diff --git a/full/src/main/java/de/ids_mannheim/de/init/Initializator.java b/full/src/main/java/de/ids_mannheim/de/init/Initializator.java
new file mode 100644
index 0000000..0ef9dbb
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/de/init/Initializator.java
@@ -0,0 +1,19 @@
+package de.ids_mannheim.de.init;
+
+import java.io.IOException;
+
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.util.QueryException;
+
+/** Init methods run after spring dependency injection 
+ *  
+ * @author margaretha
+ *
+ */
+public interface Initializator {
+
+    void init () throws IOException, QueryException, KustvaktException;
+
+    void initTest () throws IOException, KustvaktException;
+
+}
\ No newline at end of file
diff --git a/full/src/main/java/de/ids_mannheim/korap/config/Initializator.java b/full/src/main/java/de/ids_mannheim/de/init/InitializatorImpl.java
similarity index 79%
rename from full/src/main/java/de/ids_mannheim/korap/config/Initializator.java
rename to full/src/main/java/de/ids_mannheim/de/init/InitializatorImpl.java
index e6347e8..318f47e 100644
--- a/full/src/main/java/de/ids_mannheim/korap/config/Initializator.java
+++ b/full/src/main/java/de/ids_mannheim/de/init/InitializatorImpl.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.config;
+package de.ids_mannheim.de.init;
 
 import java.io.IOException;
 import java.util.EnumSet;
@@ -7,6 +7,7 @@
 
 import de.ids_mannheim.korap.annotation.AnnotationParser;
 import de.ids_mannheim.korap.annotation.FreeResourceParser;
+import de.ids_mannheim.korap.config.NamedVCLoader;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope;
 import de.ids_mannheim.korap.oauth2.dao.AccessScopeDao;
@@ -19,7 +20,7 @@
  * @author margaretha
  *
  */
-public class Initializator {
+public class InitializatorImpl implements Initializator {
 
     @Autowired
     private AccessScopeDao accessScopeDao;
@@ -30,8 +31,12 @@
     @Autowired
     private FreeResourceParser resourceParser;
     
-    public Initializator () {}
+    public InitializatorImpl () {}
 
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.de.init.Initializator#init()
+     */
+    @Override
     public void init () throws IOException, QueryException, KustvaktException {
         setInitialAccessScope();
         loader.loadVCToCache();
@@ -45,6 +50,10 @@
         resourceParser.run();
     }
 
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.de.init.Initializator#initTest()
+     */
+    @Override
     public void initTest () throws IOException, KustvaktException {
         setInitialAccessScope();
         annotationParser.run();
diff --git a/full/src/main/java/de/ids_mannheim/de/init/LiteInitializatorImpl.java b/full/src/main/java/de/ids_mannheim/de/init/LiteInitializatorImpl.java
new file mode 100644
index 0000000..31d90af
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/de/init/LiteInitializatorImpl.java
@@ -0,0 +1,26 @@
+package de.ids_mannheim.de.init;
+
+import java.io.IOException;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.annotation.AnnotationParser;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.util.QueryException;
+
+public class LiteInitializatorImpl implements Initializator {
+
+    @Autowired
+    private AnnotationParser annotationParser;
+    
+    @Override
+    public void init () throws IOException, QueryException, KustvaktException {
+        annotationParser.run();
+    }
+
+    @Override
+    public void initTest () throws IOException, KustvaktException {
+        annotationParser.run();
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/annotation/AnnotationParser.java b/full/src/main/java/de/ids_mannheim/korap/annotation/AnnotationParser.java
index c05ae6b..4f995cb 100644
--- a/full/src/main/java/de/ids_mannheim/korap/annotation/AnnotationParser.java
+++ b/full/src/main/java/de/ids_mannheim/korap/annotation/AnnotationParser.java
@@ -58,7 +58,7 @@
 
     private void readFile (File file) throws IOException {
         BufferedReader br = new BufferedReader(
-                new InputStreamReader(new FileInputStream(file)));
+                new InputStreamReader(new FileInputStream(file)), 1024);
 
         foundry = null;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/interfaces/AuthenticationManagerIface.java b/full/src/main/java/de/ids_mannheim/korap/authentication/AuthenticationManager.java
similarity index 66%
rename from full/src/main/java/de/ids_mannheim/korap/interfaces/AuthenticationManagerIface.java
rename to full/src/main/java/de/ids_mannheim/korap/authentication/AuthenticationManager.java
index 4f3fcc0..e9e6764 100644
--- a/full/src/main/java/de/ids_mannheim/korap/interfaces/AuthenticationManagerIface.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/AuthenticationManager.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.interfaces;
+package de.ids_mannheim.korap.authentication;
 
 import java.util.HashMap;
 import java.util.Map;
@@ -10,6 +10,7 @@
 import de.ids_mannheim.korap.constant.AuthenticationMethod;
 import de.ids_mannheim.korap.constant.TokenType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.interfaces.AuthenticationIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.user.Userdata;
@@ -18,112 +19,84 @@
  * @author hanl
  * @date 15/06/2015
  */
-public abstract class AuthenticationManagerIface extends KustvaktCacheable {
+public abstract class AuthenticationManager extends KustvaktCacheable {
 
     private Map<TokenType, AuthenticationIface> providers;
 
-
-    public AuthenticationManagerIface () {
+    public AuthenticationManager () {
         super("id_tokens", "key:id_tokens");
         this.providers = new HashMap<>();
     }
 
-
     public void setProviders (Set<AuthenticationIface> providers) {
-        for (AuthenticationIface i : providers){
+        for (AuthenticationIface i : providers) {
             this.providers.put(i.getTokenType(), i);
         }
     }
 
+    protected AuthenticationIface getProvider (TokenType scheme,
+            TokenType default_iface) {
 
-    protected AuthenticationIface getProvider (TokenType scheme, TokenType default_iface) {
-    	
-    	// Debug FB: loop a Map
-    	
-    	 /*for (Map.Entry<String, AuthenticationIface> entry : this.providers.entrySet()) 
-    		{
-    		System.out.println("Debug: provider: Key : " + entry.getKey() + " Value : " + entry.getValue());
-    		}
-    		*/
-     // todo: configurable authentication schema
-        if (scheme == null){ 
+        // Debug FB: loop a Map
+
+        /*for (Map.Entry<String, AuthenticationIface> entry : this.providers.entrySet()) 
+        {
+        System.out.println("Debug: provider: Key : " + entry.getKey() + " Value : " + entry.getValue());
+        }
+        */
+        // todo: configurable authentication schema
+        if (scheme == null) {
             return this.providers.get(default_iface);
         }
-        else{
+        else {
             return this.providers.get(scheme);
         }
     }
 
-
-    public abstract TokenContext getTokenContext (TokenType type,
-            String token, String host, String useragent)
-            throws KustvaktException;
-
+    public abstract TokenContext getTokenContext (TokenType type, String token,
+            String host, String useragent) throws KustvaktException;
 
     public abstract User getUser (String username) throws KustvaktException;
 
     public abstract boolean isRegistered (String id);
 
-
-    public abstract User authenticate (AuthenticationMethod method, String username,
-            String password, Map<String, Object> attributes)
+    public abstract User authenticate (AuthenticationMethod method,
+            String username, String password, Map<String, Object> attributes)
             throws KustvaktException;
 
-    //    public abstract User authenticate (int type, String username,
-    //            String password, Map<String, Object> attributes)
-    //            throws KustvaktException;
-
-
     public abstract TokenContext createTokenContext (User user,
-            Map<String, Object> attr, TokenType type)
-            throws KustvaktException;
-    
-//    public abstract TokenContext createTokenContext (User user,
-//            Map<String, Object> attr, String provider_key)
-//            throws KustvaktException;
+            Map<String, Object> attr, TokenType type) throws KustvaktException;
 
     public abstract void setAccessAndLocation (User user, HttpHeaders headers);
 
     public abstract void logout (TokenContext context) throws KustvaktException;
 
-
     public abstract void lockAccount (User user) throws KustvaktException;
 
-
     public abstract User createUserAccount (Map<String, Object> attributes,
             boolean confirmation_required) throws KustvaktException;
 
-
-    //    public abstract boolean updateAccount(User user) throws KustvaktException;
-
     public abstract boolean deleteAccount (User user) throws KustvaktException;
 
-
     public abstract <T extends Userdata> T getUserData (User user,
             Class<T> clazz) throws KustvaktException;
 
-
     public abstract void updateUserData (Userdata data)
             throws KustvaktException;
 
-
     public abstract Object[] validateResetPasswordRequest (String username,
             String email) throws KustvaktException;
 
-
     public abstract void resetPassword (String uriFragment, String username,
             String newPassphrase) throws KustvaktException;
 
-
     public abstract void confirmRegistration (String uriFragment,
             String username) throws KustvaktException;
 
-
     public String providerList () {
         return "provider list: " + this.providers.toString();
     }
 
-
     public abstract User getUser (String username, String method)
             throws KustvaktException;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/DummyAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/DummyAuthenticationManager.java
new file mode 100644
index 0000000..0a473ac
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/DummyAuthenticationManager.java
@@ -0,0 +1,136 @@
+package de.ids_mannheim.korap.authentication;
+
+import java.util.Map;
+
+import javax.ws.rs.core.HttpHeaders;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.constant.AuthenticationMethod;
+import de.ids_mannheim.korap.constant.TokenType;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.security.context.TokenContext;
+import de.ids_mannheim.korap.user.User;
+import de.ids_mannheim.korap.user.Userdata;
+import de.ids_mannheim.korap.utils.TimeUtils;
+
+public class DummyAuthenticationManager extends AuthenticationManager {
+
+    @Autowired
+    private KustvaktConfiguration config;
+
+    @Override
+    public TokenContext getTokenContext (TokenType type, String token,
+            String host, String useragent) throws KustvaktException {
+        TokenContext c = new TokenContext();
+        c.setUsername("guest");
+        c.setHostAddress(host);
+        c.setUserAgent(useragent);
+        c.setExpirationTime(
+                TimeUtils.plusSeconds(config.getShortTokenTTL()).getMillis());
+        c.setTokenType(TokenType.BASIC);
+        c.setToken("dummyToken");
+        return c;
+    }
+
+    @Override
+    public User getUser (String username) throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public boolean isRegistered (String id) {
+        // TODO Auto-generated method stub
+        return false;
+    }
+
+    @Override
+    public User authenticate (AuthenticationMethod method, String username,
+            String password, Map<String, Object> attributes)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public TokenContext createTokenContext (User user, Map<String, Object> attr,
+            TokenType type) throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public void setAccessAndLocation (User user, HttpHeaders headers) {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public void logout (TokenContext context) throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public void lockAccount (User user) throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public User createUserAccount (Map<String, Object> attributes,
+            boolean confirmation_required) throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public boolean deleteAccount (User user) throws KustvaktException {
+        // TODO Auto-generated method stub
+        return false;
+    }
+
+    @Override
+    public <T extends Userdata> T getUserData (User user, Class<T> clazz)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public void updateUserData (Userdata data) throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public Object[] validateResetPasswordRequest (String username, String email)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public void resetPassword (String uriFragment, String username,
+            String newPassphrase) throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public void confirmRegistration (String uriFragment, String username)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public User getUser (String username, String method)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
index 64ed9ac..6aa5b9f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
@@ -34,7 +34,6 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.exceptions.WrappedException;
 import de.ids_mannheim.korap.interfaces.AuthenticationIface;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.interfaces.EncryptionIface;
 import de.ids_mannheim.korap.interfaces.EntityHandlerIface;
 import de.ids_mannheim.korap.interfaces.ValidatorIface;
@@ -60,7 +59,7 @@
  * 
  * @author hanl
  */
-public class KustvaktAuthenticationManager extends AuthenticationManagerIface {
+public class KustvaktAuthenticationManager extends AuthenticationManager {
 
 	private static Logger jlog = LogManager.getLogger(KustvaktAuthenticationManager.class);
 	private EncryptionIface crypto;
diff --git a/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java b/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java
index bbed39c..ba5a5a4 100644
--- a/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java
+++ b/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java
@@ -56,10 +56,6 @@
     private List<String> publicRegexList;
     private List<String> allRegexList;
 
-    private Pattern publicLicensePattern;
-    private Pattern freeLicensePattern;
-    private Pattern allLicensePattern;
-
     private String authenticationScheme;
 
     private boolean isSoftDeleteAutoGroup;
diff --git a/full/src/main/java/de/ids_mannheim/korap/dao/AdminDao.java b/full/src/main/java/de/ids_mannheim/korap/dao/AdminDao.java
index 1a749df..fcf32d0 100644
--- a/full/src/main/java/de/ids_mannheim/korap/dao/AdminDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/dao/AdminDao.java
@@ -1,56 +1,11 @@
 package de.ids_mannheim.korap.dao;
 
-import javax.persistence.EntityManager;
-import javax.persistence.NoResultException;
-import javax.persistence.PersistenceContext;
-import javax.persistence.Query;
-import javax.persistence.criteria.CriteriaBuilder;
-import javax.persistence.criteria.CriteriaQuery;
-import javax.persistence.criteria.Predicate;
-import javax.persistence.criteria.Root;
-
-import org.springframework.stereotype.Repository;
-import org.springframework.transaction.annotation.Transactional;
-
-import de.ids_mannheim.korap.entity.Admin;
-import de.ids_mannheim.korap.entity.Admin_;
 import de.ids_mannheim.korap.user.User;
 
-/**
- * @author margaretha
- *
- */
-@Transactional
-@Repository
-public class AdminDao {
+public interface AdminDao {
 
-    @PersistenceContext
-    private EntityManager entityManager;
+    void addAccount (User user);
 
-    public void addAccount (User user) {
-        Admin admin = new Admin();
-        admin.setUserId(user.getUsername());
-        entityManager.persist(admin);
-    }
+    boolean isAdmin (String userId);
 
-    public boolean isAdmin (String userId) {
-        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
-        CriteriaQuery<Admin> query = criteriaBuilder.createQuery(Admin.class);
-
-        Root<Admin> admin = query.from(Admin.class);
-        Predicate p = criteriaBuilder.equal(admin.get(Admin_.userId), userId);
-
-        query.select(admin);
-        query.where(p);
-
-        Query q = entityManager.createQuery(query);
-        try {
-            q.getSingleResult();
-        }
-        catch (NoResultException e) {
-            return false;
-        }
-
-        return true;
-    }
-}
+}
\ No newline at end of file
diff --git a/full/src/main/java/de/ids_mannheim/korap/dao/AdminDaoImpl.java b/full/src/main/java/de/ids_mannheim/korap/dao/AdminDaoImpl.java
new file mode 100644
index 0000000..62d8e02
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/dao/AdminDaoImpl.java
@@ -0,0 +1,64 @@
+package de.ids_mannheim.korap.dao;
+
+import javax.persistence.EntityManager;
+import javax.persistence.NoResultException;
+import javax.persistence.PersistenceContext;
+import javax.persistence.Query;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Predicate;
+import javax.persistence.criteria.Root;
+
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import de.ids_mannheim.korap.entity.Admin;
+import de.ids_mannheim.korap.entity.Admin_;
+import de.ids_mannheim.korap.user.User;
+
+/**
+ * @author margaretha
+ *
+ */
+@Transactional
+@Repository
+public class AdminDaoImpl implements AdminDao {
+
+    @PersistenceContext
+    private EntityManager entityManager;
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.dao.AdminDao#addAccount(de.ids_mannheim.korap.user.User)
+     */
+    @Override
+    public void addAccount (User user) {
+        Admin admin = new Admin();
+        admin.setUserId(user.getUsername());
+        entityManager.persist(admin);
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.dao.AdminDao#isAdmin(java.lang.String)
+     */
+    @Override
+    public boolean isAdmin (String userId) {
+        CriteriaBuilder criteriaBuilder = entityManager.getCriteriaBuilder();
+        CriteriaQuery<Admin> query = criteriaBuilder.createQuery(Admin.class);
+
+        Root<Admin> admin = query.from(Admin.class);
+        Predicate p = criteriaBuilder.equal(admin.get(Admin_.userId), userId);
+
+        query.select(admin);
+        query.where(p);
+
+        Query q = entityManager.createQuery(query);
+        try {
+            q.getSingleResult();
+        }
+        catch (NoResultException e) {
+            return false;
+        }
+
+        return true;
+    }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/dao/DummyAdminDaoImpl.java b/full/src/main/java/de/ids_mannheim/korap/dao/DummyAdminDaoImpl.java
new file mode 100644
index 0000000..0d31885
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/dao/DummyAdminDaoImpl.java
@@ -0,0 +1,18 @@
+package de.ids_mannheim.korap.dao;
+
+import de.ids_mannheim.korap.user.User;
+
+public class DummyAdminDaoImpl implements AdminDao {
+
+    @Override
+    public void addAccount (User user) {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public boolean isAdmin (String userId) {
+        return false;
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
index 4abb92b..aa05d5d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDao.java
@@ -1,119 +1,24 @@
 package de.ids_mannheim.korap.oauth2.dao;
 
-import java.time.ZoneId;
 import java.time.ZonedDateTime;
 import java.util.List;
 import java.util.Set;
 
-import javax.persistence.EntityManager;
-import javax.persistence.PersistenceContext;
-import javax.persistence.Query;
-import javax.persistence.criteria.CriteriaBuilder;
-import javax.persistence.criteria.CriteriaQuery;
-import javax.persistence.criteria.Predicate;
-import javax.persistence.criteria.Root;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Repository;
-import org.springframework.transaction.annotation.Transactional;
-
-import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.oauth2.entity.AccessScope;
 import de.ids_mannheim.korap.oauth2.entity.Authorization;
-import de.ids_mannheim.korap.oauth2.entity.Authorization_;
-import de.ids_mannheim.korap.oauth2.interfaces.AuthorizationDaoInterface;
-import de.ids_mannheim.korap.utils.ParameterChecker;
 
-@Transactional
-@Repository
-public class AuthorizationDao implements AuthorizationDaoInterface {
+public interface AuthorizationDao {
 
-    @PersistenceContext
-    private EntityManager entityManager;
-    @Autowired
-    private FullConfiguration config;
-    
     public Authorization storeAuthorizationCode (String clientId, String userId,
             String code, Set<AccessScope> scopes, String redirectURI,
-            ZonedDateTime authenticationTime, String nonce)
-            throws KustvaktException {
-        ParameterChecker.checkStringValue(clientId, "client_id");
-        ParameterChecker.checkStringValue(userId, "userId");
-        ParameterChecker.checkStringValue(code, "authorization code");
-        ParameterChecker.checkCollection(scopes, "scopes");
-        ParameterChecker.checkObjectValue(authenticationTime,
-                "user authentication time");
-
-        Authorization authorization = new Authorization();
-        authorization.setCode(code);
-        authorization.setClientId(clientId);
-        authorization.setUserId(userId);
-        authorization.setScopes(scopes);
-        authorization.setRedirectURI(redirectURI);
-        authorization.setUserAuthenticationTime(authenticationTime);
-        authorization.setNonce(nonce);
-        
-        ZonedDateTime now =
-                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
-        authorization.setCreatedDate(now);
-        authorization.setExpiryDate(
-                now.plusSeconds(config.getAuthorizationCodeExpiry()));
-
-        entityManager.persist(authorization);
-        // what if unique fails
-        return authorization;
-    }
-
+            ZonedDateTime authenticationTime, String nonce) throws KustvaktException;
+    
     public Authorization retrieveAuthorizationCode (String code)
-            throws KustvaktException {
-        ParameterChecker.checkStringValue(code, "code");
-
-        CriteriaBuilder builder = entityManager.getCriteriaBuilder();
-        CriteriaQuery<Authorization> query =
-                builder.createQuery(Authorization.class);
-        Root<Authorization> root = query.from(Authorization.class);
-
-        Predicate restrictions =
-                builder.equal(root.get(Authorization_.code), code);
-
-        query.select(root);
-        query.where(restrictions);
-        Query q = entityManager.createQuery(query);
-        try {
-            return (Authorization) q.getSingleResult();
-        }
-        catch (Exception e) {
-            throw new KustvaktException(StatusCodes.INVALID_AUTHORIZATION,
-                    "Invalid authorization: " + e.getMessage(),
-                    OAuth2Error.INVALID_REQUEST);
-        }
-    }
-
+            throws KustvaktException;
+    
     public Authorization updateAuthorization (Authorization authorization)
-            throws KustvaktException {
-        ParameterChecker.checkObjectValue(authorization, "authorization");
-        authorization = entityManager.merge(authorization);
-        return authorization;
-    }
+            throws KustvaktException;
 
-    @SuppressWarnings("unchecked")
-    @Override
-    public List<Authorization> retrieveAuthorizationsByClientId (String clientId) {
-        CriteriaBuilder builder = entityManager.getCriteriaBuilder();
-        CriteriaQuery<Authorization> query =
-                builder.createQuery(Authorization.class);
-        Root<Authorization> root = query.from(Authorization.class);
-
-        Predicate restrictions =
-                builder.equal(root.get(Authorization_.clientId), clientId);
-
-        query.select(root);
-        query.where(restrictions);
-        Query q = entityManager.createQuery(query);
-        return q.getResultList();
-    }
+    public List<Authorization> retrieveAuthorizationsByClientId (String clientId);
 }
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java
new file mode 100644
index 0000000..538c655
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationDaoImpl.java
@@ -0,0 +1,118 @@
+package de.ids_mannheim.korap.oauth2.dao;
+
+import java.time.ZoneId;
+import java.time.ZonedDateTime;
+import java.util.List;
+import java.util.Set;
+
+import javax.persistence.EntityManager;
+import javax.persistence.PersistenceContext;
+import javax.persistence.Query;
+import javax.persistence.criteria.CriteriaBuilder;
+import javax.persistence.criteria.CriteriaQuery;
+import javax.persistence.criteria.Predicate;
+import javax.persistence.criteria.Root;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.FullConfiguration;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
+import de.ids_mannheim.korap.oauth2.entity.AccessScope;
+import de.ids_mannheim.korap.oauth2.entity.Authorization;
+import de.ids_mannheim.korap.oauth2.entity.Authorization_;
+import de.ids_mannheim.korap.utils.ParameterChecker;
+
+@Transactional
+@Repository
+public class AuthorizationDaoImpl implements AuthorizationDao {
+
+    @PersistenceContext
+    private EntityManager entityManager;
+    @Autowired
+    private FullConfiguration config;
+    
+    public Authorization storeAuthorizationCode (String clientId, String userId,
+            String code, Set<AccessScope> scopes, String redirectURI,
+            ZonedDateTime authenticationTime, String nonce)
+            throws KustvaktException {
+        ParameterChecker.checkStringValue(clientId, "client_id");
+        ParameterChecker.checkStringValue(userId, "userId");
+        ParameterChecker.checkStringValue(code, "authorization code");
+        ParameterChecker.checkCollection(scopes, "scopes");
+        ParameterChecker.checkObjectValue(authenticationTime,
+                "user authentication time");
+
+        Authorization authorization = new Authorization();
+        authorization.setCode(code);
+        authorization.setClientId(clientId);
+        authorization.setUserId(userId);
+        authorization.setScopes(scopes);
+        authorization.setRedirectURI(redirectURI);
+        authorization.setUserAuthenticationTime(authenticationTime);
+        authorization.setNonce(nonce);
+        
+        ZonedDateTime now =
+                ZonedDateTime.now(ZoneId.of(Attributes.DEFAULT_TIME_ZONE));
+        authorization.setCreatedDate(now);
+        authorization.setExpiryDate(
+                now.plusSeconds(config.getAuthorizationCodeExpiry()));
+
+        entityManager.persist(authorization);
+        // what if unique fails
+        return authorization;
+    }
+
+    public Authorization retrieveAuthorizationCode (String code)
+            throws KustvaktException {
+        ParameterChecker.checkStringValue(code, "code");
+
+        CriteriaBuilder builder = entityManager.getCriteriaBuilder();
+        CriteriaQuery<Authorization> query =
+                builder.createQuery(Authorization.class);
+        Root<Authorization> root = query.from(Authorization.class);
+
+        Predicate restrictions =
+                builder.equal(root.get(Authorization_.code), code);
+
+        query.select(root);
+        query.where(restrictions);
+        Query q = entityManager.createQuery(query);
+        try {
+            return (Authorization) q.getSingleResult();
+        }
+        catch (Exception e) {
+            throw new KustvaktException(StatusCodes.INVALID_AUTHORIZATION,
+                    "Invalid authorization: " + e.getMessage(),
+                    OAuth2Error.INVALID_REQUEST);
+        }
+    }
+
+    public Authorization updateAuthorization (Authorization authorization)
+            throws KustvaktException {
+        ParameterChecker.checkObjectValue(authorization, "authorization");
+        authorization = entityManager.merge(authorization);
+        return authorization;
+    }
+
+    @SuppressWarnings("unchecked")
+    @Override
+    public List<Authorization> retrieveAuthorizationsByClientId (String clientId) {
+        CriteriaBuilder builder = entityManager.getCriteriaBuilder();
+        CriteriaQuery<Authorization> query =
+                builder.createQuery(Authorization.class);
+        Root<Authorization> root = query.from(Authorization.class);
+
+        Predicate restrictions =
+                builder.equal(root.get(Authorization_.clientId), clientId);
+
+        query.select(root);
+        query.where(restrictions);
+        Query q = entityManager.createQuery(query);
+        return q.getResultList();
+    }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
similarity index 93%
rename from full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java
rename to full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
index ee2b130..ed848bc 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/AuthorizationCacheDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/dao/CachedAuthorizationDaoImpl.java
@@ -17,17 +17,16 @@
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.oauth2.entity.AccessScope;
 import de.ids_mannheim.korap.oauth2.entity.Authorization;
-import de.ids_mannheim.korap.oauth2.interfaces.AuthorizationDaoInterface;
 import de.ids_mannheim.korap.utils.ParameterChecker;
 import net.sf.ehcache.Element;
 
-public class AuthorizationCacheDao extends KustvaktCacheable
-        implements AuthorizationDaoInterface {
+public class CachedAuthorizationDaoImpl extends KustvaktCacheable
+        implements AuthorizationDao {
 
     @Autowired
     private FullConfiguration config;
 
-    public AuthorizationCacheDao () {
+    public CachedAuthorizationDaoImpl () {
         super("authorization", "key:authorization");
     }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/interfaces/AuthorizationDaoInterface.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/interfaces/AuthorizationDaoInterface.java
deleted file mode 100644
index 8dcde58..0000000
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/interfaces/AuthorizationDaoInterface.java
+++ /dev/null
@@ -1,24 +0,0 @@
-package de.ids_mannheim.korap.oauth2.interfaces;
-
-import java.time.ZonedDateTime;
-import java.util.List;
-import java.util.Set;
-
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.oauth2.entity.AccessScope;
-import de.ids_mannheim.korap.oauth2.entity.Authorization;
-
-public interface AuthorizationDaoInterface {
-
-    public Authorization storeAuthorizationCode (String clientId, String userId,
-            String code, Set<AccessScope> scopes, String redirectURI,
-            ZonedDateTime authenticationTime, String nonce) throws KustvaktException;
-    
-    public Authorization retrieveAuthorizationCode (String code)
-            throws KustvaktException;
-    
-    public Authorization updateAuthorization (Authorization authorization)
-            throws KustvaktException;
-
-    public List<Authorization> retrieveAuthorizationsByClientId (String clientId);
-}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/DummyOAuth2ScopeServiceImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/DummyOAuth2ScopeServiceImpl.java
new file mode 100644
index 0000000..4cafce0
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/DummyOAuth2ScopeServiceImpl.java
@@ -0,0 +1,54 @@
+package de.ids_mannheim.korap.oauth2.service;
+
+import java.util.Collection;
+import java.util.Set;
+
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope;
+import de.ids_mannheim.korap.oauth2.entity.AccessScope;
+import de.ids_mannheim.korap.security.context.TokenContext;
+
+public class DummyOAuth2ScopeServiceImpl implements OAuth2ScopeService {
+
+    @Override
+    public Set<AccessScope> convertToAccessScope (Collection<String> scopes)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public String convertAccessScopesToString (Set<AccessScope> scopes) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public Set<String> convertAccessScopesToStringSet (
+            Set<AccessScope> scopes) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public Set<String> filterScopes (Set<String> scopes,
+            Set<String> defaultScopes) {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+    @Override
+    public void verifyScope (TokenContext context, OAuth2Scope requiredScope)
+            throws KustvaktException {
+        // TODO Auto-generated method stub
+
+    }
+
+    @Override
+    public Set<AccessScope> verifyRefreshScope (Set<String> requestScopes,
+            Set<AccessScope> originalScopes) throws KustvaktException {
+        // TODO Auto-generated method stub
+        return null;
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
index a8e7106..37e89ef 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
@@ -14,10 +14,10 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
+import de.ids_mannheim.korap.oauth2.dao.AuthorizationDao;
 import de.ids_mannheim.korap.oauth2.entity.AccessScope;
 import de.ids_mannheim.korap.oauth2.entity.Authorization;
 import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
-import de.ids_mannheim.korap.oauth2.interfaces.AuthorizationDaoInterface;
 
 @Service(value = "authorizationService")
 public class OAuth2AuthorizationService {
@@ -30,7 +30,7 @@
     @Autowired
     protected OAuth2ScopeService scopeService;
     @Autowired
-    private AuthorizationDaoInterface authorizationDao;
+    private AuthorizationDao authorizationDao;
 
     @Autowired
     protected FullConfiguration config;
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index f077e33..47dffe3 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -20,6 +20,7 @@
 import de.ids_mannheim.korap.oauth2.constant.OAuth2ClientType;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.oauth2.dao.AccessTokenDao;
+import de.ids_mannheim.korap.oauth2.dao.AuthorizationDao;
 import de.ids_mannheim.korap.oauth2.dao.OAuth2ClientDao;
 import de.ids_mannheim.korap.oauth2.dao.RefreshTokenDao;
 import de.ids_mannheim.korap.oauth2.dto.OAuth2ClientDto;
@@ -28,7 +29,6 @@
 import de.ids_mannheim.korap.oauth2.entity.Authorization;
 import de.ids_mannheim.korap.oauth2.entity.OAuth2Client;
 import de.ids_mannheim.korap.oauth2.entity.RefreshToken;
-import de.ids_mannheim.korap.oauth2.interfaces.AuthorizationDaoInterface;
 import de.ids_mannheim.korap.web.input.OAuth2ClientJson;
 
 /**
@@ -58,7 +58,7 @@
     @Autowired
     private RefreshTokenDao refreshDao;
     @Autowired
-    private AuthorizationDaoInterface authorizationDao;
+    private AuthorizationDao authorizationDao;
     @Autowired
     private AdminDao adminDao;
     @Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeService.java
index bfc35c1..46d21eb 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeService.java
@@ -1,35 +1,14 @@
 package de.ids_mannheim.korap.oauth2.service;
 
 import java.util.Collection;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
 import java.util.Set;
-import java.util.stream.Collectors;
-import java.util.stream.Stream;
 
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Service;
-
-import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.constant.TokenType;
-import de.ids_mannheim.korap.dao.AdminDao;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope;
-import de.ids_mannheim.korap.oauth2.dao.AccessScopeDao;
 import de.ids_mannheim.korap.oauth2.entity.AccessScope;
 import de.ids_mannheim.korap.security.context.TokenContext;
 
-@Service
-public class OAuth2ScopeService {
-
-    @Autowired
-    private AccessScopeDao accessScopeDao;
-
-    @Autowired
-    private AdminDao adminDao;
+public interface OAuth2ScopeService {
 
     /**
      * Converts a set of scope strings to a set of {@link AccessScope}
@@ -38,48 +17,12 @@
      * @return
      * @throws KustvaktException
      */
-    public Set<AccessScope> convertToAccessScope (Collection<String> scopes)
-            throws KustvaktException {
+    Set<AccessScope> convertToAccessScope (Collection<String> scopes)
+            throws KustvaktException;
 
-        List<AccessScope> definedScopes = accessScopeDao.retrieveAccessScopes();
-        Set<AccessScope> requestedScopes =
-                new HashSet<AccessScope>(scopes.size());
-        int index;
-        OAuth2Scope oauth2Scope = null;
-        for (String scope : scopes) {
-            try{
-                oauth2Scope = Enum.valueOf(OAuth2Scope.class, scope.toUpperCase());
-            }
-            catch (IllegalArgumentException e) {
-                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
-                        scope + " is an invalid scope",
-                        OAuth2Error.INVALID_SCOPE);
-            }
-            
-            index = definedScopes.indexOf(new AccessScope(oauth2Scope));
-            if (index == -1) {
-                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
-                        scope + " is an invalid scope",
-                        OAuth2Error.INVALID_SCOPE);
-            }
-            else {
-                requestedScopes.add(definedScopes.get(index));
-            }
-        }
-        return requestedScopes;
-    }
+    String convertAccessScopesToString (Set<AccessScope> scopes);
 
-    public String convertAccessScopesToString (Set<AccessScope> scopes) {
-        Set<String> set = convertAccessScopesToStringSet(scopes);
-        return String.join(" ", set);
-    }
-
-    public Set<String> convertAccessScopesToStringSet (
-            Set<AccessScope> scopes) {
-        Set<String> set = scopes.stream().map(scope -> scope.toString())
-                .collect(Collectors.toSet());
-        return set;
-    }
+    Set<String> convertAccessScopesToStringSet (Set<AccessScope> scopes);
 
     /**
      * Simple reduction of requested scopes, i.e. excluding any scopes
@@ -89,28 +32,10 @@
      * @param defaultScopes
      * @return accepted scopes
      */
-    public Set<String> filterScopes (Set<String> scopes,
-            Set<String> defaultScopes) {
-        Stream<String> stream = scopes.stream();
-        Set<String> filteredScopes =
-                stream.filter(scope -> defaultScopes.contains(scope))
-                        .collect(Collectors.toSet());
-        return filteredScopes;
-    }
+    Set<String> filterScopes (Set<String> scopes, Set<String> defaultScopes);
 
-    public void verifyScope (TokenContext context, OAuth2Scope requiredScope)
-            throws KustvaktException {
-        if (!adminDao.isAdmin(context.getUsername())
-                && context.getTokenType().equals(TokenType.BEARER)) {
-            Map<String, Object> parameters = context.getParameters();
-            String authorizedScope = (String) parameters.get(Attributes.SCOPE);
-            if (!authorizedScope.contains(OAuth2Scope.ALL.toString())
-                    && !authorizedScope.contains(requiredScope.toString())) {
-                throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
-                        "Scope " + requiredScope + " is not authorized");
-            }
-        }
-    }
+    void verifyScope (TokenContext context, OAuth2Scope requiredScope)
+            throws KustvaktException;
 
     /**
      * Verify scopes given in a refresh request. The scopes must not
@@ -124,16 +49,7 @@
      * @return a set of requested {@link AccessScope}
      * @throws KustvaktException
      */
-    public Set<AccessScope> verifyRefreshScope (Set<String> requestScopes,
-            Set<AccessScope> originalScopes) throws KustvaktException {
-        Set<AccessScope> requestedScopes = convertToAccessScope(requestScopes);
-        for (AccessScope scope : requestedScopes) {
-            if (!originalScopes.contains(scope)) {
-                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
-                        "Scope " + scope.getId() + " is not authorized.",
-                        OAuth2Error.INVALID_SCOPE);
-            }
-        }
-        return requestedScopes;
-    }
-}
+    Set<AccessScope> verifyRefreshScope (Set<String> requestScopes,
+            Set<AccessScope> originalScopes) throws KustvaktException;
+
+}
\ No newline at end of file
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java
new file mode 100644
index 0000000..387bf6d
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ScopeServiceImpl.java
@@ -0,0 +1,134 @@
+package de.ids_mannheim.korap.oauth2.service;
+
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.constant.TokenType;
+import de.ids_mannheim.korap.dao.AdminDao;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
+import de.ids_mannheim.korap.oauth2.constant.OAuth2Scope;
+import de.ids_mannheim.korap.oauth2.dao.AccessScopeDao;
+import de.ids_mannheim.korap.oauth2.entity.AccessScope;
+import de.ids_mannheim.korap.security.context.TokenContext;
+
+public class OAuth2ScopeServiceImpl implements OAuth2ScopeService {
+
+    @Autowired
+    private AccessScopeDao accessScopeDao;
+
+    @Autowired
+    private AdminDao adminDao;
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#convertToAccessScope(java.util.Collection)
+     */
+    @Override
+    public Set<AccessScope> convertToAccessScope (Collection<String> scopes)
+            throws KustvaktException {
+
+        List<AccessScope> definedScopes = accessScopeDao.retrieveAccessScopes();
+        Set<AccessScope> requestedScopes =
+                new HashSet<AccessScope>(scopes.size());
+        int index;
+        OAuth2Scope oauth2Scope = null;
+        for (String scope : scopes) {
+            try{
+                oauth2Scope = Enum.valueOf(OAuth2Scope.class, scope.toUpperCase());
+            }
+            catch (IllegalArgumentException e) {
+                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
+                        scope + " is an invalid scope",
+                        OAuth2Error.INVALID_SCOPE);
+            }
+            
+            index = definedScopes.indexOf(new AccessScope(oauth2Scope));
+            if (index == -1) {
+                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
+                        scope + " is an invalid scope",
+                        OAuth2Error.INVALID_SCOPE);
+            }
+            else {
+                requestedScopes.add(definedScopes.get(index));
+            }
+        }
+        return requestedScopes;
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#convertAccessScopesToString(java.util.Set)
+     */
+    @Override
+    public String convertAccessScopesToString (Set<AccessScope> scopes) {
+        Set<String> set = convertAccessScopesToStringSet(scopes);
+        return String.join(" ", set);
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#convertAccessScopesToStringSet(java.util.Set)
+     */
+    @Override
+    public Set<String> convertAccessScopesToStringSet (
+            Set<AccessScope> scopes) {
+        Set<String> set = scopes.stream().map(scope -> scope.toString())
+                .collect(Collectors.toSet());
+        return set;
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#filterScopes(java.util.Set, java.util.Set)
+     */
+    @Override
+    public Set<String> filterScopes (Set<String> scopes,
+            Set<String> defaultScopes) {
+        Stream<String> stream = scopes.stream();
+        Set<String> filteredScopes =
+                stream.filter(scope -> defaultScopes.contains(scope))
+                        .collect(Collectors.toSet());
+        return filteredScopes;
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#verifyScope(de.ids_mannheim.korap.security.context.TokenContext, de.ids_mannheim.korap.oauth2.constant.OAuth2Scope)
+     */
+    @Override
+    public void verifyScope (TokenContext context, OAuth2Scope requiredScope)
+            throws KustvaktException {
+        if (!adminDao.isAdmin(context.getUsername())
+                && context.getTokenType().equals(TokenType.BEARER)) {
+            Map<String, Object> parameters = context.getParameters();
+            String authorizedScope = (String) parameters.get(Attributes.SCOPE);
+            if (!authorizedScope.contains(OAuth2Scope.ALL.toString())
+                    && !authorizedScope.contains(requiredScope.toString())) {
+                throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
+                        "Scope " + requiredScope + " is not authorized");
+            }
+        }
+    }
+
+    /* (non-Javadoc)
+     * @see de.ids_mannheim.korap.oauth2.service.OAuth2ScopeService#verifyRefreshScope(java.util.Set, java.util.Set)
+     */
+    @Override
+    public Set<AccessScope> verifyRefreshScope (Set<String> requestScopes,
+            Set<AccessScope> originalScopes) throws KustvaktException {
+        Set<AccessScope> requestedScopes = convertToAccessScope(requestScopes);
+        for (AccessScope scope : requestedScopes) {
+            if (!originalScopes.contains(scope)) {
+                throw new KustvaktException(StatusCodes.INVALID_SCOPE,
+                        "Scope " + scope.getId() + " is not authorized.",
+                        OAuth2Error.INVALID_SCOPE);
+            }
+        }
+        return requestedScopes;
+    }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2TokenService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2TokenService.java
index 0300ee0..c18e96f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2TokenService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2TokenService.java
@@ -10,11 +10,11 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.oauth2.entity.Authorization;
 
@@ -40,7 +40,7 @@
     @Autowired
     protected FullConfiguration config;
     @Autowired
-    private AuthenticationManagerIface authenticationManager;
+    private AuthenticationManager authenticationManager;
 
     /**
      * RFC 6749:
diff --git a/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java b/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java
index 21bcc41..b18ce0c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java
+++ b/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java
@@ -1,7 +1,6 @@
 package de.ids_mannheim.korap.rewrite;
 
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
 
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.resource.rewrite.CollectionCleanRewrite;
@@ -25,6 +24,7 @@
     }
 
     public void defaultRewriteConstraints () {
+        super.defaultRewriteConstraints();
         this.addProcessor(vcRewrite);
         this.add(CollectionRewrite.class);
         // this.add(IdWriter.class);
diff --git a/full/src/main/java/de/ids_mannheim/korap/server/KustvaktLiteServer.java b/full/src/main/java/de/ids_mannheim/korap/server/KustvaktLiteServer.java
new file mode 100644
index 0000000..448d4f6
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/server/KustvaktLiteServer.java
@@ -0,0 +1,42 @@
+package de.ids_mannheim.korap.server;
+
+import java.io.File;
+import java.io.FileInputStream;
+import java.io.InputStream;
+import java.util.Properties;
+
+import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.web.KustvaktBaseServer;
+
+public class KustvaktLiteServer extends KustvaktBaseServer {
+
+    public static void main (String[] args) throws Exception {
+        KustvaktLiteServer server = new KustvaktLiteServer();
+        kargs = server.readAttributes(args);
+
+        if (kargs == null) System.exit(0);
+
+        File f = new File("kustvakt-lite.conf");
+        Properties properties = new Properties();
+        InputStream in = null;
+
+        if (!f.exists()) {
+            in = KustvaktLiteServer.class.getClassLoader()
+                    .getResourceAsStream("kustvakt-lite.conf");
+        }
+        else {
+            in = new FileInputStream(f);
+        }
+
+        properties.load(in);
+        in.close();
+        config = new KustvaktConfiguration(properties);
+
+        kargs.setSpringConfig("lite-config.xml");
+        rootPackages =
+                "de.ids_mannheim.korap.web";
+
+        server.start();
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/MailService.java b/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
index 7ad24dd..13a6969 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
@@ -17,16 +17,15 @@
 import org.springframework.mail.javamail.MimeMessagePreparator;
 import org.springframework.stereotype.Service;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.ParameterChecker;
 
 /**
  * Manages mail related services, such as sending group member
- * invitations
- * per email.
+ * invitations per email.
  * 
  * @author margaretha
  *
@@ -37,7 +36,7 @@
     private static Logger jlog = LogManager.getLogger(MailService.class);
 
     @Autowired
-    private AuthenticationManagerIface authManager;
+    private AuthenticationManager authenticationManager;
     @Autowired
     private JavaMailSender mailSender;
     @Autowired
@@ -56,7 +55,7 @@
 
             public void prepare (MimeMessage mimeMessage) throws Exception {
 
-                User invitee = authManager.getUser(inviteeName,
+                User invitee = authenticationManager.getUser(inviteeName,
                         config.getEmailAddressRetrieval());
 
                 MimeMessageHelper message = new MimeMessageHelper(mimeMessage);
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/SearchService.java b/full/src/main/java/de/ids_mannheim/korap/service/SearchService.java
index e1c8ae8..6e7c17e 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/SearchService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/SearchService.java
@@ -16,14 +16,13 @@
 
 import com.sun.jersey.core.util.MultivaluedMapImpl;
 
-import de.ids_mannheim.korap.config.FullConfiguration;
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.query.serialize.MetaQueryBuilder;
 import de.ids_mannheim.korap.query.serialize.QuerySerializer;
-import de.ids_mannheim.korap.rewrite.FullRewriteHandler;
+import de.ids_mannheim.korap.resource.rewrite.RewriteHandler;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.user.User.CorpusAccess;
 import de.ids_mannheim.korap.web.ClientsHandler;
@@ -35,13 +34,13 @@
     private static Logger jlog = LogManager.getLogger(SearchService.class);
 
     @Autowired
-    private FullConfiguration config;
+    private KustvaktConfiguration config;
 
     @Autowired
-    private AuthenticationManagerIface authManager;
+    private AuthenticationManager authenticationManager;
 
     @Autowired
-    private FullRewriteHandler rewriteHandler;
+    private RewriteHandler rewriteHandler;
 
     @Autowired
     private SearchKrill searchKrill;
@@ -59,7 +58,7 @@
     @SuppressWarnings("unchecked")
     public String serializeQuery (String q, String ql, String v, String cq,
             Integer pageIndex, Integer startPage, Integer pageLength,
-            String context, Boolean cutoff) {
+            String context, Boolean cutoff) throws KustvaktException {
         QuerySerializer ss = new QuerySerializer().setQuery(q, ql, v);
         if (cq != null) ss.setCollection(cq);
 
@@ -72,15 +71,22 @@
         meta.addEntry("cutOff", cutoff);
 
         ss.setMeta(meta.raw());
-        return ss.toJSON();
+        // return ss.toJSON();
+
+        String query = ss.toJSON();
+        query = rewriteHandler.processQuery(ss.toJSON(), null);
+        return query;
     }
 
     private User createUser (String username, HttpHeaders headers)
             throws KustvaktException {
-        User user = authManager.getUser(username);
-        authManager.setAccessAndLocation(user, headers);
-        jlog.debug("Debug: /getMatchInfo/: location=" + user.locationtoString()
-                + ", access=" + user.accesstoString());
+        User user = authenticationManager.getUser(username);
+        authenticationManager.setAccessAndLocation(user, headers);
+        if (user != null) {
+            jlog.debug(
+                    "Debug: /getMatchInfo/: location=" + user.locationtoString()
+                            + ", access=" + user.accesstoString());
+        }
         return user;
     }
 
@@ -94,9 +100,9 @@
 
     @SuppressWarnings("unchecked")
     public String search (String engine, String username, HttpHeaders headers,
-            String q, String ql, String v, String cq, Integer pageIndex,
-            Integer pageInteger, String ctx, Integer pageLength, Boolean cutoff)
-            throws KustvaktException {
+            String q, String ql, String v, String cq, Set<String> fields,
+            Integer pageIndex, Integer pageInteger, String ctx,
+            Integer pageLength, Boolean cutoff) throws KustvaktException {
 
         KustvaktConfiguration.BACKENDS eng = this.config.chooseBackend(engine);
         User user = createUser(username, headers);
@@ -107,6 +113,8 @@
 
         MetaQueryBuilder meta = createMetaQuery(pageIndex, pageInteger, ctx,
                 pageLength, cutoff);
+        if (fields != null && !fields.isEmpty())
+            meta.addEntry("fields", fields);
         serializer.setMeta(meta.raw());
 
         // There is an error in query processing
@@ -115,7 +123,8 @@
             throw new KustvaktException(serializer.toJSON());
         }
 
-        String query = this.rewriteHandler.processQuery(serializer.toJSON(), user);
+        String query =
+                this.rewriteHandler.processQuery(serializer.toJSON(), user);
         jlog.info("the serialized query " + query);
 
         String result;
@@ -125,7 +134,7 @@
         else {
             result = searchKrill.search(query);
         }
-//        jlog.debug("Query result: " + result);
+        // jlog.debug("Query result: " + result);
         return result;
 
     }
@@ -167,25 +176,26 @@
     public String retrieveMatchInfo (String corpusId, String docId,
             String textId, String matchId, Set<String> foundries,
             String username, HttpHeaders headers, Set<String> layers,
-            boolean spans) throws KustvaktException {
+            boolean spans, boolean highlights) throws KustvaktException {
         String matchid =
                 searchKrill.getMatchId(corpusId, docId, textId, matchId);
 
         User user = createUser(username, headers);
-        CorpusAccess corpusAccess = user.getCorpusAccess();
-        Pattern p;
-        switch (corpusAccess) {
-            case PUB:
-                p = config.getPublicLicensePattern();
-                break;
-            case ALL:
-                p = config.getAllLicensePattern();
-                break;
-            default: // FREE
-                p = config.getFreeLicensePattern();
-                break;
+        Pattern p = null;
+        if (user != null) {
+            CorpusAccess corpusAccess = user.getCorpusAccess();
+            switch (corpusAccess) {
+                case PUB:
+                    p = config.getPublicLicensePattern();
+                    break;
+                case ALL:
+                    p = config.getAllLicensePattern();
+                    break;
+                default: // FREE
+                    p = config.getFreeLicensePattern();
+                    break;
+            }
         }
-
         boolean match_only = foundries == null || foundries.isEmpty();
         String results;
         try {
@@ -206,7 +216,7 @@
                 }
 
                 results = searchKrill.getMatch(matchid, foundryList, layerList,
-                        spans, false, true, p);
+                        spans, highlights, true, p);
             }
             else {
                 results = searchKrill.getMatch(matchid, p);
@@ -226,7 +236,7 @@
         String textSigle = searchKrill.getTextSigle(corpusId, docId, textId);
         return searchKrill.getFields(textSigle);
     }
-    
+
     public String getCollocationBase (String query) throws KustvaktException {
         return graphDBhandler.getResponse("distCollo", "q", query);
     }
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
index 304cb6a..ed0d30d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
@@ -29,6 +29,7 @@
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ResourceFilters;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.authentication.http.AuthorizationData;
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
@@ -38,7 +39,6 @@
 import de.ids_mannheim.korap.constant.TokenType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
@@ -83,7 +83,7 @@
             LogManager.getLogger(AuthenticationController.class);
 
     @Autowired
-    private AuthenticationManagerIface controller;
+    private AuthenticationManager controller;
 
     //    private SendMail mail;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
index 41e5e2c..e65ae07 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
@@ -96,15 +96,14 @@
         TokenContext ctx = (TokenContext) securityContext.getUserPrincipal();
         try {
             scopeService.verifyScope(ctx, OAuth2Scope.SERIALIZE_QUERY);
+            String result = searchService.serializeQuery(q, ql, v, cq,
+                    pageIndex, startPage, pageLength, context, cutoff);
+            jlog.debug("Query: " + result);
+            return Response.ok(result).build();
         }
         catch (KustvaktException e) {
-            kustvaktResponseHandler.throwit(e);
+            throw kustvaktResponseHandler.throwit(e);
         }
-
-        String result = searchService.serializeQuery(q, ql, v, cq, pageIndex,
-                startPage, pageLength, context, cutoff);
-        jlog.debug("Query: " + result);
-        return Response.ok(result).build();
     }
 
     @POST
@@ -136,6 +135,7 @@
             @QueryParam("count") Integer pageLength,
             @QueryParam("offset") Integer pageIndex,
             @QueryParam("page") Integer pageInteger,
+            @QueryParam("fields") Set<String> fields,
             @QueryParam("cq") String cq, @QueryParam("engine") String engine) {
 
         TokenContext context =
@@ -145,7 +145,7 @@
         try {
             scopeService.verifyScope(context, OAuth2Scope.SEARCH);
             result = searchService.search(engine, context.getUsername(),
-                    headers, q, ql, v, cq, pageIndex, pageInteger, ctx,
+                    headers, q, ql, v, cq, fields, pageIndex, pageInteger, ctx,
                     pageLength, cutoff);
         }
         catch (KustvaktException e) {
@@ -165,16 +165,19 @@
             @PathParam("matchId") String matchId,
             @QueryParam("foundry") Set<String> foundries,
             @QueryParam("layer") Set<String> layers,
-            @QueryParam("spans") Boolean spans) throws KustvaktException {
+            @QueryParam("spans") Boolean spans, 
+            // Highlights may also be a list of valid highlight classes
+            @QueryParam("hls") Boolean highlights) throws KustvaktException {
 
         TokenContext tokenContext = (TokenContext) ctx.getUserPrincipal();
         scopeService.verifyScope(tokenContext, OAuth2Scope.MATCH_INFO);
         spans = spans != null ? spans : false;
+        highlights = highlights != null ? highlights : false;
         if (layers == null || layers.isEmpty()) layers = new HashSet<>();
 
         String results = searchService.retrieveMatchInfo(corpusId, docId,
                 textId, matchId, foundries, tokenContext.getUsername(), headers,
-                layers, spans);
+                layers, spans, highlights);
         return Response.ok(results).build();
     }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
index e181b47..f44fb3f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
@@ -36,12 +36,12 @@
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ResourceFilters;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.Scopes;
 import de.ids_mannheim.korap.config.URIParam;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.KorAPUser;
 import de.ids_mannheim.korap.user.User;
@@ -76,7 +76,7 @@
 
     private static Logger jlog = LogManager.getLogger(UserController.class);
     @Autowired
-    private AuthenticationManagerIface controller;
+    private AuthenticationManager controller;
 
     private @Context UriInfo info;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index 7e1a88b..2738a3b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -8,25 +8,22 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-import com.sun.jersey.api.client.ClientResponse.Status;
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ContainerRequestFilter;
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.authentication.http.AuthorizationData;
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.constant.AuthenticationMethod;
 import de.ids_mannheim.korap.dao.AdminDao;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.KustvaktContext;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.utils.StringUtils;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
 
 /**
@@ -43,7 +40,7 @@
     @Autowired
     private AdminDao adminDao;
     @Autowired
-    private AuthenticationManagerIface authManager;
+    private AuthenticationManager authenticationManager;
 
     @Autowired
     private KustvaktResponseHandler kustvaktResponseHandler;
@@ -72,7 +69,7 @@
         attributes.put(Attributes.USER_AGENT, agent);
         try {
             // EM: fix me: AuthenticationType based on header value
-            User user = authManager.authenticate(AuthenticationMethod.LDAP,
+            User user = authenticationManager.authenticate(AuthenticationMethod.LDAP,
                     data.getUsername(), data.getPassword(), attributes);
             if (!adminDao.isAdmin(user.getUsername())) {
                 throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
index 57d232d..d0e4562 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
@@ -10,12 +10,12 @@
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.authentication.http.AuthorizationData;
 import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.constant.TokenType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.KustvaktContext;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.utils.TimeUtils;
@@ -35,7 +35,7 @@
     private HttpAuthorizationHandler authorizationHandler;
 
     @Autowired
-    private AuthenticationManagerIface authenticationManager;
+    private AuthenticationManager authenticationManager;
 
     @Autowired
     private KustvaktResponseHandler kustvaktResponseHandler;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
index e5e838a..e546c12 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
@@ -1,17 +1,6 @@
 package de.ids_mannheim.korap.web.filter;
 
-import com.sun.jersey.spi.container.ContainerRequest;
-import com.sun.jersey.spi.container.ContainerRequestFilter;
-import com.sun.jersey.spi.container.ContainerResponseFilter;
-import com.sun.jersey.spi.container.ResourceFilter;
-import de.ids_mannheim.korap.config.BeansFactory;
-import de.ids_mannheim.korap.config.KustvaktConfiguration;
-import de.ids_mannheim.korap.constant.TokenType;
-import de.ids_mannheim.korap.security.context.KustvaktContext;
-import de.ids_mannheim.korap.security.context.TokenContext;
-import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.utils.TimeUtils;
-import de.ids_mannheim.korap.web.CoreResponseHandler;
+import java.security.Principal;
 
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.UriInfo;
@@ -20,11 +9,20 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-import java.security.Principal;
+import com.sun.jersey.spi.container.ContainerRequest;
+import com.sun.jersey.spi.container.ContainerRequestFilter;
+import com.sun.jersey.spi.container.ContainerResponseFilter;
+import com.sun.jersey.spi.container.ResourceFilter;
+
+import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.constant.TokenType;
+import de.ids_mannheim.korap.security.context.KustvaktContext;
+import de.ids_mannheim.korap.security.context.TokenContext;
+import de.ids_mannheim.korap.user.User;
+import de.ids_mannheim.korap.utils.TimeUtils;
 
 /**
  * Created by hanl on 7/15/14.
- * EM: why would we need this?
  */
 @Provider
 @Component
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
index 4567896..122f717 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
@@ -28,9 +28,9 @@
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
+import de.ids_mannheim.korap.authentication.AuthenticationManager;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.user.UserSettings;
@@ -52,7 +52,7 @@
     public static boolean ENABLED = false;
     private Map<String, String> customVars;
     @Autowired
-    private AuthenticationManagerIface controller;
+    private AuthenticationManager authenticationManager;
 
 
     public PiwikFilter () {
@@ -133,12 +133,14 @@
             try {
                 TokenContext context = (TokenContext) request
                         .getUserPrincipal();
-                // since this is cached, not very expensive!
-                User user = controller.getUser(context.getUsername());
-                Userdata data = controller
-                        .getUserData(user, UserSettings.class);
-                if ((Boolean) data.get(Attributes.COLLECT_AUDITING_DATA))
-                    customVars.put("username", context.getUsername());
+                if (context.getUsername() != null){
+                    // since this is cached, not very expensive!
+                    User user = authenticationManager.getUser(context.getUsername());
+                    Userdata data = authenticationManager
+                            .getUserData(user, UserSettings.class);
+                    if ((Boolean) data.get(Attributes.COLLECT_AUDITING_DATA))
+                        customVars.put("username", context.getUsername());
+                }
             }
             catch (KustvaktException | UnsupportedOperationException e) {
                 //do nothing
diff --git a/full/src/main/resources/db/lite-sqlite/V1__annotation_tables.sql b/full/src/main/resources/db/lite-sqlite/V1__annotation_tables.sql
new file mode 100644
index 0000000..b0299d1
--- /dev/null
+++ b/full/src/main/resources/db/lite-sqlite/V1__annotation_tables.sql
@@ -0,0 +1,53 @@
+CREATE TABLE IF NOT EXISTS annotation(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	code VARCHAR(20) NOT NULL,
+	type VARCHAR(20) NOT NULL,
+	text VARCHAR(20) NULL,
+	description VARCHAR(100) NOT NULL,
+	de_description VARCHAR(100)
+);
+
+CREATE UNIQUE INDEX annotation_index ON annotation (code, type);
+
+CREATE TABLE IF NOT EXISTS annotation_layer(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	foundry_id INTEGER NOT NULL,
+	layer_id INTEGER NOT NULL,
+	description VARCHAR(255) NOT NULL,
+	FOREIGN KEY (foundry_id)
+		REFERENCES annotation (id)
+		ON DELETE CASCADE,
+	FOREIGN KEY (layer_id)
+		REFERENCES annotation (id)
+		ON DELETE CASCADE
+);
+
+CREATE UNIQUE INDEX annotation_layer_index ON annotation_layer (foundry_id, layer_id);
+
+CREATE TABLE IF NOT EXISTS annotation_key(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	layer_id INTEGER NOT NULL,
+	key_id INTEGER NOT NULL,
+	FOREIGN KEY (layer_id)
+		REFERENCES annotation_layer (id)
+		ON DELETE CASCADE,
+	FOREIGN KEY (key_id)
+		REFERENCES annotation (id)
+		ON DELETE CASCADE
+);
+
+CREATE UNIQUE INDEX annotation_key_index ON annotation_key (layer_id, key_id);
+
+CREATE TABLE IF NOT EXISTS annotation_value(
+	id INTEGER PRIMARY KEY AUTOINCREMENT,
+	key_id INTEGER NOT NULL,
+	value_id INTEGER NOT NULL,
+	FOREIGN KEY (key_id)
+		REFERENCES annotation_key (id)
+		ON DELETE CASCADE,
+	FOREIGN KEY (key_id)
+		REFERENCES annotation (id)
+		ON DELETE CASCADE
+);
+
+CREATE UNIQUE INDEX annotation_value_index ON annotation_value (key_id, value_id);
diff --git a/full/src/main/resources/db/mysql/V0.1__userdatabase.sql b/full/src/main/resources/db/mysql/V0.1__userdatabase.sql
deleted file mode 100644
index c069b6e..0000000
--- a/full/src/main/resources/db/mysql/V0.1__userdatabase.sql
+++ /dev/null
@@ -1,76 +0,0 @@
-
--- rename all columns in new way!
-CREATE TABLE IF NOT EXISTS korap_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    username VARCHAR(100) NOT NULL UNIQUE,
-    password VARCHAR(100) NOT NULL,
-    account_lock boolean NOT NULL,
-    account_creation BIGINT NOT NULL,
-    type INTEGER DEFAULT 0,
-    uri_fragment VARCHAR(100),
-    uri_expiration BIGINT,
-    loginSuccess INTEGER,
-    loginFailed INTEGER,
-    account_link VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS admin_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    user_id INTEGER NOT NULL,
-    foreign key (user_id)
-    references korap_users (id)
-);
-
-CREATE TABLE IF NOT EXISTS shib_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    username VARCHAR(100) NOT NULL UNIQUE,
-    account_creation BIGINT NOT NULL,
-    type INTEGER DEFAULT 1,
-    loginSuccess INTEGER,
-    loginFailed INTEGER,
-    account_link VARCHAR(100)
-);
-
-
-CREATE TABLE IF NOT EXISTS user_details (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-user_id INTEGER UNIQUE NOT NULL,
-data BLOB NOT NULL
-);
-
-CREATE TABLE IF NOT EXISTS user_settings (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-user_id INTEGER UNIQUE NOT NULL,
-data BLOB NOT NULL
-);
-
--- deprecated
-CREATE OR REPLACE VIEW allusers AS
-    SELECT
-        id,
-        username,
-        password,
-        account_lock,
-        account_creation,
-        type,
-        uri_fragment,
-        uri_expiration,
-        loginSuccess,
-        loginFailed,
-        account_link
-    from
-        korap_users
-    UNION ALL SELECT
-        id,
-        username,
-        NULL as password,
-        NULL as account_lock,
-        account_creation,
-        type,
-        NULL as uri_fragment,
-        NULL as uri_expiration,
-        loginSuccess,
-        loginFailed,
-        account_link
-    from
-        shib_users;
diff --git a/full/src/main/resources/db/mysql/V0.2__resourcesdatabase.sql b/full/src/main/resources/db/mysql/V0.2__resourcesdatabase.sql
deleted file mode 100644
index cc2afa3..0000000
--- a/full/src/main/resources/db/mysql/V0.2__resourcesdatabase.sql
+++ /dev/null
@@ -1,61 +0,0 @@
--- why unsigned?
-CREATE TABLE IF NOT EXISTS resource_store (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-persistent_id VARCHAR(100) NOT NULL UNIQUE,
-name VARCHAR(100),
-description VARCHAR(300),
-parent_id Integer unsigned null,
-created BIGINT null,
-data BLOB,
-type INTEGER NOT NULL,
-creator INTEGER NOT NULL
-);
-
-CREATE TABLE IF NOT EXISTS resource_tree (
-parent_id INTEGER,
-child_id INTEGER,
-depth INTEGER,
-name_path VARCHAR(250),
-PRIMARY KEY (parent_id , child_id),
-foreign key (parent_id)
-references resource_store (id)
-on delete cascade,
-foreign key (child_id)
-references resource_store (id)
-on delete cascade
-);
-
--- deprecated
-CREATE TABLE IF NOT EXISTS user_queries (
-    id INTEGER PRIMARY KEY,
-    queryLanguage VARCHAR(100),
-    name VARCHAR(100),
-    query VARCHAR(200),
-    description VARCHAR(150),
-    foreign key (id)
-    references resource_store(id)
-    on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS coll_store (
-    id INTEGER,
-    query VARCHAR(500),
-    user_id INTEGER,
-    created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    -- is foreign key constraint valid after refactoring?
-    foreign key (id) references resource_store(id)
-    on delete cascade);
-
-
-CREATE TABLE IF NOT EXISTS matchInfo (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    user_id BIGINT NOT NULL,
-    matchInfo VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS doc_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    persistent_id VARCHAR(100) UNIQUE,
-    created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-    disabled BOOLEAN default true
-);
\ No newline at end of file
diff --git a/full/src/main/resources/db/mysql/V0.3__securitydatabase.sql b/full/src/main/resources/db/mysql/V0.3__securitydatabase.sql
deleted file mode 100644
index 5406156..0000000
--- a/full/src/main/resources/db/mysql/V0.3__securitydatabase.sql
+++ /dev/null
@@ -1,114 +0,0 @@
--- last_modified timestamp ON UPDATE CURRENT_TIMESTAMP,
-CREATE TABLE IF NOT EXISTS policy_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    target_id BIGINT NOT NULL,
-    created TIMESTAMP,
-    creator INTEGER NOT NULL,
-    posix SMALLINT NOT NULL,
-    expire BIGINT NULL,
-    enable BIGINT NULL,
-    iprange VARCHAR(200)
-);
-
-CREATE TABLE IF NOT EXISTS group_ref (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    group_id VARCHAR(100) NOT NULL,
-    policy_id INTEGER NOT NULL
-);
-
-
-CREATE TABLE IF NOT EXISTS group_store (
-    name VARCHAR(100) PRIMARY KEY,
-    description VARCHAR(200),
-    sym_use INTEGER DEFAULT -1,
-    export VARCHAR(30) DEFAULT NULL,
-    query_only VARCHAR(30) DEFAULT NULL,
-    licence INTEGER DEFAULT -1,
-    -- basically every resource we have is an academic resource, thus a non-commercial use is infered!
-    commercial BOOLEAN DEFAULT FALSE
-);
-
-CREATE TABLE IF NOT EXISTS group_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    user_id BIGINT NOT NULL,
-    -- make integer
-    group_id VARCHAR(100) NOT NULL,
-    admin BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (group_id)
-        REFERENCES group_store (name) on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS param_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    p_key VARCHAR(100) NOT NULL,
-    p_value VARCHAR(150) NOT NULL,
-    resource INTEGER DEFAULT -1,
-    pid INTEGER DEFAULT -1,
-    FOREIGN KEY (resource)
-        REFERENCES resource_store(id)
-    on delete cascade,
-    FOREIGN KEY (pid)
-        REFERENCES policy_store(id)
-    on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS param_map (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    policy_id INTEGER NOT NULL,
-    param_id INTEGER NOT NULL,
-    value VARCHAR(100) NOT NULL,
-    flag BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (param_id)
-        REFERENCES param_store (id),
-    FOREIGN KEY (policy_id)
-        REFERENCES policy_store (id)
-);
-
-create or replace view policy_view as
-select
-    po.id as pid,
-    po.target_id as id,
-    rs.persistent_id as persistent_id,
-    rs.name as name,
-    rs.type as type,
-    c.group_id as group_id,
-    po.posix as perm,
-    po.creator as creator,
-    po.expire as expire,
-    po.enable as enable,
-    po.iprange as iprange
-from
-policy_store as po
-inner join
-group_ref as c ON c.policy_id = po.id
-inner join
-resource_store as rs ON rs.id = po.target_id
-union all select
-              - 1 as pid,
-              rs.id as id,
-              rs.persistent_id as persistent_id,
-              rs.name as name,
-              type as type,
-              'self' as group_id,
-              127 as perm,
-              creator,
-              NULL as expire,
-              rs.created as enable,
-              null as iprange
-          from
-          resource_store as rs;
-
-
-CREATE TABLE IF NOT EXISTS audit_records (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-aud_category VARCHAR(100),
-aud_target VARCHAR(100),
-aud_user VARCHAR(100),
-aud_location VARCHAR(100),
-aud_operation VARCHAR(100),
-aud_field_1 VARCHAR(400),
-aud_timestamp TIMESTAMP,
-aud_failure VARCHAR(100)
-);
-
--- foreign key constraints
diff --git a/full/src/main/resources/db/new-mysql/V1.1__create_virtual_corpus_tables.sql b/full/src/main/resources/db/mysql/V1.1__create_virtual_corpus_tables.sql
similarity index 100%
rename from full/src/main/resources/db/new-mysql/V1.1__create_virtual_corpus_tables.sql
rename to full/src/main/resources/db/mysql/V1.1__create_virtual_corpus_tables.sql
diff --git a/full/src/main/resources/db/new-mysql/V1.2__create_admin_table.sql b/full/src/main/resources/db/mysql/V1.2__create_admin_table.sql
similarity index 100%
rename from full/src/main/resources/db/new-mysql/V1.2__create_admin_table.sql
rename to full/src/main/resources/db/mysql/V1.2__create_admin_table.sql
diff --git a/full/src/main/resources/db/mysql/V1.2__oauth2_tables_mysql.sql b/full/src/main/resources/db/mysql/V1.2__oauth2_tables_mysql.sql
deleted file mode 100644
index fe75267..0000000
--- a/full/src/main/resources/db/mysql/V1.2__oauth2_tables_mysql.sql
+++ /dev/null
@@ -1,48 +0,0 @@
-
--- oauth2 db tables
-create table if not exists oauth2_client (
-client_id VARCHAR(100) UNIQUE PRIMARY KEY,
-client_secret VARCHAR(200),
-redirect_uri VARCHAR(250),
-client_type VARCHAR(200),
-is_confidential BOOLEAN DEFAULT FALSE,
-url VARCHAR(200) UNIQUE
-);
-
-
--- status 1 = valid, 0 = revoked, -1 = disabled
-create table if not exists oauth2_access_token (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-access_token VARCHAR(300),
-auth_code VARCHAR(250),
-client_id VARCHAR(100),
-user_id INTEGER,
--- make boolean --
-status INTEGER DEFAULT 1,
--- in case of code authorization, should match auth code scopes!
--- use scopes for levelaccess descriptor level[rw],level[r]
-scopes VARCHAR(350),
-expiration TIMESTAMP,
-FOREIGN KEY (user_id)
-REFERENCES korap_users(id)
-ON DELETE CASCADE,
-FOREIGN KEY (client_id)
-REFERENCES oauth2_client(client_id)
-ON DELETE CASCADE
-);
-
-
--- also scopes?
-create table if not exists oauth2_refresh_token (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-client_id VARCHAR(100),
-user_id INTEGER,
-expiration TIMESTAMP,
-scopes VARCHAR(350),
-FOREIGN KEY (user_id)
-REFERENCES korap_users(id)
-ON DELETE CASCADE,
-FOREIGN KEY (client_id)
-REFERENCES oauth2_client(client_id)
-ON DELETE CASCADE
-);
\ No newline at end of file
diff --git a/full/src/main/resources/db/mysql/V1.3__triggers.sql b/full/src/main/resources/db/mysql/V1.3__triggers.sql
index 687a10a..7bc25dd 100644
--- a/full/src/main/resources/db/mysql/V1.3__triggers.sql
+++ b/full/src/main/resources/db/mysql/V1.3__triggers.sql
@@ -1,15 +1,14 @@
--- indices
-DELIMITER $$
-create trigger delete_policy after delete on resource_store
-for each row begin
-    delete from policy_store where target_id=OLD.id;
-end; $$
+delimiter |
 
-CREATE TRIGGER tree_entry_insert AFTER INSERT ON resource_store FOR EACH ROW BEGIN
-	INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-	VALUES (NEW.id, NEW.id, 0, NEW.name);
-	INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-	SELECT parent_id, NEW.id, depth + 1, concat(name_path,"/",NEW.name) FROM resource_tree WHERE child_id = NEW.parent_id;
-END; $$
-
-DELIMITER ;
\ No newline at end of file
+CREATE TRIGGER delete_member AFTER UPDATE ON user_group
+	FOR EACH ROW 
+	BEGIN
+		UPDATE user_group_member 
+		SET status = "DELETED"
+		WHERE NEW.status = "DELETED" 
+			AND  OLD.status != "DELETED" 
+			AND group_id = NEW.id;
+	END;
+|
+	
+delimiter ;
\ No newline at end of file
diff --git a/full/src/main/resources/db/mysql/V1.4__indices.sql b/full/src/main/resources/db/mysql/V1.4__indices.sql
deleted file mode 100644
index 32a0211..0000000
--- a/full/src/main/resources/db/mysql/V1.4__indices.sql
+++ /dev/null
@@ -1,5 +0,0 @@
--- todo: are this automatically adapted when refactoring?
-CREATE INDEX group_index ON group_users(user_id, group_id);
-CREATE INDEX policy_index ON group_ref(policy_id);
-CREATE UNIQUE INDEX resource_tree_index ON resource_tree (parent_id, depth, child_id);
-CREATE UNIQUE INDEX param_unique ON param_store (p_key, p_value);
diff --git a/full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql b/full/src/main/resources/db/mysql/V1.4__oauth2_tables.sql
similarity index 100%
rename from full/src/main/resources/db/new-mysql/V1.4__oauth2_tables.sql
rename to full/src/main/resources/db/mysql/V1.4__oauth2_tables.sql
diff --git a/full/src/main/resources/db/new-mysql/V1__create_tables.sql b/full/src/main/resources/db/mysql/V1__create_tables.sql
similarity index 100%
rename from full/src/main/resources/db/new-mysql/V1__create_tables.sql
rename to full/src/main/resources/db/mysql/V1__create_tables.sql
diff --git a/full/src/main/resources/db/mysql/initial_version.sql b/full/src/main/resources/db/mysql/initial_version.sql
deleted file mode 100644
index 3bff5cc..0000000
--- a/full/src/main/resources/db/mysql/initial_version.sql
+++ /dev/null
@@ -1,326 +0,0 @@
---
----- rename all columns in new way!
---CREATE TABLE IF NOT EXISTS korapusers (
---    id INTEGER PRIMARY KEY AUTO_INCREMENT,
---    username VARCHAR(100) NOT NULL UNIQUE,
---    password VARCHAR(100) NOT NULL,
---    accountLock boolean NOT NULL,
---    accountCreation TIMESTAMP NOT NULL,
---    type INTEGER DEFAULT 0,
---    URI_PASS_Fragment VARCHAR(100),
---    URI_CONF_Fragment VARCHAR(100),
---    URI_Expiration TIMESTAMP,
---    loginSuccess INTEGER,
---    loginFailed INTEGER,
---    accountExpiration TIMESTAMP NOT NULL,
---    accountLink VARCHAR(100)
---);
---
---CREATE TABLE IF NOT EXISTS shibusers (
---    id INTEGER PRIMARY KEY AUTO_INCREMENT,
---    username VARCHAR(100) NOT NULL UNIQUE,
---    accountCreation TIMESTAMP NOT NULL,
---    type INTEGER DEFAULT 1,
---    loginSuccess INTEGER,
---    loginFailed INTEGER,
---    accountExpiration TIMESTAMP NOT NULL,
---    accountLink VARCHAR(100)
---);
---
---CREATE TABLE IF NOT EXISTS udetails (
---    Id INTEGER PRIMARY KEY AUTO_INCREMENT,
---    userID INTEGER NOT NULL UNIQUE,
---    firstName VARCHAR(100),
---    lastName VARCHAR(100),
---    gender VARCHAR(100),
---    phone VARCHAR(100),
---    institution VARCHAR(100),
---    email VARCHAR(100),
---    address VARCHAR(100),
---    country VARCHAR(100),
---    privateUsage BOOLEAN,
---    foreign key (userID)
---    references korapusers (id)
---    on delete cascade
---);
---
---CREATE TABLE IF NOT EXISTS usettings (
---    Id INTEGER PRIMARY KEY AUTO_INCREMENT,
---    userID INTEGER NOT NULL UNIQUE,
---    fileNameForExport VARCHAR(100),
---    itemForSimpleAnnotation INTEGER,
---    leftContextItemForExport VARCHAR(100),
---    leftContextSizeForExport INTEGER,
---    locale VARCHAR(100),
---    leftContextItem VARCHAR(100),
---    leftContextSize INTEGER,
---    rightContextItem VARCHAR(100),
---    rightContextItemForExport VARCHAR(100),
---    rightContextSize INTEGER,
---    rightContextSizeForExport INTEGER,
---    selectedCollection VARCHAR(100),
---    queryLanguage VARCHAR(100),
---    pageLength INTEGER,
---    metadataQueryExpertModus BOOLEAN,
---    searchSettingsTab INTEGER,
---    selectedGraphType INTEGER,
---    selectedSortType VARCHAR(100),
---    selectedViewForSearchResults VARCHAR(100),
---    POSFoundry VARCHAR(100),
---    lemmaFoundry VARCHAR(100),
---    constFoundry VARCHAR(100),
---    relFoundry VARCHAR(100),
---    collectData BOOLEAN,
---    foreign key (userID)
---    references korapusers (id)
---    on delete cascade
---);
---
---CREATE OR REPLACE VIEW allusers AS
---    SELECT
---        id,
---        username,
---        password,
---        accountLock,
---        accountCreation,
---        type,
---        URI_PASS_Fragment,
---        URI_CONF_Fragment,
---        URI_Expiration,
---        loginSuccess,
---        loginFailed,
---        accountExpiration,
---        accountLink
---    from
---        korapusers
---    UNION ALL SELECT
---        id,
---        username,
---        NULL as password,
---        NULL as accountLock,
---        accountCreation,
---        type,
---        NULL as URI_PASS_Fragment,
---        NULL as URI_CONF_Fragment,
---        NULL as URI_Expiration,
---        loginSuccess,
---        loginFailed,
---        accountExpiration,
---        accountLink
---    from
---        shibusers;
-
----- why unsigned?
---CREATE TABLE IF NOT EXISTS r_store (
---id INTEGER PRIMARY KEY AUTO_INCREMENT,
---persistent_id VARCHAR(100) NOT NULL UNIQUE,
---name VARCHAR(100),
---description VARCHAR(300),
---parent_id Integer unsigned null,
---created timestamp default current_timestamp,
---type INTEGER NOT NULL,
---creator INTEGER NOT NULL
---);
---
---CREATE TABLE IF NOT EXISTS uqueries (
---    id INTEGER PRIMARY KEY,
---    queryLanguage VARCHAR(100),
---    name VARCHAR(100),
---    query VARCHAR(200),
---    description VARCHAR(150),
---    foreign key (id)
---    references r_store(id)
---    on delete cascade
---);
-
-CREATE TABLE IF NOT EXISTS r_tree (
-parent_id INTEGER,
-child_id INTEGER,
-depth INTEGER,
-name_path VARCHAR(250),
-PRIMARY KEY (parent_id , child_id),
-foreign key (parent_id)
-references r_store (id)
-on delete cascade,
-foreign key (child_id)
-references r_store (id)
-on delete cascade
-);
-
-
-CREATE TABLE IF NOT EXISTS cstorage (
-    id INTEGER,
-    refCorpus VARCHAR(100),
-    query VARCHAR(500),
-    -- is foreign key constraint valid after refactoring?
-    foreign key (id) references r_store(id)
-    on delete cascade);
-
-
-CREATE TABLE IF NOT EXISTS matchInfo (id INTEGER PRIMARY KEY AUTO_INCREMENT, userid BIGINT NOT NULL,
-matchInfo VARCHAR(100));
-
-CREATE TABLE IF NOT EXISTS resourceRecords (
-    AUD_ID INTEGER PRIMARY KEY AUTO_INCREMENT,
-    AUD_RESOURCE VARCHAR(100),
-    AUD_USER VARCHAR(100),
-    AUD_LOC VARCHAR(100),
-    AUD_OP VARCHAR(100),
-    AUD_TIMESTAMP TIMESTAMP,
-    AUD_FAILURE VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS databaseRecords (
-    AUD_ID INTEGER PRIMARY KEY AUTO_INCREMENT,
-    AUD_TARGET VARCHAR(100),
-    AUD_USER VARCHAR(100),
-    AUD_LOC VARCHAR(100),
-    AUD_OP VARCHAR(100),
-    AUD_TIMESTAMP TIMESTAMP,
-    AUD_FAILURE VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS securityRecords (
-    AUD_ID INTEGER PRIMARY KEY AUTO_INCREMENT,
-    AUD_USER VARCHAR(100),
-    AUD_LOC VARCHAR(100),
-    AUD_OP VARCHAR(100),
-    AUD_TIMESTAMP TIMESTAMP,
-    AUD_FAILURE VARCHAR(100)
-);
-
-
---CREATE TABLE IF NOT EXISTS doc_store (
---    id INTEGER PRIMARY KEY AUTO_INCREMENT,
---    persistent_id VARCHAR(100) UNIQUE,
---    created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
---    disabled BOOLEAN default true
---);
-
--- last_modified timestamp ON UPDATE CURRENT_TIMESTAMP,
-CREATE TABLE IF NOT EXISTS p_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    target_id BIGINT NOT NULL,
-    created TIMESTAMP,
-    creator INTEGER NOT NULL,
-    posix SMALLINT NOT NULL,
-    expire TIMESTAMP NULL,
-    enable TIMESTAMP NULL,
-    iprange VARCHAR(200)
-);
-
-CREATE TABLE IF NOT EXISTS conditionDef (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    groupRef VARCHAR(100) NOT NULL,
-    policyid INTEGER NOT NULL
-);
-
-
-CREATE TABLE IF NOT EXISTS groupStore (
-    name VARCHAR(100) PRIMARY KEY,
-    description VARCHAR(200),
-    sym_use INTEGER DEFAULT -1,
-    export VARCHAR(30) DEFAULT NULL,
-    query_only VARCHAR(30) DEFAULT NULL,
-    licence INTEGER DEFAULT -1,
-    -- basically every resource we have is an academic resource, thus a non-commercial use is infered!
-    commercial BOOLEAN DEFAULT FALSE
-);
-
-CREATE TABLE IF NOT EXISTS groupUsers (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    userID BIGINT NOT NULL,
-    groupRef VARCHAR(100) NOT NULL,
-    admin BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (groupRef)
-        REFERENCES groupStore (name) on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS paramStore (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    p_key VARCHAR(100) NOT NULL,
-    p_value VARCHAR(150) NOT NULL,
-    resource INTEGER DEFAULT -1,
-    pid INTEGER DEFAULT -1,
-    FOREIGN KEY (resource)
-        REFERENCES r_store(id)
-    on delete cascade,
-    FOREIGN KEY (pid)
-        REFERENCES p_store(id)
-    on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS paramMapping (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    policyID INTEGER NOT NULL,
-    paramID INTEGER NOT NULL,
-    value VARCHAR(100) NOT NULL,
-    flag BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (paramID)
-        REFERENCES paramStore (id),
-    FOREIGN KEY (policyID)
-        REFERENCES p_store (id)
-);
-
-create or replace view p_view as
-select
-    po.id as pid,
-    po.target_id as id,
-    rs.persistent_id as persistent_id,
-    rs.name as name,
-    rs.type as type,
-    c.groupref as groupref,
-    po.posix as perm,
-    po.creator as creator,
-    po.expire as expire,
-    po.enable as enable,
-    po.iprange as iprange
-from
-p_store as po
-inner join
-conditionDef as c ON c.policyid = po.id
-inner join
-r_store as rs ON rs.id = po.target_id
-union all select
-              - 1 as pid,
-              rs.id as id,
-              rs.persistent_id as persistent_id,
-              rs.name as name,
-              type as type,
-              'self' as groupref,
-              127 as perm,
-              creator,
-              NULL as expire,
-              rs.created as enable,
-              null as iprange
-          from
-          r_store as rs;
-
-
--- indices
-create trigger delete_policy after delete on r_store
-for each row delete from p_store where target_id=OLD.id;
-
-DELIMITER //
-CREATE TRIGGER tree_entry_insert AFTER INSERT ON r_store FOR EACH ROW BEGIN
-	INSERT INTO r_tree (parent_id, child_id, depth, name_path)
-	VALUES (NEW.id, NEW.id, 0, NEW.name);
-	INSERT INTO r_tree (parent_id, child_id, depth, name_path)
-	SELECT parent_id, NEW.id, rt.depth + 1, concat(name_path,"/",NEW.name) FROM r_tree WHERE child_id = NEW.parent_id;
-END; //
-
-DELIMITER ;
-
--- todo: are this automatically adapted when refactoring?
-CREATE INDEX group_index ON groupUsers(userid);
-CREATE INDEX policy_index ON conditionDef(policyid);
-CREATE UNIQUE INDEX r_tree_index ON r_tree (parent_id, depth, child_id);
-CREATE UNIQUE INDEX para_unique ON paramStore (p_key, p_value);
-
--- foreign key constraints
-
-
-
-
-
-
diff --git a/full/src/main/resources/db/mysql/mysql_refactoring.sql b/full/src/main/resources/db/mysql/mysql_refactoring.sql
deleted file mode 100644
index 9b7cd6c..0000000
--- a/full/src/main/resources/db/mysql/mysql_refactoring.sql
+++ /dev/null
@@ -1,153 +0,0 @@
--- alter table korapusers TO korap_users;
-rename table usettings TO user_settings;
-alter table user_settings drop column itemForSimpleAnnotation;
-alter table user_settings drop column searchSettingsTab;
-alter table user_settings drop column selectedGraphType;
-alter table user_settings drop column selectedSortType;
-alter table user_settings drop column selectedViewForSearchResults;
-
-rename table udetails to user_details;
-rename table uqueries to user_queries;
-rename table korapusers to korap_users;
-rename table shibusers to shib_users;
-rename table matchInfo to match_info;
-
-alter table korap_users change column URI_PASS_Fragment uri_fragment VARCHAR(100);
-alter table korap_users change column URI_Expiration uri_expiration TIMESTAMP;
-alter table korap_users drop column URI_CONF_Fragment;
-alter table korap_users change column accountLock account_lock BOOLEAN not null default false;
-alter table korap_users change column accountCreation account_creation TIMESTAMP default CURRENT_TIMESTAMP not null;
-alter table korap_users change column accountExpiration account_expiration TIMESTAMP;
-alter table korap_users change column accountLink account_link VARCHAR(100);
-
-
-alter table shib_users change column accountCreation account_creation TIMESTAMP default CURRENT_TIMESTAMP not null;
-alter table shib_users change column accountExpiration account_expiration TIMESTAMP;
-alter table shib_users change column accountLink account_link VARCHAR(100);
-
-alter table user_details change column userID user_id INTEGER NOT NULL UNIQUE;
-
-drop view allusers;
-
-rename table r_store TO resource_store;
-rename table r_tree TO resource_tree;
-
-rename table groupStore TO group_store;
-rename table groupUsers TO group_users;
-rename table paramStore TO param_store;
-rename table paramMapping TO param_map;
-
--- todo: what about the moving of the entries?
--- rather rename than drop!
--- drop table cstorage;
--- todo: test
-rename table cstorage to coll_store;
-alter table coll_store add column (
-created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-user_id INTEGER);
-alter table coll_store drop column refCorpus;
-
-
--- do not recreate -- maintain data
---CREATE TABLE IF NOT EXISTS coll_store (
---id INTEGER PRIMARY KEY AUTO_INCREMENT,
---persistentID VARCHAR(150) UNIQUE,
---name VARCHAR(150),
---description VARCHAR(200),
---query VARCHAR(500),
---created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
---userID INTEGER,
---foreign key(userID)
---references korap_users(id)
---on delete cascade
---);
-
-
---drop table doc_trace;
---
---CREATE TABLE IF NOT EXISTS doc_store (
---id VARCHAR(230) PRIMARY KEY,
---persistent_id VARCHAR(230) UNIQUE,
---created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
---disabled BOOLEAN default true
---);
-
-
-
-rename table p_store to policy_store;
-rename table conditionDef to group_ref;
-alter table group_ref change groupRef group_id VARCHAR(100) NOT NULL;
-alter table group_ref change policyId policy_id INTEGER;
-
-drop view p_view;
-create or replace view policy_view as
-select
-    po.id as pid,
-    po.target_id as id,
-    rs.persistent_id as persistent_id,
-    rs.name as name,
-    rs.type as type,
-    c.group_id as group_id,
-    po.posix as perm,
-    po.creator as creator,
-    po.expire as expire,
-    po.enable as enable,
-    po.iprange as iprange
-from
-policy_store as po
-inner join
-group_ref as c ON c.policy_id = po.id
-inner join
-resource_store as rs ON rs.id = po.target_id
-union all select
-              - 1 as pid,
-              rs.id as id,
-              rs.persistent_id as persistent_id,
-              rs.name as name,
-              type as type,
-              'self' as groupId,
-              127 as perm,
-              creator,
-              NULL as expire,
-              rs.created as enable,
-              null as iprange
-          from
-          resource_store as rs;
-
-
-drop table resourceRecords;
-drop table databaseRecords;
-drop table securityRecords;
-
-CREATE TABLE IF NOT EXISTS audit_records (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-aud_category VARCHAR(100),
-aud_target VARCHAR(100),
-aud_user VARCHAR(100),
-aud_location VARCHAR(100),
-aud_operation VARCHAR(100),
-aud_field_1 VARCHAR(400),
-aud_timestamp TIMESTAMP,
-aud_failure VARCHAR(100)
-);
-
-
-
-drop trigger tree_entry_insert;
-
-DELIMITER //
-CREATE TRIGGER tree_entry_insert AFTER INSERT ON resource_store FOR EACH ROW BEGIN
-	INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-	VALUES (NEW.id, NEW.id, 0, NEW.name);
-	INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-	SELECT parent_id, NEW.id, depth + 1, concat(name_path,"/",NEW.name)
-	FROM resource_tree WHERE child_id = NEW.parent_id;
-END; //
-
-DELIMITER ;
-
-
-drop trigger delete_policy;
-
-create trigger delete_policy after delete on resource_store
-for each row delete from policy_store where target_id=OLD.id;
\ No newline at end of file
diff --git a/full/src/main/resources/db/mysql/mysql_schema_comp.sql b/full/src/main/resources/db/mysql/mysql_schema_comp.sql
deleted file mode 100644
index 44ec4de..0000000
--- a/full/src/main/resources/db/mysql/mysql_schema_comp.sql
+++ /dev/null
@@ -1,321 +0,0 @@
-CREATE TABLE IF NOT EXISTS korap_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    username VARCHAR(100) NOT NULL UNIQUE,
-    password VARCHAR(100) NOT NULL,
-    accountLock boolean NOT NULL,
-    accountCreation TIMESTAMP NOT NULL,
-    type INTEGER DEFAULT 0,
-    uriFragment VARCHAR(100),
-    uriExpiration TIMESTAMP,
-    accountLink VARCHAR(100)
-)$$
-
-
-CREATE TABLE IF NOT EXISTS shib_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    username VARCHAR(100) NOT NULL UNIQUE,
-    accountCreation TIMESTAMP NOT NULL,
-    type INTEGER DEFAULT 1,
-    loginSuccess INTEGER,
-    loginFailed INTEGER,
-    accountExpiration TIMESTAMP NOT NULL,
-    accountLink VARCHAR(100)
-)$$
-
-CREATE TABLE IF NOT EXISTS admin_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    user_id INTEGER NOT NULL,
-    foreign key (user_id)
-    references korap_users (id)
-)$$
-
-CREATE TABLE IF NOT EXISTS user_details (
-    Id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    userID INTEGER NOT NULL UNIQUE,
-    firstName VARCHAR(100),
-    lastName VARCHAR(100),
-    gender VARCHAR(100),
-    phone VARCHAR(100),
-    institution VARCHAR(100),
-    email VARCHAR(100),
-    address VARCHAR(100),
-    country VARCHAR(100),
-    privateUsage BOOLEAN,
-    foreign key (userId)
-    references korap_users (id)
-    on delete cascade
-)$$
-
-CREATE TABLE IF NOT EXISTS user_settings (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-userId INTEGER NOT NULL,
-fileNameForExport VARCHAR(100),
-leftContextItemForExport VARCHAR(100),
-leftContextSizeForExport INTEGER,
-locale VARCHAR(100),
-leftContextItem VARCHAR(100),
-leftContextSize INTEGER,
-rightContextItem VARCHAR(100),
-rightContextItemForExport VARCHAR(100),
-rightContextSize INTEGER,
-rightContextSizeForExport INTEGER,
-selectedCollection VARCHAR(100),
-queryLanguage VARCHAR(100),
-pageLength INTEGER,
-metadataQueryExpertModus BOOLEAN,
-POSFoundry VARCHAR(100),
-lemmaFoundry VARCHAR(100),
-constFoundry VARCHAR(100),
-relFoundry VARCHAR(100),
-collectData BOOLEAN DEFAULT TRUE,
-foreign key (userId)
-references korap_users (id)
-on delete cascade
-)$$
-
-CREATE TABLE IF NOT EXISTS user_queries (
-    id INTEGER PRIMARY KEY,
-    queryLanguage VARCHAR(100),
-    name VARCHAR(100),
-    query VARCHAR(200),
-    description VARCHAR(150),
-    foreign key (id)
-    references resource_store(id)
-    on delete cascade)$$
-
-
-CREATE TABLE IF NOT EXISTS resource_store (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-persistentID VARCHAR(100) NOT NULL UNIQUE,
-name VARCHAR(100),
-description VARCHAR(300),
-parentID Integer unsigned null,
-created timestamp default current_timestamp,
-type INTEGER NOT NULL,
-creator INTEGER NOT NULL
-)$$
-
-
-CREATE TABLE IF NOT EXISTS resource_tree (
-parentID INTEGER,
-childID INTEGER,
-depth INTEGER,
-name_path VARCHAR(250),
-PRIMARY KEY (parentID , childID),
-foreign key (parentID)
-references resource_store (id)
-on delete cascade,
-foreign key (childID)
-references resource_store (id)
-on delete cascade
-)$$
-
-
-CREATE TABLE IF NOT EXISTS coll_store (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-persistentID VARCHAR(150) UNIQUE,
-name VARCHAR(150),
-description VARCHAR(200),
-query VARCHAR(500),
-created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-userID INTEGER,
-foreign key(userID)
-references korap_users(id)
-on delete cascade
-)$$
-
-
-
-CREATE TABLE IF NOT EXISTS match_info (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-userid BIGINT NOT NULL,
-match_info VARCHAR(100)
-)$$
-
-CREATE TABLE IF NOT EXISTS audit_records (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-aud_category VARCHAR(100),
-aud_target VARCHAR(100),
-aud_user VARCHAR(100),
-aud_location VARCHAR(100),
-aud_operation VARCHAR(100),
-aud_field_1 VARCHAR(400),
-aud_timestamp TIMESTAMP,
-aud_failure VARCHAR(100)
-)$$
-
-CREATE TABLE IF NOT EXISTS doc_store (
-id VARCHAR(265) PRIMARY KEY,
-persistentID VARCHAR(265) UNIQUE,
-created TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
-disabled BOOLEAN default true
-)$$
-
--- last_modified timestamp ON UPDATE CURRENT_TIMESTAMP,
-CREATE TABLE IF NOT EXISTS policy_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    targetID BIGINT NOT NULL,
-    created TIMESTAMP,
-    creator INTEGER NOT NULL,
-    posix SMALLINT NOT NULL,
-    expire timestamp null,
-    enable timestamp not null,
-    iprange VARCHAR(200)
-)$$
-
-CREATE TABLE IF NOT EXISTS group_ref (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    groupId VARCHAR(100) NOT NULL,
-    policyid INTEGER NOT NULL
-)$$
-
-
-CREATE TABLE IF NOT EXISTS group_store (
-    name VARCHAR(100) PRIMARY KEY,
-    description VARCHAR(200),
-    sym_use INTEGER DEFAULT -1,
-    export VARCHAR(30) DEFAULT NULL,
-    query_only VARCHAR(30) DEFAULT NULL,
-    licence INTEGER DEFAULT -1,
-    -- basically every resource we have is an academic resource, thus a non-commercial use is infered!
-    commercial BOOLEAN DEFAULT FALSE
-)$$
-
-CREATE TABLE IF NOT EXISTS group_users (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    userID BIGINT NOT NULL,
-    groupId VARCHAR(100) NOT NULL,
-    admin BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (groupId)
-        REFERENCES groupStore (name) on delete cascade
-)$$
-
-CREATE TABLE IF NOT EXISTS param_store (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    p_key VARCHAR(100) NOT NULL,
-    p_value VARCHAR(150) NOT NULL,
-    resource INTEGER DEFAULT -1,
-    pid INTEGER DEFAULT -1,
-    FOREIGN KEY (resource)
-        REFERENCES resource_store(id)
-    on delete cascade,
-    FOREIGN KEY (pid)
-        REFERENCES policy_store(id)
-    on delete cascade
-)$$
-
-CREATE TABLE IF NOT EXISTS param_map (
-    id INTEGER PRIMARY KEY AUTO_INCREMENT,
-    policyID INTEGER NOT NULL,
-    paramID INTEGER NOT NULL,
-    value VARCHAR(100) NOT NULL,
-    flag BOOLEAN NOT NULL DEFAULT FALSE,
-    FOREIGN KEY (paramID)
-        REFERENCES param_store (id),
-    FOREIGN KEY (policyID)
-        REFERENCES policy_store (id)
-)$$
-
-create or replace view policy_view as
-select
-    po.id as pid,
-    po.targetID as id,
-    rs.persistentID as persistentID,
-    rs.name as name,
-    rs.type as type,
-    c.groupId as groupId,
-    po.posix as perm,
-    po.creator as creator,
-    po.expire as expire,
-    po.enable as enable,
-    po.iprange as iprange    
-from
-policy_store as po
-inner join
-group_ref as c ON c.policyid = po.id
-inner join
-resource_store as rs ON rs.id = po.targetid
-union all select
-              - 1 as pid,
-              rs.id as id,
-              rs.persistentID as persistentID,
-              rs.name as name,
-              type as type,
-              'self' as groupId,
-              127 as perm,
-              creator,              
-              NULL as expire,
-              rs.created as enable,
-              null as iprange
-          from
-          resource_store as rs$$
-
-
-
--- oauth2 db tables
-create table oauth2_client (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-client_id VARCHAR(100),
-client_secret VARCHAR(200),
-redirect_uri VARCHAR(250),
-client_type VARCHAR(200),
-native BOOLEAN DEFAULT FALSE,
-url VARCHAR(200) UNIQUE
-)$$
-
-create table oauth2_auth_codes (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-client_id VARCHAR(100),
-auth_code VARCHAR(250),
-status INTEGER DEFAULT 1,
-scopes VARCHAR (150),
-created TIMESTAMP DEFAULT CURRENT_TIMESTAMP
-)$$
-
-create table oauth2_client_authorization (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-client_id INTEGER,
-user_id INTEGER,
--- define scopes?! --
-FOREIGN KEY (client_id) REFERENCES oauth2_client(client_id)
-)$$
-
--- status 1 = valid, 0 = revoked
-create table oauth2_access_token (
-id INTEGER PRIMARY KEY AUTO_INCREMENT,
-access_token VARCHAR(300),
-auth_code VARCHAR(250),
-userId INTEGER,
-status INTEGER DEFAULT 1,
-expiration TIMESTAMP,
-FOREIGN KEY (userId)
-REFERENCES korap_users(id)
-)$$
-
-
-
--- indices
-create trigger delete_policy after delete on resource_store
-for each row delete from policy_store where targetID=OLD.id$$
-
-CREATE TRIGGER insert_data AFTER INSERT ON resource_store FOR EACH ROW BEGIN
-	INSERT INTO resource_tree (parentID, childID, depth, name_path)
-	VALUES (NEW.id, NEW.id, 0, NEW.name);
-	INSERT INTO resource_tree (parentID, childID, depth, name_path)
-	SELECT parentID, NEW.id, depth + 1, concat(name_path,"/",NEW.name) FROM resource_tree WHERE childID = NEW.parentID;
-END$$
-
-CREATE INDEX group_index ON group_users(userid)$$
-CREATE INDEX policy_index ON group_ref(policyid)$$
-CREATE UNIQUE INDEX resource_tree_index on resource_tree (parentID, depth, childID)$$
-CREATE UNIQUE INDEX para_unique ON param_store (p_key, p_value)$$
-
-
-
-
-
-
-
-
-
-
diff --git a/full/src/main/resources/db/new-mysql/V1.3__triggers.sql b/full/src/main/resources/db/new-mysql/V1.3__triggers.sql
deleted file mode 100644
index 7bc25dd..0000000
--- a/full/src/main/resources/db/new-mysql/V1.3__triggers.sql
+++ /dev/null
@@ -1,14 +0,0 @@
-delimiter |
-
-CREATE TRIGGER delete_member AFTER UPDATE ON user_group
-	FOR EACH ROW 
-	BEGIN
-		UPDATE user_group_member 
-		SET status = "DELETED"
-		WHERE NEW.status = "DELETED" 
-			AND  OLD.status != "DELETED" 
-			AND group_id = NEW.id;
-	END;
-|
-	
-delimiter ;
\ No newline at end of file
diff --git a/full/src/main/resources/db/new-sqlite/V1.1__create_virtual_corpus_tables.sql b/full/src/main/resources/db/sqlite/V1.1__create_virtual_corpus_tables.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1.1__create_virtual_corpus_tables.sql
rename to full/src/main/resources/db/sqlite/V1.1__create_virtual_corpus_tables.sql
diff --git a/full/src/main/resources/db/new-sqlite/V1.2__triggers.sql b/full/src/main/resources/db/sqlite/V1.2__triggers.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1.2__triggers.sql
rename to full/src/main/resources/db/sqlite/V1.2__triggers.sql
diff --git a/full/src/main/resources/db/new-sqlite/V1.3__create_admin_table.sql b/full/src/main/resources/db/sqlite/V1.3__create_admin_table.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1.3__create_admin_table.sql
rename to full/src/main/resources/db/sqlite/V1.3__create_admin_table.sql
diff --git a/full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql b/full/src/main/resources/db/sqlite/V1.4__oauth2_tables.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1.4__oauth2_tables.sql
rename to full/src/main/resources/db/sqlite/V1.4__oauth2_tables.sql
diff --git a/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql b/full/src/main/resources/db/sqlite/V1.5__oauth2_triggers.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
rename to full/src/main/resources/db/sqlite/V1.5__oauth2_triggers.sql
diff --git a/full/src/main/resources/db/sqlite/V1__Initial_version.sql b/full/src/main/resources/db/sqlite/V1__Initial_version.sql
deleted file mode 100644
index 943d3cd..0000000
--- a/full/src/main/resources/db/sqlite/V1__Initial_version.sql
+++ /dev/null
@@ -1,370 +0,0 @@
-CREATE TABLE IF NOT EXISTS korap_users (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-username VARCHAR(150) NOT NULL UNIQUE,
-password VARCHAR(100),
-account_lock boolean NOT NULL,
-account_creation BIGINT NOT NULL,
--- deprecate this
-type INTEGER DEFAULT 0,
-uri_fragment VARCHAR(100),
-uri_expiration BIGINT,
-account_link VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS admin_users (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-user_id INTEGER NOT NULL,
-foreign key (user_id)
-references korap_users (id)
-);
-
-CREATE TABLE IF NOT EXISTS shib_users (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-username VARCHAR(150) NOT NULL UNIQUE,
-account_creation BIGINT,
-type INTEGER DEFAULT 1,
-loginSuccess INTEGER,
-loginFailed INTEGER,
-account_link VARCHAR(100)
-);
-
-CREATE TABLE IF NOT EXISTS user_details (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-user_id INTEGER UNIQUE NOT NULL,
-data BLOB NOT NULL,
-foreign key (user_id)
-references korap_users (id)
-on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS user_settings (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-user_id INTEGER UNIQUE NOT NULL,
-data BLOB NOT NULL,
-foreign key (user_id)
-references korap_users (id)
-on delete cascade
-);
-
-
-CREATE TABLE IF NOT EXISTS user_queries (
-id INTEGER PRIMARY KEY,
-queryLanguage VARCHAR(100),
-name VARCHAR(100),
-query VARCHAR(200),
-description VARCHAR(150),
-foreign key (id)
-references resource_store (id)
-on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS audit_records (
-aud_id INTEGER PRIMARY KEY AUTOINCREMENT,
-aud_category VARCHAR(100),
-aud_target VARCHAR(100),
-aud_user VARCHAR(100),
-aud_location VARCHAR(100),
-aud_field_1 VARCHAR(400),
-aud_args VARCHAR(400),
-aud_timestamp BIGINT,
-aud_status VARCHAR(100)
-);
-
--- deprecated
-CREATE TABLE IF NOT EXISTS match_info (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-userid BIGINT NOT NULL,
-matchInfo VARCHAR(100)
-);
-
-
-CREATE TABLE IF NOT EXISTS policy_store (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-target_id BIGINT NOT NULL,
-created BIGINT NOT NULL,
-creator INTEGER NOT NULL,
-posix SMALLINT NOT NULL,
-expire BIGINT,
-enable BIGINT NOT NULL,
-iprange varchar(200)
-);
-
--- send disabled documents per corpus to backend, so they can be excluded from searching!
-CREATE TABLE IF NOT EXISTS doc_store (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-persistent_id VARCHAR(100) UNIQUE,
-doc_sigle VARCHAR(100),
-created BIGINT NOT NULL DEFAULT CURRENT_TIMESTAMP,
-disabled BOOLEAN DEFAULT TRUE
-);
-
-CREATE TABLE IF NOT EXISTS group_ref (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-group_id VARCHAR(100) NOT NULL,
-policy_id INTEGER NOT NULL
-);
-
--- question: grouping of users or grouping of resources required?
-CREATE TABLE IF NOT EXISTS group_store (
-name VARCHAR(100) PRIMARY KEY,
-description VARCHAR(200),
-sym_use INTEGER DEFAULT -1,
-export VARCHAR(30) DEFAULT NULL,
-query_only VARCHAR(30) DEFAULT NULL,
-licence INTEGER DEFAULT -1,
--- basically every resource we have is an academic resource, thus a non-commercial use is infered!
-commercial BOOLEAN DEFAULT FALSE
-);
-
-CREATE TABLE IF NOT EXISTS group_users (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-user_id INTEGER NOT NULL,
-group_id VARCHAR(100) NOT NULL,
-admin BOOLEAN NOT NULL DEFAULT FALSE,
-FOREIGN KEY (user_id)
-REFERENCES korap_users(id)
-on delete cascade,
-FOREIGN KEY (group_id)
-REFERENCES group_store (name)
-on delete cascade
-);
-
-
-CREATE TABLE IF NOT EXISTS param_store (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-p_key VARCHAR(150) NOT NULL,
-p_value VARCHAR(200) NOT NULL,
-resource INTEGER NOT NULL DEFAULT -1,
-pid INTEGER NOT NULL DEFAULT -1,
-FOREIGN KEY (resource)
-REFERENCES resource_store(id)
-on delete cascade,
-FOREIGN KEY (pid)
-REFERENCES policy_store(id)
-on delete cascade
-);
-
-CREATE TABLE IF NOT EXISTS param_map (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-policyId INTEGER NOT NULL,
-paramId INTEGER NOT NULL,
-value VARCHAR(100) NOT NULL,
-flag BOOLEAN NOT NULL DEFAULT FALSE,
-FOREIGN KEY (paramId)
-   REFERENCES param_store (id),
-FOREIGN KEY (policyId)
-   REFERENCES policy_store (id)
-);
-
-CREATE TABLE IF NOT EXISTS resource_store (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-persistent_id VARCHAR(100) NOT NULL UNIQUE,
-name VARCHAR(100),
-description VARCHAR(300),
-parent_id INTEGER unsigned null,
-created BIGINT null,
-data BLOB,
-type INTEGER NOT NULL,
-creator INTEGER NOT NULL
-);
-
-
-CREATE TABLE IF NOT EXISTS resource_tree (
-parent_id INTEGER,
-child_id INTEGER,
-depth INTEGER,
-name_path VARCHAR(250),
-PRIMARY KEY (parent_id, child_id),
-foreign key (parent_id)
-references resource_store (id)
-on delete cascade,
-foreign key (child_id)
-references resource_store (id)
-on delete cascade
-);
-
-
--- todo: refactor native to confidential, add column application name
--- remove id and make client_id primary key
-create table IF NOT EXISTS oauth2_client (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-client_id VARCHAR(100) NOT NULL,
-client_secret VARCHAR(200) NOT NULL,
-redirect_uri VARCHAR(250) NOT NULL,
-client_type VARCHAR(200),
-is_confidential BOOLEAN DEFAULT FALSE,
-url VARCHAR(200) UNIQUE
-);
-
-
--- refresh token doesn't care about expiration.
--- also narrower scopes for new access token with the refresh token are not supported
--- otherwise i would require a comparison of all access_token to get the maximum scopes and compare to request
-
--- status 1 = valid, 0 = revoked, -1 = disabled
-create table IF NOT EXISTS oauth2_access_token (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-access_token VARCHAR(300),
-auth_code VARCHAR(250),
-refresh_token VARCHAR(250),
-client_id VARCHAR(100),
-user_id INTEGER,
--- make boolean --
-status INTEGER DEFAULT 1,
--- in case of code authorization, should match auth code scopes!
--- use scopes for levelaccess descriptor level[rw],level[r]
-scopes VARCHAR(350),
-expiration BIGINT NOT NULL,
-FOREIGN KEY (user_id)
-REFERENCES korap_users(id),
-FOREIGN KEY (client_id)
-REFERENCES oauth2_client(client_id)
-);
-
-
--- fixme: also scopes?
-create table oauth2_refresh_token (
-id INTEGER PRIMARY KEY AUTOINCREMENT,
-client_id VARCHAR(100),
-user_id INTEGER,
-expiration BIGINT NOT NULL,
-scopes VARCHAR(350),
-FOREIGN KEY (user_id)
-REFERENCES korap_users(id)
-ON DELETE CASCADE,
-FOREIGN KEY (client_id)
-REFERENCES oauth2_client(client_id)
-ON DELETE CASCADE
-);
-
-
-
--- a bit confusing. 1. creator is policy creator, 2. creator is resource creator --> different implications
--- insert resource data from resource_store alltogether, so i dont have to retrieve anything from there?!
-create view if not exists policy_view as
-select
-    po.id as pid,
-    po.target_id as id,
-    rs.persistent_id as persistent_id,
-    rs.name as name,
-    rs.type as type,
-    c.group_id as group_id,
-    po.posix as perm,
-    po.creator as creator,
-    po.expire as expire,
-    po.enable as enable,
-    po.iprange as iprange
-from policy_store as po
-inner join
-group_ref as c ON c.policy_id = po.id
-inner join
-resource_store as rs ON rs.id = po.target_id
-union all select
-              - 1 as pid,
-              rs.id as id,
-              rs.persistent_id as persistent_id,
-              rs.name as name,
-              type as type,
-              'self' as group_id,
-              127 as perm,
-              creator,
-              NULL as expire,
-              rs.created as enable,
-              null as iprange
-          from
-          resource_store as rs;
-
--- deletes a group if the group has no longer members!
-create trigger if not exists group_ref_del after delete on group_ref
-when (select count(*) from group_ref where group_id=OLD.group_id) = 0
-begin delete from group_store where name=OLD.group_id; end;
-
-    -- create trigger relCr after insert on resource_store
-    -- when (select count(*) from r_tree where parent_id==NEW.id and
-    -- child_id==NEW.id) == 0
-    -- BEGIN
-    -- insert into r_tree (parent_id, child_id, depth)
-    -- VALUES (NEW.id, NEW.id, 0);
-    -- END;
-
-    -- 1. CONCAT(NEW.name,"/")
-    -- 2. CONCAT(name_path, NEW.name, "/")
-
-CREATE TRIGGER IF NOT EXISTS insert_resource_tree_data
-AFTER INSERT ON resource_store
-FOR EACH ROW BEGIN
-INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-VALUES (NEW.id, NEW.id, 0, NEW.persistent_id);
-
-INSERT INTO resource_tree (parent_id, child_id, depth, name_path)
-SELECT parent_id, NEW.id, depth + 1, name_path || "/" ||  NEW.persistent_id FROM resource_tree
-WHERE child_id = NEW.parent_id;
-END;
-
-
-create trigger if not exists delete_policy after delete on resource_store
-begin delete from policy_store where target_id=OLD.id; end;
-
-    -- 1. requirement: delete hierarchical from resource_store and r_tree -- done!
-    -- 2. todo: subsequently delete from resourcedao extensions if child of deleted resource!
-create trigger if not exists del_tree after delete on resource_store
-begin delete from resource_store where id in (select rs.id from resource_store as rs
-inner join resource_tree as rt on rt.child_id=rs.id where rt.parent_id=OLD.id);
-delete from resource_tree where parent_id=OLD.id; end;
-
--- mysql on delete cascade todo: test
-create trigger if not exists del_user delete on korap_users
-begin
-    delete from user_settings where user_id=OLD.id;
-    delete from user_details where user_id=OLD.id;
-    delete from group_users where user_id=OLD.id;
-end;
-
--- indices
--- test unique index constraints
-create index group_index on group_users(user_id, group_id);
-create index policy_index on group_ref(policy_id);
-create index policy_target on policy_store(target_id);
-create unique index r_tree_index on resource_tree (parent_id, depth, child_id);
-create unique index para_unique on param_store (p_key, p_value);
-create unique index conditions on group_ref (policy_id, group_id);
-create unique index groups on group_users (user_id, group_id);
-
-
--- deprecated
--- flagr is a reference to the applicable conditions: export, licence
-create table if not exists policy_store2 (
-id integer primary key autoincrement,
-target_id bigint not null,
-creator bigint not null,
-perm integer default -1,
-enable boolean default true,
-master INTEGER UNIQUE default NULL,
-expire timestamp default null,
-iprange varchar(200),
-flagr integer,
-params integer,
-baseline boolean default false,
-FOREIGN KEY (master)
-    REFERENCES policy_store2(id),
-FOREIGN KEY (flagr)
-    REFERENCES flag_store (id),
-FOREIGN KEY (params)
-    REFERENCES param_store (id)
-);
-
--- grouping is matched with a view where the user and groups are listed together
-create table if not exists flag_store (
-id integer primary key autoincrement,
-export boolean default true,
-sym_use integer default -1,
-grouping varchar(150),
-FOREIGN KEY (grouping)
- REFERENCES groupings (grouping)
-);
-
--- todo: ??!
--- haveing the username as grouping only works with the unique identifier at username
-create view if not exists groupings_view
-as select id as user_id, username as grouping from korap_users
-union all select user_id, group_id as grouping from group_users;
diff --git a/full/src/main/resources/db/new-sqlite/V1__initial_version.sql b/full/src/main/resources/db/sqlite/V1__initial_version.sql
similarity index 100%
rename from full/src/main/resources/db/new-sqlite/V1__initial_version.sql
rename to full/src/main/resources/db/sqlite/V1__initial_version.sql
diff --git a/full/src/main/resources/default-config.xml b/full/src/main/resources/default-config.xml
index c653150..966eb66 100644
--- a/full/src/main/resources/default-config.xml
+++ b/full/src/main/resources/default-config.xml
@@ -171,16 +171,28 @@
 	</bean>
 
 	<!-- Data access objects -->
+	<bean id="adminDao" class="de.ids_mannheim.korap.dao.AdminDaoImpl" />
 	<bean id="resourceDao" class="de.ids_mannheim.korap.dao.ResourceDao" />
 	<bean id="accessScopeDao" class="de.ids_mannheim.korap.oauth2.dao.AccessScopeDao" />
-	<bean id="authorizationDao" class="de.ids_mannheim.korap.oauth2.dao.AuthorizationCacheDao" />
+	<bean id="authorizationDao" class="de.ids_mannheim.korap.oauth2.dao.CachedAuthorizationDaoImpl" />
 
+	<!-- Filters -->
+	<!-- <bean id="authenticationFilter" class="de.ids_mannheim.korap.web.filter.AuthenticationFilter" >
+		<property name="authenticationManager" ref="kustvakt_authenticationmanager"/>
+	</bean>
+	<bean id="piwikFilter" class="de.ids_mannheim.korap.web.filter.PiwikFilter" >
+		<property name="authenticationManager" ref="kustvakt_authenticationmanager"/>
+	</bean> -->
+	
+	<!-- Services -->
+	<bean id="scopeService" class="de.ids_mannheim.korap.oauth2.service.OAuth2ScopeServiceImpl" />
+	
 	<!-- props are injected from default-config.xml -->
 	<bean id="kustvakt_config" class="de.ids_mannheim.korap.config.FullConfiguration">
 		<constructor-arg name="properties" ref="props" />
 	</bean>
 
-	<bean id="initializator" class="de.ids_mannheim.korap.config.Initializator"
+	<bean id="initializator" class="de.ids_mannheim.de.init.InitializatorImpl"
 		init-method="initAnnotation">
 	</bean>
 
@@ -201,8 +213,8 @@
 		<constructor-arg value="http,https" />
 	</bean>
 	
-
-	<bean id="kustvakt_rewrite" class="de.ids_mannheim.korap.rewrite.FullRewriteHandler">
+	<!-- Rewrite -->
+	<bean id="rewriteHandler" class="de.ids_mannheim.korap.rewrite.FullRewriteHandler">
 		<constructor-arg ref="kustvakt_config" />
 	</bean>
 
@@ -297,7 +309,7 @@
 	</util:list>
 
 	<!-- specify type for constructor argument -->
-	<bean id="kustvakt_authenticationmanager"
+	<bean id="authenticationManager"
 		class="de.ids_mannheim.korap.authentication.KustvaktAuthenticationManager">
 		<constructor-arg type="de.ids_mannheim.korap.interfaces.EntityHandlerIface"
 			ref="kustvakt_userdb" />
@@ -310,7 +322,7 @@
 		<!-- inject authentication providers to use -->
 		<property name="providers" ref="kustvakt_authproviders" />
 	</bean>
-
+	
 	<!-- todo: if db interfaces not loaded via spring, does transaction even 
 		work then? -->
 	<!-- the transactional advice (i.e. what 'happens'; see the <aop:advisor/> 
diff --git a/full/src/main/resources/kustvakt-lite.conf b/full/src/main/resources/kustvakt-lite.conf
new file mode 100644
index 0000000..f0dd6b3
--- /dev/null
+++ b/full/src/main/resources/kustvakt-lite.conf
@@ -0,0 +1,27 @@
+# index dir
+krill.indexDir= ../sample-index
+
+krill.index.commit.count = 134217000
+krill.index.commit.log = log/krill.commit.log
+krill.index.commit.auto = 500
+krill.index.relations.max = 100
+
+krill.namedVC=vc
+
+
+# Kustvakt
+
+current.api.version = v1.0
+# multiple versions separated by space
+supported.api.version = v1.0
+
+kustvakt.base.url=/api/*
+kustvakt.default.pos = tt
+kustvakt.default.lemma = tt
+kustvakt.default.token = opennlp
+kustvakt.default.dep = mate
+kustvakt.default.const = mate
+
+# server
+server.port=8089
+server.host=localhost
diff --git a/full/src/main/resources/lite-config.xml b/full/src/main/resources/lite-config.xml
new file mode 100644
index 0000000..b342c59
--- /dev/null
+++ b/full/src/main/resources/lite-config.xml
@@ -0,0 +1,182 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:util="http://www.springframework.org/schema/util"
+	xmlns:context="http://www.springframework.org/schema/context" xmlns:tx="http://www.springframework.org/schema/tx"
+	xsi:schemaLocation="http://www.springframework.org/schema/beans
+           http://www.springframework.org/schema/beans/spring-beans.xsd
+           http://www.springframework.org/schema/tx
+           http://www.springframework.org/schema/tx/spring-tx.xsd
+           http://www.springframework.org/schema/context
+           http://www.springframework.org/schema/context/spring-context.xsd
+           http://www.springframework.org/schema/util
+           http://www.springframework.org/schema/util/spring-util.xsd">
+
+
+	<context:component-scan
+		base-package="de.ids_mannheim.korap.web.filter, de.ids_mannheim.korap.web.utils,
+		de.ids_mannheim.korap.authentication.http" />
+	<context:annotation-config />
+
+	<bean id="placeholders"
+		class="org.springframework.context.support.PropertySourcesPlaceholderConfigurer">
+		<property name="ignoreResourceNotFound" value="true" />
+		<property name="locations">
+			<array>
+				<value>classpath:properties/lite-jdbc.properties</value>
+				<value>file:./lite-jdbc.properties</value>
+				<value>classpath:properties/hibernate.properties</value>
+				<value>classpath:kustvakt-lite.conf</value>
+				<value>file:./kustvakt-lite.conf</value>
+			</array>
+		</property>
+	</bean>
+
+	<bean id="properties"
+		class="org.springframework.beans.factory.config.PropertiesFactoryBean">
+		<property name="ignoreResourceNotFound" value="true" />
+		<property name="locations">
+			<array>
+				<value>classpath:kustvakt-lite.conf</value>
+				<value>file:./kustvakt-lite.conf</value>
+			</array>
+		</property>
+	</bean>
+
+	<bean id="config" class="de.ids_mannheim.korap.config.KustvaktConfiguration">
+		<constructor-arg index="0" name="properties" ref="properties" />
+	</bean>
+
+	<!-- Database -->
+
+	<bean id="sqliteDataSource"
+		class="org.springframework.jdbc.datasource.SingleConnectionDataSource"
+		lazy-init="true">
+		<property name="driverClassName" value="${jdbc.driverClassName}" />
+		<property name="url" value="${jdbc.url}" />
+		<property name="username" value="${jdbc.username}" />
+		<property name="password" value="${jdbc.password}" />
+		<property name="connectionProperties">
+			<props>
+				<prop key="date_string_format">yyyy-MM-dd HH:mm:ss</prop>
+			</props>
+		</property>
+
+		<!-- relevant for single connection datasource and sqlite -->
+		<property name="suppressClose">
+			<value>true</value>
+		</property>
+		<!--<property name="initialSize" value="2"/> -->
+		<!--<property name="poolPreparedStatements" value="true"/> -->
+	</bean>
+
+	<bean id="flyway" class="org.flywaydb.core.Flyway" init-method="migrate">
+		<property name="baselineOnMigrate" value="true" />
+		<!-- <property name="validateOnMigrate" value="false" /> -->
+		<!-- <property name="cleanOnValidationError" value="true" /> -->
+		<property name="locations" value="${jdbc.schemaPath}" />
+		<property name="dataSource" ref="sqliteDataSource" />
+	</bean>
+
+	<bean id="entityManagerFactory"
+		class="org.springframework.orm.jpa.LocalContainerEntityManagerFactoryBean">
+		<property name="dataSource" ref="sqliteDataSource" />
+
+		<property name="packagesToScan">
+			<array>
+				<value>de.ids_mannheim.korap.entity</value>
+				<value>de.ids_mannheim.korap.oauth2.entity</value>
+			</array>
+		</property>
+		<property name="jpaVendorAdapter">
+			<bean id="jpaVendorAdapter"
+				class="org.springframework.orm.jpa.vendor.HibernateJpaVendorAdapter">
+				<property name="databasePlatform" value="${hibernate.dialect}" />
+			</bean>
+		</property>
+		<property name="jpaProperties">
+			<props>
+				<prop key="hibernate.dialect">${hibernate.dialect}</prop>
+				<prop key="hibernate.hbm2ddl.auto">${hibernate.hbm2ddl.auto}</prop>
+				<prop key="hibernate.show_sql">${hibernate.show_sql}</prop>
+				<prop key="hibernate.cache.use_query_cache">${hibernate.cache.use_query_cache}</prop>
+				<prop key="hibernate.cache.use_second_level_cache">${hibernate.cache.use_second_level_cache}
+				</prop>
+				<prop key="hibernate.cache.provider_class">${hibernate.cache.provider}</prop>
+				<prop key="hibernate.cache.region.factory_class">${hibernate.cache.region.factory}</prop>
+				<prop key="hibernate.jdbc.time_zone">${hibernate.jdbc.time_zone}</prop>
+			</props>
+		</property>
+	</bean>
+	<tx:annotation-driven proxy-target-class="true"
+		transaction-manager="transactionManager" />
+
+	<bean id="transactionManager" class="org.springframework.orm.jpa.JpaTransactionManager">
+		<property name="entityManagerFactory" ref="entityManagerFactory" />
+	</bean>
+
+	<bean id="transactionTemplate"
+		class="org.springframework.transaction.support.TransactionTemplate">
+		<constructor-arg ref="transactionManager" />
+	</bean>
+	<bean id="txManager"
+		class="org.springframework.jdbc.datasource.DataSourceTransactionManager">
+		<property name="dataSource" ref="sqliteDataSource" />
+	</bean>
+
+	<!-- Initialization -->
+	<bean id="initializator" class="de.ids_mannheim.de.init.LiteInitializatorImpl"
+		init-method="init">
+	</bean>
+	<bean id="annotationParser" class="de.ids_mannheim.korap.annotation.AnnotationParser"
+		scope="singleton" />
+
+	<!-- Krill -->
+	<bean id="search_krill" class="de.ids_mannheim.korap.web.SearchKrill">
+		<constructor-arg value="${krill.indexDir}" />
+	</bean>
+
+	<!-- Filters -->
+	<bean id="APIVersionFilter" class="de.ids_mannheim.korap.web.APIVersionFilter"
+		scope="singleton" />
+
+	<!-- Authentication -->
+	<bean id="authenticationManager"
+		class="de.ids_mannheim.korap.authentication.DummyAuthenticationManager" />
+
+	<!-- Response handler -->
+	<bean id="kustvaktResponseHandler" class="de.ids_mannheim.korap.web.KustvaktResponseHandler">
+		<constructor-arg index="0" name="iface" ref="kustvakt_auditing" />
+	</bean>
+
+	<!-- Controllers -->
+	<bean id="annotationController"
+		class="de.ids_mannheim.korap.web.controller.AnnotationController" />
+	<bean id="searchController" class="de.ids_mannheim.korap.web.controller.SearchController" />
+	<bean id="statisticController"
+		class="de.ids_mannheim.korap.web.controller.StatisticController" />
+
+	<!-- Services -->
+	<bean id="annotationService" class="de.ids_mannheim.korap.service.AnnotationService"></bean>
+	<bean id="scopeService"
+		class="de.ids_mannheim.korap.oauth2.service.DummyOAuth2ScopeServiceImpl" />
+	<bean id="searchService" class="de.ids_mannheim.korap.service.SearchService"></bean>
+
+	<!-- DAO -->
+	<bean id="adminDao" class="de.ids_mannheim.korap.dao.DummyAdminDaoImpl" />
+	<bean id="annotationDao" class="de.ids_mannheim.korap.dao.AnnotationDao" />
+
+	<!-- DTO Converter -->
+	<bean id="annotationConverter" class="de.ids_mannheim.korap.dto.converter.AnnotationConverter" />
+
+	<!-- Rewrite -->
+	<bean id="rewriteHandler" class="de.ids_mannheim.korap.resource.rewrite.RewriteHandler">
+		<constructor-arg ref="config" />
+	</bean>
+
+
+
+	<bean id="kustvakt_auditing"
+		class="de.ids_mannheim.korap.interfaces.defaults.DefaultAuditing">
+	</bean>
+
+</beans>
\ No newline at end of file
diff --git a/full/src/main/resources/properties/jdbc.properties b/full/src/main/resources/properties/jdbc.properties
index aea7ab9..7025240 100644
--- a/full/src/main/resources/properties/jdbc.properties
+++ b/full/src/main/resources/properties/jdbc.properties
@@ -9,7 +9,7 @@
 #jdbc.password=password
 
 # db.insert contains test data, omit it in production setting
-#jdbc.schemaPath=db.new-mysql, db.predefined
+#jdbc.schemaPath=db.mysql, db.predefined
 
 
 #-------------------------------------------------------------------------------
@@ -22,4 +22,4 @@
 jdbc.username=pc
 jdbc.password=pc
 # db.insert contains test data, omit it in production setting
-jdbc.schemaPath=db.new-sqlite, db.predefined
+jdbc.schemaPath=db.sqlite, db.predefined
diff --git a/full/src/main/resources/properties/lite-jdbc.properties b/full/src/main/resources/properties/lite-jdbc.properties
new file mode 100644
index 0000000..5aa9ca8
--- /dev/null
+++ b/full/src/main/resources/properties/lite-jdbc.properties
@@ -0,0 +1,9 @@
+#-------------------------------------------------------------------------------
+# Sqlite Settings
+
+jdbc.database=sqlite
+jdbc.driverClassName=org.sqlite.JDBC
+jdbc.url=jdbc:sqlite:liteDB.sqlite
+jdbc.username=pc
+jdbc.password=pc
+jdbc.schemaPath=db.lite-sqlite
\ No newline at end of file
