Release History Parsing of PublicAuthority-Flag and PublicAuthority-Code from MOA-VerifyXMLSignatureResponses implemented. APIDemo updated. (default) configuration updated regarding new configuration keys. Many printStackTraces replaces with logger-messages. Update concerting exclusion of minimal layout profiles for verification. Web-Application: New error code (251) introduced: Textual signature of files with no extractable textual content (e.g. files that solely contain images) is prevented. Configurable line break tolerance for binary signatures (line_break_tolerance). The reserved space for a certificate withing the egiz dictionary can be configured (...phlength.certificate=xxxx). imagescaletofit configuration parameter introduced. Detection of incremental updates updated. Bug fixed. There was an error concerning empty HashInputData parsing a MOA CreateXMLSignatureResponse. Demo source for API usage created. Issue resolved: Prevent signature of empty document which leads to a meaningless error message from the bku. A new check for the existence of a configuration has been implemented. The extraction is skipped if any files or folders would be overwritten. Files like log- or temp-files may exist and do not prevent the deployment of the default configuration. Serious bug solved. Method storeCertificate tried to fetch a certificate from store before storing it. If not found (within the store resp. via ldap) the certificate was not stored!!! Manual deployment of pdf-as configuration (commandline parameter -ddc) considers the system property pdf-as.work-dir. Internal default configuration updated. log4.properties within the workdir is now being considered using the api. Support of a minimal signature mark layout for binary signatures added. Web-Application: Every hardcoded context "pdf-as" has been replaced. Web-Application: Session is now being invalidated after download of the signed pdf file. Web-Application: Configuration may be declared via system property "pdf-as.work-dir" or via Servlet-Init-Parameter "work-dir". Bug fixed in RetrieveSignatureDataServlet: Response header didn't contain a content length attribute. The ITS Mac BKU rejects those requests. Workaround for ITS Mac BKU integrated. A redirect via response does only work if the response contains a valid SL request (e.g. a NullOperationRequest). API: The configuration folder may be omitted at instantiating the api. Configuration may be set via system property "pdf-as.work-dir". If no configuration is given at all, the current user's home directory is searched for a folder "PDF-AS". If not found a default configuration is created. If the configuration is explicitely given than the temporary folder is located within the given directory otherwise within the user's temporary directory. Declaring the configuration folder, replacements for system properties like "${catalina.base}/conf/pdfas" may be used. Bug fixed: If we have a binary signature, the certificate is embedded. So there should be no serial number needed within the signature block. PDF-AS stores the certificate in the certstore but tries to load the certificate via serialnumber and issuername from certstore, which fails because of the missing serial number. Bug fixed: For storage of the certificate in the certstore the issuername is taken from the certificate, normalized and hashed. The base64 value of the hash is used as the directory name. Loading the certificate from the certstore, the issuername is taken from the signature block, normalized and hashed. Some issuernames (with rdns that are not registered) lead to two different hash values (one at storage, another at retrieval), which leads to a certificate not found exception. PDF-AS library version is logged in order to lighten bugfixing.