
+	 * @return The <code>Transform</code> API object representation of the
+	 *         <code>Transform</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>Transform</code> DOM
+	 *             element.
+	 */
+	private Transform parseXSLTTransform(MoaTransformType transformType) throws MOAApplicationException {
+		List<byte[]> data = getDataObjectFromMoaTransform(transformType);
+
+		if (data.isEmpty()) {
+			throw new MOAApplicationException("2215", null);
+		}
+
+		byte[] dataObject = data.get(0);
+		Element transform;
+		try {
+			transform = DOMUtils.parseXmlNonValidating(new ByteArrayInputStream(dataObject));
+		} catch (ParserConfigurationException e) {
+			throw new MOAApplicationException("failed to parse transform element", null, e);
+		} catch (SAXException e) {
+			throw new MOAApplicationException("failed to parse transform element", null, e);
+		} catch (IOException e) {
+			throw new MOAApplicationException("failed to parse transform element", null, e);
+		}
+
+		Element xsltElem = (Element) XPathUtils.selectSingleNode(transform, XSLT_ELEMENT_XPATH);
+
+		if (xsltElem == null) {
+
+		}
+
+		return factory.createXSLTTransform(xsltElem);
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java
new file mode 100644
index 0000000..b069a60
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/TransformerUtils.java
@@ -0,0 +1,518 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.ByteArrayInputStream;
+import java.io.InputStream;
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.security.cert.CertificateEncodingException;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.bind.JAXBElement;
+
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egiz.moasig.MetaInfoType;
+import at.gv.egiz.moasig.PublicAuthorityType;
+import at.gv.egiz.moasig.QualifiedCertificate;
+import at.gv.egiz.moasig.SecureSignatureCreationDevice;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSContent;
+import at.gv.egovernment.moa.spss.api.cmsverify.CMSDataObject;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.MetaInfo;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureEnvironmentProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateSignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlsign.DataObjectInfo;
+import at.gv.egovernment.moa.spss.api.xmlsign.SingleSignatureInfo;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+public class TransformerUtils {
+
+	/** The factory to create API objects. */
+	private SPSSFactory factory;
+
+	/**
+	 * Create a new <code>CreateXMLSignatureRequestParser</code>.
+	 */
+	public TransformerUtils() {
+		this.factory = SPSSFactory.getInstance();
+	}
+
+	public SingleSignatureInfo buildSingleSignatureInfo(
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo singleSignatureInfo)
+					throws MOAApplicationException {
+
+		List dataObjectInfos = new ArrayList();
+
+		Iterator<at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.DataObjectInfo> dataObjectInfoIterator = singleSignatureInfo
+				.getDataObjectInfo().iterator();
+
+		while (dataObjectInfoIterator.hasNext()) {
+			dataObjectInfos.add(buildDataObjectInfo(dataObjectInfoIterator.next()));
+		}
+
+		at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.CreateSignatureInfo createSignatureInfoWeb = singleSignatureInfo
+				.getCreateSignatureInfo();
+
+		CreateSignatureInfo createSignatureInfo = buildCreateSignatureInfo(createSignatureInfoWeb);
+
+		boolean securityLayerConform = singleSignatureInfo.isSecurityLayerConformity();
+
+		return factory.createSingleSignatureInfo(dataObjectInfos, createSignatureInfo, securityLayerConform);
+	}
+
+	public DataObjectInfo buildDataObjectInfo(
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.DataObjectInfo dataObjectInfo)
+					throws MOAApplicationException {
+		String structure = dataObjectInfo.getStructure();
+		boolean childOfManifest = dataObjectInfo.isChildOfManifest();
+
+		Content dataObject = buildContent(dataObjectInfo.getDataObject());
+
+		CreateTransformsInfoProfile createTransformsInfoProfile = parseCreateTransformsInfoProfile(
+				dataObjectInfo.getCreateTransformsInfoProfile());
+
+		return factory.createDataObjectInfo(structure, childOfManifest, dataObject, createTransformsInfoProfile);
+	}
+
+	public CreateSignatureInfo buildCreateSignatureInfo(
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.CreateSignatureInfo createSignatureInfo)
+					throws MOAApplicationException {
+		// TODO:
+		if (createSignatureInfo == null) {
+			return null;
+		} else {
+			Content environment = buildContent(createSignatureInfo.getCreateSignatureEnvironment());
+			CreateSignatureEnvironmentProfile environmentProfile = parseCreateSignatureEnvironmentProfile(
+					createSignatureInfo);
+			return factory.createCreateSignatureInfo(environment, environmentProfile);
+		}
+	}
+
+	public CreateSignatureEnvironmentProfile parseCreateSignatureEnvironmentProfile(
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.CreateSignatureInfo createSignatureInfo)
+					throws MOAApplicationException {
+		if (createSignatureInfo.getCreateSignatureEnvironmentProfile() != null) {
+			return parseCreateSignatureEnvironmentProfile(createSignatureInfo.getCreateSignatureEnvironmentProfile());
+		} else {
+			String profileID = createSignatureInfo.getCreateSignatureEnvironmentProfileID();
+			return factory.createCreateSignatureEnvironmentProfile(profileID);
+		}
+	}
+
+	public CreateTransformsInfoProfile parseCreateTransformsInfoProfile(
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo.DataObjectInfo dataObjectInfo)
+					throws MOAApplicationException {
+		if (dataObjectInfo.getCreateTransformsInfoProfile() != null) {
+			at.gv.egiz.moasig.CreateTransformsInfoProfile createTransformsInfoProfile = dataObjectInfo
+					.getCreateTransformsInfoProfile();
+			return parseCreateTransformsInfoProfile(createTransformsInfoProfile);
+		} else {
+			String profileID = dataObjectInfo.getCreateTransformsInfoProfileID();
+			return factory.createCreateTransformsInfoProfile(profileID);
+		}
+	}
+
+	/**
+	 * Parse a <code>CreateTransformsInfoProfile</code> DOM element.
+	 * 
+	 * @param profileElem
+	 *            The <code>CreateTransformsInfoProfile</code> element to parse.
+	 * @return The <code>CreateTransformsInfoProfile</code> API object
+	 *         containing the data from the <code>profileElem</code>.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the DOM element.
+	 */
+	public CreateTransformsInfoProfile parseCreateTransformsInfoProfile(
+			at.gv.egiz.moasig.CreateTransformsInfoProfile createTransformsInfoProfile) throws MOAApplicationException {
+		CreateTransformsInfo createTransformsInfo = parseCreateTransformsInfo(
+				createTransformsInfoProfile.getCreateTransformsInfo());
+		List supplements = parseSupplements(createTransformsInfoProfile.getSupplement());
+		return factory.createCreateTransformsInfoProfile(createTransformsInfo, supplements);
+	}
+
+	/**
+	 * Parse a <code>XMLDataObjectAssociationType</code> kind of DOM element.
+	 * 
+	 * @param assocElem
+	 *            The <code>XMLDataObjectAssociationType</code> kind of DOM
+	 *            elmeent to parse.
+	 * @return The <code>XMLDataObjectAssociation</code> API object containing
+	 *         the data from the <code>XMLDataObjectAssociationType</code> DOM
+	 *         element.
+	 * @throws MOAApplicationException
+	 */
+	public XMLDataObjectAssociation parseXMLDataObjectAssociation(
+			at.gv.egiz.moasig.XMLDataObjectAssociationType xmlDataObjectAssociationType)
+					throws MOAApplicationException {
+
+		MetaInfo metaInfo = parseMetaInfo(xmlDataObjectAssociationType.getMetaInfo());
+
+		Content content = buildContent(xmlDataObjectAssociationType.getContent());
+
+		return factory.createXMLDataObjectAssociation(metaInfo, content);
+	}
+
+	/**
+	 * Parse a <code>CreateSignatureEnvironmentProfile</code> DOM element.
+	 * 
+	 * @param profileElem
+	 *            The <code>CreateSignatureEnvironmentProfile</code> DOM element
+	 *            to parse.
+	 * @return The <code>CreateSignatureEnvironmentProfile</code> API object
+	 *         containing the data from the <code>profileElem</code>.
+	 * @throws MOAApplicationException
+	 */
+	public CreateSignatureEnvironmentProfile parseCreateSignatureEnvironmentProfile(
+			at.gv.egiz.moasig.CreateSignatureEnvironmentProfile createSignatureEnvironmentProfile)
+					throws MOAApplicationException {
+
+		CreateSignatureLocation createSignatureLocation = parseCreateSignatureLocation(
+				createSignatureEnvironmentProfile.getCreateSignatureLocation());
+		List supplements = parseSupplements(createSignatureEnvironmentProfile.getSupplement());
+
+		return factory.createCreateSignatureEnvironmentProfile(createSignatureLocation, supplements);
+	}
+
+	/**
+	 * Parse a <code>CreateSignatureLocation</code> DOM element contained in a
+	 * <code>CreateSignatureEnvironmentProfile</code>.
+	 * 
+	 * @param profileElem
+	 *            The <code>CreateSignatureEnvironmentProfile</code> DOM element
+	 *            containing the <code>CreateSignatureLocation</code>.
+	 * @return The <code>CreateSignatureLocation</code> API object containing
+	 *         the data from the <code>CreateSignatureLocation</code> DOM
+	 *         element.
+	 */
+	private CreateSignatureLocation parseCreateSignatureLocation(
+			at.gv.egiz.moasig.CreateSignatureLocationType createSignatureLocationType) {
+
+		String xPathExpression = createSignatureLocationType.getValue();
+		Map namespaceDeclarations = new HashMap();// DOMUtils.getNamespaceDeclarations(locationElem);
+		int index = createSignatureLocationType.getIndex().intValue();
+		// Integer.parseInt(indexStr);
+
+		return factory.createCreateSignatureLocation(xPathExpression, index, namespaceDeclarations);
+	}
+
+	/**
+	 * Parse all <code>Supplement</code> DOM elements contained in a given
+	 * parent DOM element.
+	 * 
+	 * @param supplementsParentElem
+	 *            The DOM element being the parent of the
+	 *            <code>Supplement</code>s.
+	 * @return A <code>List</code> of <code>Supplement</code> API objects
+	 *         containing the data from the <code>Supplement</code> DOM
+	 *         elements.
+	 * @throws MOAApplicationException
+	 */
+	private List parseSupplements(List<at.gv.egiz.moasig.XMLDataObjectAssociationType> supplementsList)
+			throws MOAApplicationException {
+		List supplements = new ArrayList();
+		Iterator<at.gv.egiz.moasig.XMLDataObjectAssociationType> supplementsIterator = supplementsList.iterator();
+
+		while (supplementsIterator.hasNext()) {
+			at.gv.egiz.moasig.XMLDataObjectAssociationType xmlDataObjectAssociationType = supplementsIterator.next();
+			XMLDataObjectAssociation supplement = parseXMLDataObjectAssociation(xmlDataObjectAssociationType);
+			supplements.add(supplement);
+		}
+		return supplements;
+	}
+
+	/**
+	 * Parse the <code>CreateTransformsInfo</code> DOM element contained in a
+	 * <code>CreateTransformsInfoProfile</code>.
+	 * 
+	 * @param profileElem
+	 *            The <code>CreateTransformsInfoProfile</code> DOM element
+	 *            containing the <code>CreateTransformsInfo</code>.
+	 * @return The <code>CreateTransformsInfo</code> API object containinig the
+	 *         data from the <code>CreateTransformsInfo</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the
+	 *             <code>CreateTransformsInfo</code> DOM element.
+	 */
+	public CreateTransformsInfo parseCreateTransformsInfo(at.gv.egiz.moasig.TransformsInfoType transformsInfoType)
+			throws MOAApplicationException {
+		MetaInfo finalDataMetaInfo = null;
+		List transforms = null;
+		if (transformsInfoType != null) {
+			if (transformsInfoType.getMoaTransforms() != null) {
+				if (transformsInfoType.getMoaTransforms() != null) {
+					// Transform Parser with MoaTransformsType
+					at.gv.egovernment.moa.spss.server.webservice.binding.TransformParser parser = new at.gv.egovernment.moa.spss.server.webservice.binding.TransformParser();
+					transforms = parser.parseTransforms(transformsInfoType.getMoaTransforms());
+				}
+			}
+
+			finalDataMetaInfo = parseMetaInfo(transformsInfoType.getFinalDataMetaInfo());
+		}
+		return factory.createCreateTransformsInfo(transforms, finalDataMetaInfo);
+	}
+
+	public Content buildContent(at.gv.egiz.moasig.DataObjectInfoType.DataObject dataObject)
+			throws MOAApplicationException {
+		String referenceURI = dataObject.getReference();
+		if (dataObject.getBase64Content() != null) {
+			return factory.createContent(new ByteArrayInputStream(dataObject.getBase64Content()), referenceURI);
+		} else if (dataObject.getLocRefContent() != null) {
+			String locationReferenceURI = dataObject.getLocRefContent();
+			return factory.createContent(locationReferenceURI, referenceURI);
+		} else {
+			return factory.createContent(referenceURI);
+		}
+	}
+
+	public Content buildContent(at.gv.egiz.moasig.ContentOptionalRefType contentBaseType)
+			throws MOAApplicationException {
+
+		String referenceURI = contentBaseType.getReference();
+
+		if (contentBaseType.getBase64Content() != null) {
+			return factory.createContent(new ByteArrayInputStream(contentBaseType.getBase64Content()), referenceURI);
+		} else if (contentBaseType.getLocRefContent() != null) {
+			String locationReferenceURI = contentBaseType.getLocRefContent();
+			return factory.createContent(locationReferenceURI, referenceURI);
+		} else {
+			return factory.createContent(referenceURI);
+		}
+	}
+
+	public MetaInfo parseMetaInfo(at.gv.egiz.moasig.FinalDataMetaInfoType metaInfoElem) {
+		SPSSFactory factory = SPSSFactory.getInstance();
+
+		String mimeType = metaInfoElem.getMimeType();
+		String description = metaInfoElem.getDescription();
+		String type = metaInfoElem.getType();
+		// TODO: any type not supported
+
+		return factory.createMetaInfo(mimeType, description, null, type);
+	}
+
+	public MetaInfo parseMetaInfo(at.gv.egiz.moasig.MetaInfoType metaInfoElem) {
+		SPSSFactory factory = SPSSFactory.getInstance();
+
+		String mimeType = metaInfoElem.getMimeType();
+		String description = metaInfoElem.getDescription();
+		// TODO: any and type not supported
+
+		return factory.createMetaInfo(mimeType, description, null, null);
+	}
+
+	public at.gv.egiz.moasig.KeyInfoType buildSignerInfo(at.gv.egovernment.moa.spss.api.common.SignerInfo signerInfo)
+			throws MOAApplicationException {
+		at.gv.egiz.moasig.KeyInfoType infoType = new at.gv.egiz.moasig.KeyInfoType();
+
+		at.gv.egiz.moasig.X509DataType x509DataType = new at.gv.egiz.moasig.X509DataType();
+
+		at.gv.egiz.moasig.ObjectFactory of = new at.gv.egiz.moasig.ObjectFactory();
+
+		// Set Issuer
+
+		at.gv.egiz.moasig.X509IssuerSerialType x509IssuerSerialType = new at.gv.egiz.moasig.X509IssuerSerialType();
+
+		x509IssuerSerialType.setX509IssuerName(signerInfo.getSignerCertificate().getIssuerDN().getName());
+		x509IssuerSerialType.setX509SerialNumber(signerInfo.getSignerCertificate().getSerialNumber());
+
+		x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName()
+				.add(of.createX509DataTypeX509IssuerSerial(x509IssuerSerialType));
+
+		// Set Subject
+		try {
+			RFC2253NameParser parser = new RFC2253NameParser(
+					signerInfo.getSignerCertificate().getSubjectDN().getName());
+			String subjectRfc2253 = parser.parse().getRFC2253String();
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName()
+					.add(of.createX509DataTypeX509SubjectName(subjectRfc2253));
+		} catch (RFC2253NameParserException e) {
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(
+					of.createX509DataTypeX509SubjectName(signerInfo.getSignerCertificate().getSubjectDN().getName()));
+		}
+
+		// Set Certificate
+		try {
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName()
+					.add(of.createX509DataTypeX509Certificate(signerInfo.getSignerCertificate().getEncoded()));
+		} catch (CertificateEncodingException e) {
+			throw new MOAApplicationException("2245", null, e);
+		}
+
+		// Qualified Cert
+
+		if (signerInfo.isQualifiedCertificate()) {
+			QualifiedCertificate qualifiedCertificate = of.createQualifiedCertificate();
+			if ("TLS".compareToIgnoreCase(signerInfo.getQCSource()) == 0) {
+				qualifiedCertificate.setSource(signerInfo.getQCSource());
+			}
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(qualifiedCertificate);
+		}
+
+		// Public Authority
+
+		if (signerInfo.isPublicAuthority()) {
+			PublicAuthorityType publicAuthorityType = of.createPublicAuthorityType();
+
+			if (signerInfo.getPublicAuhtorityID() != null) {
+				publicAuthorityType.setCode(signerInfo.getPublicAuhtorityID());
+			}
+
+			JAXBElement<PublicAuthorityType> publicAuthority = of.createPublicAuthority(publicAuthorityType);
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(publicAuthority);
+		}
+
+		// ssCD
+
+		if (signerInfo.isSSCD()) {
+			SecureSignatureCreationDevice sscd = of.createSecureSignatureCreationDevice();
+			sscd.setSource(signerInfo.getSSCDSource());
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName().add(sscd);
+		}
+
+		if (signerInfo.getIssuerCountryCode() != null) {
+			x509DataType.getX509IssuerSerialOrX509SKIOrX509SubjectName()
+					.add(of.createIssuingCountry(signerInfo.getIssuerCountryCode()));
+		}
+
+		return infoType;
+	}
+	
+	public at.gv.egiz.moasig.CheckResultType buildCheckResult(
+			at.gv.egovernment.moa.spss.api.common.CheckResult checkResult) {
+		at.gv.egiz.moasig.CheckResultType checkResultType = new at.gv.egiz.moasig.CheckResultType();
+		checkResultType.setCode(BigInteger.valueOf(checkResult.getCode()));
+
+		if (checkResult.getInfo() != null) {
+			at.gv.egiz.moasig.AnyChildrenType anyInfos = new at.gv.egiz.moasig.AnyChildrenType();
+
+			for (int idx = 0; idx < checkResult.getInfo().getLength(); idx++) {
+				Node node = checkResult.getInfo().item(idx);
+				if (node instanceof Element) {
+					anyInfos.getContent().add((Element) node);
+				}
+			}
+			
+			checkResultType.setInfo(anyInfos);
+		}
+		return checkResultType;
+	}
+	
+	/**
+	 * Parse a the <code>DataObject</code> DOM element contained in a given
+	 * <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyCMSSignatureRequest</code> DOM element to
+	 *            parse.
+	 * @return The <code>CMSDataObject</code> API object containing the data
+	 *         from the <code>DataObject</code> DOM element.
+	 */
+	public CMSDataObject parseDataObject(at.gv.egiz.moasig.CMSDataObjectRequiredMetaType cmsDataObject) {
+
+		if (cmsDataObject != null) {
+			MetaInfo metaInfo = null;
+
+			MetaInfoType metaInfoType = cmsDataObject.getMetaInfo();
+
+			if (metaInfoType != null) {
+				metaInfo = this.parseMetaInfo(metaInfoType);
+			}
+
+			at.gv.egiz.moasig.CMSContentBaseType cmsContent = cmsDataObject.getContent();
+
+			CMSContent content = parseContent(cmsContent);
+
+			BigDecimal excludeByteRangeFrom = null;
+
+			if (cmsDataObject.getFrom() != null) {
+				excludeByteRangeFrom = new BigDecimal(cmsDataObject.getFrom());
+			}
+
+			BigDecimal excludeByteRangeTo = null;
+			if (cmsDataObject.getTo() != null) {
+				excludeByteRangeTo = new BigDecimal(cmsDataObject.getTo());
+			}
+
+			return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo);
+
+		} else {
+			return null;
+		}
+
+	}
+	
+	/**
+	 * Parse a the <code>DataObject</code> DOM element contained in a given
+	 * <code>VerifyCMSSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyCMSSignatureRequest</code> DOM element to
+	 *            parse.
+	 * @return The <code>CMSDataObject</code> API object containing the data
+	 *         from the <code>DataObject</code> DOM element.
+	 */
+	public CMSDataObject parseDataObject(at.gv.egiz.moasig.CMSDataObjectOptionalMetaType cmsDataObject) {
+
+		if (cmsDataObject != null) {
+			MetaInfo metaInfo = null;
+
+			MetaInfoType metaInfoType = cmsDataObject.getMetaInfo();
+
+			if (metaInfoType != null) {
+				metaInfo = this.parseMetaInfo(metaInfoType);
+			}
+
+			at.gv.egiz.moasig.CMSContentBaseType cmsContent = cmsDataObject.getContent();
+
+			CMSContent content = parseContent(cmsContent);
+
+			BigDecimal excludeByteRangeFrom = null;
+
+			if (cmsDataObject.getFrom() != null) {
+				excludeByteRangeFrom = new BigDecimal(cmsDataObject.getFrom());
+			}
+
+			BigDecimal excludeByteRangeTo = null;
+			if (cmsDataObject.getTo() != null) {
+				excludeByteRangeTo = new BigDecimal(cmsDataObject.getTo());
+			}
+
+			return factory.createCMSDataObject(metaInfo, content, excludeByteRangeFrom, excludeByteRangeTo);
+
+		} else {
+			return null;
+		}
+
+	}
+
+	/**
+	 * Parse the content contained in a <code>CMSContentBaseType</code> kind of
+	 * DOM element.
+	 * 
+	 * @param contentElem
+	 *            The <code>CMSContentBaseType</code> kind of element to parse.
+	 * @return A <code>CMSDataObject</code> API object containing the data from
+	 *         the given DOM element.
+	 */
+	public CMSContent parseContent(at.gv.egiz.moasig.CMSContentBaseType cmsContent) {
+
+		if (cmsContent.getBase64Content() != null) {
+			InputStream binaryContent = new ByteArrayInputStream(cmsContent.getBase64Content());
+			return factory.createCMSContent(binaryContent);
+		} else {
+			return factory.createCMSContent(cmsContent.getReference());
+		}
+	}
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLCreateSignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLCreateSignatureBindingImpl.java
new file mode 100644
index 0000000..d5d50cd
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLCreateSignatureBindingImpl.java
@@ -0,0 +1,101 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.ArrayList;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.xml.transform.TransformerException;
+
+import at.gv.egiz.moasig.CreateXMLSignatureRequest;
+import at.gv.egiz.moasig.CreateXMLSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponseElement;
+import at.gv.egovernment.moa.spss.api.xmlsign.ErrorResponse;
+import at.gv.egovernment.moa.spss.api.xmlsign.SignatureEnvironmentResponse;
+import at.gv.egovernment.moa.spss.server.webservice.XMLCreateSignatureBinding;
+import at.gv.egovernment.moa.util.DOMUtils;
+
+public class XMLCreateSignatureBindingImpl implements XMLCreateSignatureBinding {
+
+	/** The factory to create API objects. */
+	private SPSSFactory factory;
+
+	/**
+	 * Create a new <code>CreateXMLSignatureRequestParser</code>.
+	 */
+	public XMLCreateSignatureBindingImpl() {
+		this.factory = SPSSFactory.getInstance();
+	}
+
+	@Override
+	public at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest buildXMLRequest(
+			CreateXMLSignatureRequest createXMLSignatureRequest) throws MOAApplicationException {
+
+		String keyIdentifier = createXMLSignatureRequest.getKeyIdentifier();
+
+		TransformerUtils transformerUtils = new TransformerUtils();
+		
+		List singleSignatureInfos = new ArrayList();
+
+		Iterator<at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo> singleSignatureInfoIterator = createXMLSignatureRequest
+				.getSingleSignatureInfo().iterator();
+
+		while (singleSignatureInfoIterator.hasNext()) {
+			at.gv.egiz.moasig.CreateXMLSignatureRequestType.SingleSignatureInfo singleSignatureInfo = singleSignatureInfoIterator
+					.next();
+			singleSignatureInfos.add(transformerUtils.buildSingleSignatureInfo(singleSignatureInfo));
+		}
+
+		return factory.createCreateXMLSignatureRequest(keyIdentifier, singleSignatureInfos);
+	}
+
+	
+
+	@Override
+	public CreateXMLSignatureResponseType buildXMLResponse(CreateXMLSignatureResponse response) throws MOAApplicationException {
+		CreateXMLSignatureResponseType createXMLSignatureResponseType = new CreateXMLSignatureResponseType();
+		List responseObjects = response.getResponseElements();
+		
+		Iterator responseIterator = responseObjects.iterator();
+		
+		while(responseIterator.hasNext()) {
+			Object responseObject = responseIterator.next();
+			
+			CreateXMLSignatureResponseElement responseElement =
+			        (CreateXMLSignatureResponseElement) responseObject;
+			
+			switch (responseElement.getResponseType()) {
+	        case CreateXMLSignatureResponseElement.SIGNATURE_ENVIRONMENT_RESPONSE :
+	          SignatureEnvironmentResponse envResponse =
+	            (SignatureEnvironmentResponse) responseElement;
+				byte[] signature;
+				try {
+					signature = DOMUtils.serializeNode(envResponse.getSignatureEnvironment(), "UTF-8");
+				} catch (TransformerException e) {
+					throw new MOAApplicationException("Failed to write xml signature to response", null, e);
+				} catch (IOException e) {
+					throw new MOAApplicationException("Failed to write xml signature to response", null, e);
+				}
+	          createXMLSignatureResponseType.getSignatureEnvironmentOrErrorResponse().add(signature);
+	          break;
+
+	        case CreateXMLSignatureResponseElement.ERROR_RESPONSE :
+	          ErrorResponse errorResponse = (ErrorResponse) responseElement;
+	          
+	          at.gv.egiz.moasig.ErrorResponseType errorResponseType = new at.gv.egiz.moasig.ErrorResponseType();
+	          errorResponseType.setErrorCode(BigInteger.valueOf(errorResponse.getErrorCode()));
+	          errorResponseType.setInfo(errorResponse.getInfo());
+	          
+	          createXMLSignatureResponseType.getSignatureEnvironmentOrErrorResponse().add(errorResponseType);
+	          break;
+	      }
+		}
+		
+		return createXMLSignatureResponseType;
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java
new file mode 100644
index 0000000..8295aed
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/binding/XMLVerifySignatureBindingImpl.java
@@ -0,0 +1,503 @@
+package at.gv.egovernment.moa.spss.server.webservice.binding;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.security.cert.CertificateEncodingException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+
+import javax.xml.bind.JAXBElement;
+import javax.xml.parsers.ParserConfigurationException;
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.io.IOUtils;
+import org.w3c.dom.Element;
+import org.w3c.dom.Node;
+
+import at.gv.egiz.moasig.MoaTransformsType;
+import at.gv.egiz.moasig.PublicAuthorityType;
+import at.gv.egiz.moasig.QualifiedCertificate;
+import at.gv.egiz.moasig.SecureSignatureCreationDevice;
+import at.gv.egiz.moasig.TransformParameterType;
+import at.gv.egiz.moasig.TransformParameterType.Hash;
+import at.gv.egiz.moasig.VerifyXMLSignatureResponseType;
+import at.gv.egiz.moasig.XMLDataObjectAssociationType;
+import at.gv.egovernment.moa.spss.MOAApplicationException;
+import at.gv.egovernment.moa.spss.api.SPSSFactory;
+import at.gv.egovernment.moa.spss.api.common.Content;
+import at.gv.egovernment.moa.spss.api.common.ContentBinary;
+import at.gv.egovernment.moa.spss.api.common.ContentXML;
+import at.gv.egovernment.moa.spss.api.common.InputData;
+import at.gv.egovernment.moa.spss.api.common.XMLDataObjectAssociation;
+import at.gv.egovernment.moa.spss.api.xmlverify.AdESFormResults;
+import at.gv.egovernment.moa.spss.api.xmlverify.ReferenceInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.SignatureManifestCheckParams;
+import at.gv.egovernment.moa.spss.api.xmlverify.SupplementProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.TransformParameter;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureInfo;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifySignatureLocation;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyTransformsInfoProfile;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest;
+import at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse;
+import at.gv.egovernment.moa.spss.server.webservice.XMLVerifySignatureBinding;
+import at.gv.egovernment.moa.util.DOMUtils;
+import iaik.utils.RFC2253NameParser;
+import iaik.utils.RFC2253NameParserException;
+
+public class XMLVerifySignatureBindingImpl implements XMLVerifySignatureBinding {
+
+	/** The <code>SPSSFactory</code> for creating new API objects. */
+	private SPSSFactory factory = SPSSFactory.getInstance();
+
+	private TransformerUtils transformerUtils = new TransformerUtils();
+
+	private TransformParser transformParser = new TransformParser();
+
+	@Override
+	public VerifyXMLSignatureRequest buildXMLRequest(
+			at.gv.egiz.moasig.VerifyXMLSignatureRequest verifyXMLSignatureRequest) throws MOAApplicationException {
+		Date dateTime = null;
+		if (verifyXMLSignatureRequest.getDateTime() != null) {
+			dateTime = verifyXMLSignatureRequest.getDateTime().toGregorianCalendar().getTime();
+		}
+		boolean returnHashInputData = false;
+		returnHashInputData = (verifyXMLSignatureRequest.getReturnHashInputData() != null);
+		String trustProfileID = verifyXMLSignatureRequest.getTrustProfileID();
+		VerifySignatureInfo verifySignatureInfo = parseVerifySignatureInfo(
+				verifyXMLSignatureRequest.getVerifySignatureInfo());
+		List supplementProfiles = parseSupplementProfiles(verifyXMLSignatureRequest);
+
+		SignatureManifestCheckParams signatureManifestCheckParams = this
+				.parseSignatureManifestCheckParams(verifyXMLSignatureRequest.getSignatureManifestCheckParams()); // TODO
+		return factory.createVerifyXMLSignatureRequest(dateTime, verifySignatureInfo, supplementProfiles,
+				signatureManifestCheckParams, returnHashInputData, trustProfileID);
+	}
+
+	@Override
+	public VerifyXMLSignatureResponseType buildXMLResponse(VerifyXMLSignatureResponse response)
+			throws MOAApplicationException {
+		VerifyXMLSignatureResponseType verifyXMLSignatureResponseType = new VerifyXMLSignatureResponseType();
+
+		verifyXMLSignatureResponseType.setSignerInfo(this.transformerUtils.buildSignerInfo(response.getSignerInfo()));
+
+		if (response.getHashInputDatas() != null && !response.getHashInputDatas().isEmpty()) {
+			for (Iterator iter = response.getHashInputDatas().iterator(); iter.hasNext();) {
+				InputData inputData = (InputData) iter.next();
+				verifyXMLSignatureResponseType.getHashInputData().add(buildInputData(inputData));
+			}
+		}
+
+		if (response.getReferenceInputDatas() != null && !response.getReferenceInputDatas().isEmpty()) {
+			for (Iterator iter = response.getReferenceInputDatas().iterator(); iter.hasNext();) {
+				InputData inputData = (InputData) iter.next();
+				verifyXMLSignatureResponseType.getReferenceInputData().add(buildInputData(inputData));
+			}
+		}
+
+		// add the SignatureCheck
+		verifyXMLSignatureResponseType.setSignatureCheck(buildReferencesCheckResult(response.getSignatureCheck()));
+
+		// add the SignatureManifestCheck
+		if (response.getSignatureManifestCheck() != null) {
+			verifyXMLSignatureResponseType.setSignatureManifestCheck(buildReferencesCheckResult(response.getSignatureManifestCheck()));
+		}
+
+		// add the XMLDsigManifestChecks
+		if(response.getXMLDsigManifestChecks() != null) {
+			List xmlDsigManifestChecks = response.getXMLDsigManifestChecks();
+			Iterator iter = xmlDsigManifestChecks.iterator();
+			while(iter.hasNext()) {
+				Object xmlDsigManifestCheck = iter.next();
+				verifyXMLSignatureResponseType.getXMLDSIGManifestCheck().add(
+						buildManifestCheckResult((at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult) 
+								xmlDsigManifestCheck));
+			}
+		}
+		
+		// add the CertificateCheck
+		verifyXMLSignatureResponseType.setCertificateCheck(this.transformerUtils.buildCheckResult(response.getCertificateCheck()));
+		
+		if(response.getAdESFormResults() != null) {
+			Iterator formIterator = response.getAdESFormResults().iterator();
+	    	
+	    	while(formIterator.hasNext()) {
+	    		AdESFormResults adESFormResult = (AdESFormResults)formIterator.next();
+	    		verifyXMLSignatureResponseType.getFormCheckResult().add(
+	    				buildFormResult(adESFormResult));
+	    	}
+			
+		}
+		
+		return verifyXMLSignatureResponseType;
+	}
+	
+	private at.gv.egiz.moasig.InputDataType buildInputData(InputData inputData) throws MOAApplicationException {
+		at.gv.egiz.moasig.InputDataType inputDataType = new at.gv.egiz.moasig.InputDataType();
+		inputDataType.setPartOf(inputData.getPartOf());
+		
+		if(inputData.getReferringReferenceNumber() != InputData.REFERER_NONE_) {
+			inputDataType.setReferringSigReference(BigInteger.valueOf(inputData.getReferringReferenceNumber()));
+		}
+		
+		switch(inputData.getContentType()) {
+		case Content.XML_CONTENT:
+			ContentXML contentXml = (ContentXML) inputData;
+			ByteArrayOutputStream baos = new ByteArrayOutputStream();
+			try {
+				iaik.xml.crypto.utils.DOMUtils.serialize(DOMUtils.nodeList2DocumentFragment(
+						contentXml.getXMLContent()).getOwnerDocument(), 
+						baos);
+				inputDataType.setBase64Content(baos.toByteArray());
+			} catch (TransformerException e) {
+				throw new MOAApplicationException("2200", null, e);
+			} catch (ParserConfigurationException e) {
+				throw new MOAApplicationException("2200", null, e);
+			}
+			
+			break;
+		case Content.BINARY_CONTENT:
+			ContentBinary contentBinary = (ContentBinary) inputData;
+			try {
+				inputDataType.setBase64Content(IOUtils.toByteArray(contentBinary.getBinaryContent()));
+			} catch (IOException e) {
+				throw new MOAApplicationException("2200", null, e);
+			}
+			break;
+		}
+		return inputDataType;
+	}
+
+	private at.gv.egiz.moasig.FormResultType buildFormResult(AdESFormResults adESFormResults) {
+		at.gv.egiz.moasig.FormResultType formResult = new at.gv.egiz.moasig.FormResultType();
+		formResult.setCode(BigInteger.valueOf(adESFormResults.getCode()));
+		formResult.setName(adESFormResults.getName());
+		return formResult;
+	}
+
+	private at.gv.egiz.moasig.ManifestRefsCheckResultType buildManifestCheckResult(
+			at.gv.egovernment.moa.spss.api.xmlverify.ManifestRefsCheckResult referencesCheckResult) {
+		at.gv.egiz.moasig.ManifestRefsCheckResultType referencesCheckResultType = new at.gv.egiz.moasig.ManifestRefsCheckResultType();
+
+		if (referencesCheckResult.getInfo() != null) {
+			at.gv.egiz.moasig.ObjectFactory of = new at.gv.egiz.moasig.ObjectFactory();
+			at.gv.egiz.moasig.AnyChildrenType anyInfos = new at.gv.egiz.moasig.AnyChildrenType();
+
+			if (referencesCheckResult.getInfo().getFailedReferences() != null) {
+				for (int idx = 0; idx < referencesCheckResult.getInfo().getFailedReferences().length; idx++) {
+					anyInfos.getContent().add(of.createFailedReference(
+							BigInteger.valueOf(referencesCheckResult.getInfo().getFailedReferences()[idx])));
+				}
+			}
+
+			if (referencesCheckResult.getInfo().getAnyOtherInfo() != null) {
+				for (int idx = 0; idx < referencesCheckResult.getInfo().getAnyOtherInfo().getLength(); idx++) {
+					Node node = referencesCheckResult.getInfo().getAnyOtherInfo().item(idx);
+					if (node instanceof Element) {
+						anyInfos.getContent().add((Element) node);
+					}
+				}
+			}
+
+			anyInfos.getContent().add(of.createReferringSigReference(
+					BigInteger.valueOf(referencesCheckResult.getInfo().getReferringSignatureReference())));
+
+			referencesCheckResultType.setInfo(anyInfos);
+
+		}
+
+		referencesCheckResultType.setCode(BigInteger.valueOf(referencesCheckResult.getCode()));
+		return referencesCheckResultType;
+	}
+
+	private at.gv.egiz.moasig.ReferencesCheckResultType buildReferencesCheckResult(
+			at.gv.egovernment.moa.spss.api.xmlverify.ReferencesCheckResult referencesCheckResult) {
+		at.gv.egiz.moasig.ReferencesCheckResultType referencesCheckResultType = new at.gv.egiz.moasig.ReferencesCheckResultType();
+
+		if (referencesCheckResult.getInfo() != null) {
+			at.gv.egiz.moasig.ObjectFactory of = new at.gv.egiz.moasig.ObjectFactory();
+			at.gv.egiz.moasig.AnyChildrenType anyInfos = new at.gv.egiz.moasig.AnyChildrenType();
+
+			if (referencesCheckResult.getInfo().getFailedReferences() != null) {
+				for (int idx = 0; idx < referencesCheckResult.getInfo().getFailedReferences().length; idx++) {
+					anyInfos.getContent().add(of.createFailedReference(
+							BigInteger.valueOf(referencesCheckResult.getInfo().getFailedReferences()[idx])));
+				}
+			}
+
+			if (referencesCheckResult.getInfo().getAnyOtherInfo() != null) {
+				for (int idx = 0; idx < referencesCheckResult.getInfo().getAnyOtherInfo().getLength(); idx++) {
+					Node node = referencesCheckResult.getInfo().getAnyOtherInfo().item(idx);
+					if (node instanceof Element) {
+						anyInfos.getContent().add((Element) node);
+					}
+				}
+			}
+
+			referencesCheckResultType.setInfo(anyInfos);
+		}
+
+		referencesCheckResultType.setCode(BigInteger.valueOf(referencesCheckResult.getCode()));
+		return referencesCheckResultType;
+	}
+
+	
+
+	/**
+	 * Parse the <code>VerifySignatureInfo</code> DOM element contained in the
+	 * <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element
+	 *            containing the <code>VerifySignatureInfo</code> DOM element.
+	 * @return The <code>VerifySignatureInfo</code> API object containing the
+	 *         data from the DOM element.
+	 * @throws MOAApplicationException
+	 */
+	private VerifySignatureInfo parseVerifySignatureInfo(
+			at.gv.egiz.moasig.VerifyXMLSignatureRequestType.VerifySignatureInfo verifySignatureInfo)
+					throws MOAApplicationException {
+		Content verifySignatureEnvironment = transformerUtils
+				.buildContent(verifySignatureInfo.getVerifySignatureEnvironment());
+
+		String xPathExpression = verifySignatureInfo.getVerifySignatureLocation();
+
+		VerifySignatureLocation verifySignatureLocation = factory.createVerifySignatureLocation(xPathExpression,
+				new HashMap());
+
+		return factory.createVerifySignatureInfo(verifySignatureEnvironment, verifySignatureLocation);
+	}
+
+	/**
+	 * Parse the supplement profiles contained in the given
+	 * <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * @return A <code>List</code> of <code>SupplementProfile</code> API objects
+	 *         containing the data from the <code>SupplementProfile</code> DOM
+	 *         elements.
+	 * @throws MOAApplicationException
+	 */
+	private List parseSupplementProfiles(at.gv.egiz.moasig.VerifyXMLSignatureRequest verifyXMLSignatureRequest)
+			throws MOAApplicationException {
+		List supplementProfiles = new ArrayList();
+		List<Object> supplementElements = verifyXMLSignatureRequest.getSupplementProfileOrSupplementProfileID();
+		if (supplementElements != null) {
+			Iterator<Object> supplementElementsIterator = supplementElements.iterator();
+			while (supplementElementsIterator.hasNext()) {
+				Object object = supplementElementsIterator.next();
+				SupplementProfile profile;
+				if (object instanceof XMLDataObjectAssociationType) {
+					XMLDataObjectAssociationType xmlDataObjectAssociationType = (XMLDataObjectAssociationType) object;
+					profile = parseSupplementProfile(xmlDataObjectAssociationType);
+				} else if (object instanceof String) {
+					String profileID = (String) object;
+					profile = factory.createSupplementProfile(profileID);
+				} else {
+					throw new MOAApplicationException(
+							"Invalid object in moa:SupplementProfile | moa:SupplementProfileID", null);
+				}
+
+				supplementProfiles.add(profile);
+			}
+		}
+
+		return supplementProfiles;
+	}
+
+	public SupplementProfile parseSupplementProfile(XMLDataObjectAssociationType xmlDataObjectAssociationType)
+			throws MOAApplicationException {
+		XMLDataObjectAssociation supplementProfile = this.transformerUtils
+				.parseXMLDataObjectAssociation(xmlDataObjectAssociationType);
+
+		return factory.createSupplementProfile(supplementProfile);
+	}
+
+	/**
+	 * Parse the <code>SignatureManifestCheckParams</code> DOM element contained
+	 * in the given <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * 
+	 * @param requestElem
+	 *            The <code>VerifyXMLSignatureRequest</code> DOM element.
+	 * @return The <code>SignatureManifestCheckParams</code> API object
+	 *         containing the data from the
+	 *         <code>SignatureManifestCheckParams</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the
+	 *             <code>SignatureManifestCheckParams</code> DOM element.
+	 */
+	private SignatureManifestCheckParams parseSignatureManifestCheckParams(
+			at.gv.egiz.moasig.VerifyXMLSignatureRequestType.SignatureManifestCheckParams signatureManifestCheckParams)
+					throws MOAApplicationException {
+
+		if (signatureManifestCheckParams == null) {
+			return null;
+		}
+
+		boolean returnReferencInputData = signatureManifestCheckParams.isReturnReferenceInputData();
+		List<at.gv.egiz.moasig.VerifyTransformsDataType> referenceInfos = signatureManifestCheckParams
+				.getReferenceInfo();
+		List referenceInfosBuild = parseReferenceInfos(referenceInfos);
+
+		return factory.createSignatureManifestCheckParams(referenceInfosBuild, returnReferencInputData);
+	}
+
+	/**
+	 * Parse the <code>ReferenceInfo</code> DOM elements contained in a
+	 * <code>SignatureManifestCheckParams</code> DOM element.
+	 * 
+	 * @param paramsElem
+	 *            The <code>SignatureManifestCheckParams</code> DOM element
+	 *            containing the <code>ReferenceInfo</code> DOM elements.
+	 * @return A <code>List</code> of <code>RefernceInfo</code> API objects
+	 *         containing the data from the <code>ReferenceInfo</code> DOM
+	 *         elements.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>ReferenceInfo</code> DOM
+	 *             elements.
+	 */
+	private List parseReferenceInfos(List<at.gv.egiz.moasig.VerifyTransformsDataType> referenceInfosWeb)
+			throws MOAApplicationException {
+
+		List referenceInfos = new ArrayList();
+
+		if (referenceInfosWeb != null) {
+
+			Iterator<at.gv.egiz.moasig.VerifyTransformsDataType> referenceInfosIterator = referenceInfosWeb.iterator();
+
+			while (referenceInfosIterator.hasNext()) {
+				at.gv.egiz.moasig.VerifyTransformsDataType verifyTransformsDataType = referenceInfosIterator.next();
+
+				ReferenceInfo referenceInfo = parseReferenceInfo(verifyTransformsDataType);
+				referenceInfos.add(referenceInfo);
+			}
+
+		}
+		return referenceInfos;
+	}
+
+	/**
+	 * Parse a <code>ReferenceInfo</code> DOM element.
+	 * 
+	 * @param refInfoElem
+	 *            The <code>ReferenceInfo</code> DOM element to parse.
+	 * @return The <code>ReferenceInfo</code> API object containing the data
+	 *         from the given <code>ReferenceInfo</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>ReferenceInfo</code> DOM
+	 *             element.
+	 */
+	private ReferenceInfo parseReferenceInfo(at.gv.egiz.moasig.VerifyTransformsDataType verifyTransformsDataType)
+			throws MOAApplicationException {
+		List profiles = parseVerifyTransformsInfoProfiles(verifyTransformsDataType);
+		return factory.createReferenceInfo(profiles);
+	}
+
+	/**
+	 * Parse the <code>VerifyTransformsInfoProfile</code> DOM elements contained
+	 * in a <code>ReferenceInfo</code> DOM element.
+	 * 
+	 * @param refInfoElem
+	 *            <code>ReferenceInfo</code> DOM element containing the
+	 *            <code>VerifyTransformsInfoProfile</code> DOM elements.
+	 * @return A <code>List</code> of <code>VerifyTransformsInfoProfile</code>
+	 *         API objects containing the profile data.
+	 * @throws MOAApplicationException
+	 *             An error occurred building the
+	 *             <code>VerifyTransformsInfoProfile</code>s.
+	 */
+	private List parseVerifyTransformsInfoProfiles(at.gv.egiz.moasig.VerifyTransformsDataType verifyTransformsDataType)
+			throws MOAApplicationException {
+
+		List profiles = new ArrayList();
+
+		List<Object> transformsList = verifyTransformsDataType
+				.getVerifyTransformsInfoProfileOrVerifyTransformsInfoProfileID();
+		Iterator<Object> transformsListIterator = transformsList.iterator();
+
+		while (transformsListIterator.hasNext()) {
+			Object object = transformsListIterator.next();
+
+			if (object instanceof at.gv.egiz.moasig.VerifyTransformsInfoProfile) {
+				at.gv.egiz.moasig.VerifyTransformsInfoProfile verifyTransformsInfoProfile = (at.gv.egiz.moasig.VerifyTransformsInfoProfile) object;
+			} else if (object instanceof String) {
+				String profileID = (String) object;
+				profiles.add(factory.createVerifyTransformsInfoProfile(profileID));
+			} else {
+				throw new MOAApplicationException("Invalid object in VerifyTransformsData", null);
+			}
+		}
+		return profiles;
+	}
+
+	/**
+	 * Parse a <code>VerifyTransformsInfoProfile</code> DOM element.
+	 * 
+	 * @param profileElem
+	 *            The <code>VerifyTransformsInfoProfile</code> DOM element to
+	 *            parse.
+	 * @return A <code>VerifyTransformsInfoProfile</code> API object containing
+	 *         the information from the <code>VerifyTransformsInfoProfile</code>
+	 *         DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the
+	 *             <code>VerifyTransformsInfoProfile</code>.
+	 */
+	public VerifyTransformsInfoProfile parseVerifyTransformsInfoProfile(
+			at.gv.egiz.moasig.VerifyTransformsInfoProfile verifyTransformsInfoProfile) throws MOAApplicationException {
+		List transforms = null;
+		List transformParameters = new ArrayList();
+		List<TransformParameterType> transformParams = verifyTransformsInfoProfile.getTransformParameter();
+		Iterator<TransformParameterType> transformParamIterator = transformParams.iterator();
+
+		MoaTransformsType moaTransforms = verifyTransformsInfoProfile.getMoaTransforms();
+
+		if (moaTransforms != null) {
+			transforms = transformParser.parseTransforms(moaTransforms);
+		}
+
+		while (transformParamIterator.hasNext()) {
+			TransformParameterType transformParameter = transformParamIterator.next();
+			transformParameters.add(parseTransformParameter(transformParameter));
+		}
+
+		return factory.createVerifyTransformsInfoProfile(transforms, transformParameters);
+	}
+
+	/**
+	 * Parse a <code>TransformParameter</code> DOM element.
+	 * 
+	 * @param paramElem
+	 *            The <code>TransformParameter</code> DOM element to parse.
+	 * @return The <code>TransformParameter</code> API object containing the
+	 *         information from the <code>TransformParameter</code> DOM element.
+	 * @throws MOAApplicationException
+	 *             An error occurred parsing the <code>TransformParameter</code>
+	 *             DOM element.
+	 */
+	private TransformParameter parseTransformParameter(TransformParameterType transformParameter)
+			throws MOAApplicationException {
+		String uri = transformParameter.getURI();
+		if (transformParameter.getBase64Content() != null) {
+			InputStream binaryContent = new ByteArrayInputStream(transformParameter.getBase64Content());
+			return factory.createTransformParameter(uri, binaryContent);
+		} else if (transformParameter.getHash() != null) {
+			Hash hash = transformParameter.getHash();
+			String digestMethodStr = "";
+
+			if (hash.getDigestMethod() != null) {
+				digestMethodStr = hash.getDigestMethod().getAlgorithm();
+			}
+			byte[] digestValue = hash.getDigestValue();
+			return factory.createTransformParameter(uri, digestMethodStr, digestValue);
+		} else {
+			return factory.createTransformParameter(uri);
+		}
+	}
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/ContextSetupAspect.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/ContextSetupAspect.java
new file mode 100644
index 0000000..42ffd5e
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/ContextSetupAspect.java
@@ -0,0 +1,104 @@
+package at.gv.egovernment.moa.spss.server.webservice.impl;
+
+import java.security.cert.X509Certificate;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.xml.ws.handler.MessageContext;
+import javax.xml.ws.handler.soap.SOAPMessageContext;
+
+import org.apache.cxf.transport.http.AbstractHTTPDestination;
+import org.aspectj.lang.annotation.Aspect;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+import org.w3c.dom.Element;
+
+import at.gv.egovernment.moa.logging.LoggingContext;
+import at.gv.egovernment.moa.logging.LoggingContextManager;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationException;
+import at.gv.egovernment.moa.spss.server.config.ConfigurationProvider;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionIDGenerator;
+
+@Aspect
+public class ContextSetupAspect {
+
+	private static final Logger logger = LoggerFactory.getLogger(ContextSetupAspect.class);
+	
+	/** The property name for accessing the X509 client certificate chain. */
+	private static final String X509_CERTIFICATE_PROPERTY = "javax.servlet.request.X509Certificate";
+
+	/** The property name for accessing the SOAP action header. */
+	private static final String SOAP_ACTION_HEADER = "soapaction";
+	
+	/**
+	 * Set up the thread-local contexts (<code>TransactionContext</code> and
+	 * <code>LoggingContext</code>).
+	 * 
+	 * @param context
+	 *            The <code>TransactionContext</code> to set for the current
+	 *            request.
+	 */
+	private static void setUpContexts(TransactionContext context) {
+		// set the transaction context in the TransactionContextManager
+		TransactionContextManager tcm = TransactionContextManager.getInstance();
+		tcm.setTransactionContext(context);
+
+		// set the logging context in the LoggingContextManager
+		LoggingContextManager lcm = LoggingContextManager.getInstance();
+		LoggingContext lc = new LoggingContext(context.getTransactionID());
+		lcm.setLoggingContext(lc);
+	}
+
+	/**
+	 * Tear down the thread-local contexts.
+	 */
+	private static void tearDownContexts() {
+		TransactionContextManager tcm = TransactionContextManager.getInstance();
+
+		// delete temporary files
+		TransactionContext context = tcm.getTransactionContext();
+		context.cleanAttachmentCache();
+
+		// unset the transaction context
+		tcm.setTransactionContext(null);
+
+		// unset the logging context
+		LoggingContextManager lcm = LoggingContextManager.getInstance();
+		lcm.setLoggingContext(null);
+	}
+
+	public static void setupContext(MessageContext messageContext, String targetService) throws ConfigurationException {
+		logger.debug("Context setup");
+		
+		HttpServletRequest request = (HttpServletRequest) messageContext
+				.get(AbstractHTTPDestination.HTTP_REQUEST);
+
+		X509Certificate[] clientCert = (X509Certificate[]) request.getAttribute(X509_CERTIFICATE_PROPERTY);
+
+		ConfigurationProvider configuration = ConfigurationProvider.getInstance();
+
+		Element xmlRequest = null;
+		if (messageContext instanceof SOAPMessageContext) {
+			SOAPMessageContext soapMessageContext = (SOAPMessageContext) messageContext;
+			xmlRequest = soapMessageContext.getMessage().getSOAPPart().getDocumentElement();
+		}
+
+		TransactionContext context = new TransactionContext(TransactionIDGenerator.nextID(), clientCert,
+				configuration, xmlRequest, null);
+
+		String soapAction = (String) request.getHeader(SOAP_ACTION_HEADER);
+		if ("\"\"".equals(soapAction)) {
+			// if http soap action header is empty
+			soapAction = targetService;
+		}
+		context.setRequestName(soapAction);
+		
+		setUpContexts(context);
+	}
+
+	public static void cleanContext() {
+		logger.debug("Context clean up");
+		tearDownContexts();
+	}
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureCreationServiceImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureCreationServiceImpl.java
new file mode 100644
index 0000000..358b9d6
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureCreationServiceImpl.java
@@ -0,0 +1,190 @@
+package at.gv.egovernment.moa.spss.server.webservice.impl;
+
+import java.util.Collections;
+
+import javax.annotation.Resource;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+import javax.xml.ws.WebServiceContext;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.moasig.CreateCMSSignatureRequest;
+import at.gv.egiz.moasig.CreateCMSSignatureRequestType;
+import at.gv.egiz.moasig.CreateCMSSignatureResponseType;
+import at.gv.egiz.moasig.CreatePDFSignatureRequest;
+import at.gv.egiz.moasig.CreatePDFSignatureRequestType;
+import at.gv.egiz.moasig.CreatePDFSignatureResponseType;
+import at.gv.egiz.moasig.CreateXMLSignatureRequest;
+import at.gv.egiz.moasig.CreateXMLSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOAException;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureCreationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.PDFASInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureCreationInvoker;
+import at.gv.egovernment.moa.spss.server.service.ServiceUtils;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.webservice.CMSCreateSignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.PDFCreateSignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.SignatureCreationService;
+import at.gv.egovernment.moa.spss.server.webservice.XMLCreateSignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.binding.CMSCreateSignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.webservice.binding.PDFCreateSignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.webservice.binding.XMLCreateSignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.CreatePDFRespone;
+import at.gv.egovernment.moa.util.StreamUtils;
+
+@WebService(endpointInterface = "at.gv.egovernment.moa.spss.server.webservice.SignatureCreationService", portName = "SignatureCreationService", serviceName = "SignatureCreationService")
+public class SignatureCreationServiceImpl implements SignatureCreationService {
+
+	private static final Logger logger = LoggerFactory.getLogger(SignatureCreationServiceImpl.class);
+
+	@Resource
+	private WebServiceContext context;
+
+	private XMLCreateSignatureBinding xmlCreateSignatureBinding;
+	private CMSCreateSignatureBinding cmsCreateSignatureBinding;
+	private PDFCreateSignatureBinding pdfCreateSignatureBinding;
+
+	public SignatureCreationServiceImpl() {
+		this.xmlCreateSignatureBinding = new XMLCreateSignatureBindingImpl();
+		this.cmsCreateSignatureBinding = new CMSCreateSignatureBindingImpl();
+		this.pdfCreateSignatureBinding = new PDFCreateSignatureBindingImpl();
+	}
+
+	@Override
+	@WebResult(name = "CreateXMLSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public CreateXMLSignatureResponseType createXMLSignature(CreateXMLSignatureRequest createXMLSignatureRequest)
+			throws Exception {
+		logger.info("createXMLSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "createXMLSignature");
+
+			XMLSignatureCreationInvoker invoker = XMLSignatureCreationInvoker.getInstance();
+
+			at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureRequest requestObj;
+			at.gv.egovernment.moa.spss.api.xmlsign.CreateXMLSignatureResponse responseObj;
+
+			logger.trace(">>> preparsing Request");
+			requestObj = this.xmlCreateSignatureBinding.buildXMLRequest(createXMLSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> creating Signature");
+			// invoke the core logic
+			responseObj = invoker.createXMLSignature(requestObj, Collections.EMPTY_SET);
+			logger.trace("<<< created Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			CreateXMLSignatureResponseType response = this.xmlCreateSignatureBinding.buildXMLResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+		} catch (MOAException e) {
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+	@Override
+	@WebResult(name = "CreateCMSSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public CreateCMSSignatureResponseType createCMSSignature(CreateCMSSignatureRequest createCMSSignatureRequest)
+			throws Exception {
+		logger.info("createCMSSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "createCMSSignature");
+
+			CMSSignatureCreationInvoker invoker = CMSSignatureCreationInvoker.getInstance();
+
+			at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureRequest requestObj;
+			at.gv.egovernment.moa.spss.api.cmssign.CreateCMSSignatureResponse responseObj;
+
+			logger.trace(">>> preparsing Request");
+			requestObj = this.cmsCreateSignatureBinding.buildCMSRequest(createCMSSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> creating Signature");
+			// invoke the core logic
+			responseObj = invoker.createCMSSignature(requestObj, Collections.EMPTY_SET);
+			logger.trace("<<< created Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			CreateCMSSignatureResponseType response = this.cmsCreateSignatureBinding.buildCMSResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+
+		} catch (MOAException e) {
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+	@Override
+	@WebResult(name = "CreatePDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public CreatePDFSignatureResponseType createPDFSignature(CreatePDFSignatureRequest createPDFSignatureRequest)
+			throws Exception {
+		logger.info("createPDFSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "createPDFSignature");
+
+			CreatePDFRequest requestObj;
+			CreatePDFRespone responseObj;
+
+			TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+
+			// convert to API objects
+			logger.trace(">>> preparsing Request");
+			requestObj = this.pdfCreateSignatureBinding.buildPDFRequest(createPDFSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> creating Signature");
+			// invoke the core logic
+			responseObj = PDFASInvoker.getInstance().createPDFSignature(requestObj, context.getTransactionID());
+			logger.trace("<<< created Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			CreatePDFSignatureResponseType response = this.pdfCreateSignatureBinding.buildPDFResponse(responseObj);
+			logger.trace("<<< built Response");
+			
+			return response;
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java
new file mode 100644
index 0000000..0b16e2a
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SignatureVerificationServiceImpl.java
@@ -0,0 +1,175 @@
+package at.gv.egovernment.moa.spss.server.webservice.impl;
+
+import javax.annotation.Resource;
+import javax.jws.WebResult;
+import javax.jws.WebService;
+import javax.xml.ws.WebServiceContext;
+
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
+
+import at.gv.egiz.moasig.VerifyCMSSignatureRequest;
+import at.gv.egiz.moasig.VerifyCMSSignatureResponseType;
+import at.gv.egiz.moasig.VerifyPDFSignatureRequest;
+import at.gv.egiz.moasig.VerifyPDFSignatureResponseType;
+import at.gv.egiz.moasig.VerifyXMLSignatureRequest;
+import at.gv.egiz.moasig.VerifyXMLSignatureResponseType;
+import at.gv.egovernment.moa.spss.MOASystemException;
+import at.gv.egovernment.moa.spss.server.invoke.CMSSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.PDFASInvoker;
+import at.gv.egovernment.moa.spss.server.invoke.XMLSignatureVerificationInvoker;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContext;
+import at.gv.egovernment.moa.spss.server.transaction.TransactionContextManager;
+import at.gv.egovernment.moa.spss.server.webservice.CMSVerifySignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.PDFVerifySignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.SignatureVerificationService;
+import at.gv.egovernment.moa.spss.server.webservice.XMLVerifySignatureBinding;
+import at.gv.egovernment.moa.spss.server.webservice.binding.CMSVerifySignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.webservice.binding.PDFVerifySignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.webservice.binding.XMLVerifySignatureBindingImpl;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFRequest;
+import at.gv.egovernment.moa.spss.server.xmlbind.VerifyPDFResponse;
+import at.gv.egovernment.moa.util.StreamUtils;
+
+@WebService(endpointInterface = "at.gv.egovernment.moa.spss.server.webservice.SignatureVerificationService", portName = "SignatureVerificationService", serviceName = "SignatureVerificationService")
+public class SignatureVerificationServiceImpl implements SignatureVerificationService {
+
+	private static final Logger logger = LoggerFactory.getLogger(SignatureVerificationServiceImpl.class);
+
+	@Resource
+	private WebServiceContext context;
+
+	private XMLVerifySignatureBinding xmlVerifySignatureBinding;
+	private CMSVerifySignatureBinding cmsVerifySignatureBinding;
+	private PDFVerifySignatureBinding pdfVerifySignatureBinding;
+
+	public SignatureVerificationServiceImpl() {
+		this.xmlVerifySignatureBinding = new XMLVerifySignatureBindingImpl();
+		this.cmsVerifySignatureBinding = new CMSVerifySignatureBindingImpl();
+		this.pdfVerifySignatureBinding = new PDFVerifySignatureBindingImpl();
+	}
+
+	@Override
+	@WebResult(name = "VerifyXMLSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public VerifyXMLSignatureResponseType verifyXMLSignature(VerifyXMLSignatureRequest verifyXMLSignatureRequest)
+			throws Exception {
+		logger.info("verifyXMLSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "verifyXMLSignature");
+
+			XMLSignatureVerificationInvoker invoker = XMLSignatureVerificationInvoker.getInstance();
+
+			at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureRequest requestObj;
+			at.gv.egovernment.moa.spss.api.xmlverify.VerifyXMLSignatureResponse responseObj;
+
+			logger.trace(">>> preparsing Request");
+			requestObj = this.xmlVerifySignatureBinding.buildXMLRequest(verifyXMLSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> verifying Signature");
+			// invoke the core logic
+			responseObj = invoker.verifyXMLSignature(requestObj);
+			logger.trace("<<< verified Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			VerifyXMLSignatureResponseType response = this.xmlVerifySignatureBinding.buildXMLResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+	@Override
+	@WebResult(name = "VerifyCMSSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public VerifyCMSSignatureResponseType verifyCMSSignature(VerifyCMSSignatureRequest verifyCMSSignatureRequest)
+			throws Exception {
+		logger.info("verifyCMSSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "verifyCMSSignature");
+
+			CMSSignatureVerificationInvoker invoker = CMSSignatureVerificationInvoker.getInstance();
+
+			at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureRequest requestObj;
+			at.gv.egovernment.moa.spss.api.cmsverify.VerifyCMSSignatureResponse responseObj;
+
+			logger.trace(">>> preparsing Request");
+			requestObj = this.cmsVerifySignatureBinding.buildCMSRequest(verifyCMSSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> verifying Signature");
+			// invoke the core logic
+			responseObj = invoker.verifyCMSSignature(requestObj);
+			logger.trace("<<< verified Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			VerifyCMSSignatureResponseType response = this.cmsVerifySignatureBinding.buildCMSResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+	@Override
+	@WebResult(name = "VerifyPDFSignatureResponseType", targetNamespace = "http://reference.e-government.gv.at/namespace/moa/20151109#")
+	public VerifyPDFSignatureResponseType verifyPDFSignature(VerifyPDFSignatureRequest verifyPDFSignatureRequest)
+			throws Exception {
+		logger.info("verifyPDFSignature start");
+		try {
+			logger.info("WebServiceContext: {}", context);
+			ContextSetupAspect.setupContext(context.getMessageContext(), "verifyPDFSignature");
+
+			VerifyPDFRequest requestObj;
+			VerifyPDFResponse responseObj;
+
+			// since Axis (1.1 ff) has problem with namespaces we take the raw
+			// request stored by the Axishandler.
+			TransactionContext context = TransactionContextManager.getInstance().getTransactionContext();
+
+			// convert to API objects
+			logger.trace(">>> preparsing Request");
+			requestObj = this.pdfVerifySignatureBinding.buildPDFRequest(verifyPDFSignatureRequest);
+			logger.trace("<<< preparsed Request");
+
+			logger.trace(">>> verifying Signature");
+			// invoke the core logic
+			responseObj = PDFASInvoker.getInstance().verifyPDFSignature(requestObj);
+			logger.trace("<<< verified Signature");
+
+			logger.trace(">>> building Response");
+			// map back to XML
+			VerifyPDFSignatureResponseType response = this.pdfVerifySignatureBinding.buildPDFResponse(responseObj);
+			logger.trace("<<< built Response");
+
+			return response;
+		} catch (Throwable t) {
+			MOASystemException e = new MOASystemException("2900", null, t);
+			logger.debug("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:"
+					+ System.getProperty("line.separator") + StreamUtils.getStackTraceAsString(e));
+			logger.error("Anfrage zur Signaturerstellung wurde nicht erfolgreich beendet:", e);
+			throw new Exception(e.getMessage());
+		} finally {
+			ContextSetupAspect.cleanContext();
+		}
+	}
+
+}
diff --git a/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SimpleCXFNonSpringServlet.java b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SimpleCXFNonSpringServlet.java
new file mode 100644
index 0000000..65625a7
--- /dev/null
+++ b/moaSig/moa-sig/src/main/java/at/gv/egovernment/moa/spss/server/webservice/impl/SimpleCXFNonSpringServlet.java
@@ -0,0 +1,28 @@
+package at.gv.egovernment.moa.spss.server.webservice.impl;
+
+import javax.servlet.ServletConfig;
+import javax.xml.ws.Endpoint;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.BusFactory;
+import org.apache.cxf.transport.servlet.CXFNonSpringServlet;
+
+public class SimpleCXFNonSpringServlet extends CXFNonSpringServlet {
+
+	/**
+	 * 
+	 */
+	private static final long serialVersionUID = 8564433272673970611L;
+
+	@Override
+	public void loadBus(ServletConfig servletConfig) {
+		super.loadBus(servletConfig);
+		Bus bus = getBus();
+		BusFactory.setDefaultBus(bus);
+		Endpoint signatureCreationEndpoint = Endpoint.publish("/SignatureCreation", new SignatureCreationServiceImpl());
+		signatureCreationEndpoint.getProperties().put("schema-validation-enabled", "true");
+		Endpoint signatureVerificationEndpoint = Endpoint.publish("/SignatureVerification", new SignatureVerificationServiceImpl());
+		signatureVerificationEndpoint.getProperties().put("schema-validation-enabled", "true");
+	}
+	
+}