Migrated logging to log4j2 and adapted java.util.logging to log4j.

Change-Id: I587a8f0252714e17ec70e0f9eb5db63aca292b5f
diff --git a/full/Changes b/full/Changes
index c8e633e..9e6e09e 100644
--- a/full/Changes
+++ b/full/Changes
@@ -1,5 +1,5 @@
 version 0.60.4
-03/07/2018
+04/07/2018
     - implemented OAuth2 authorization code request with OpenID Authentication (margaretha)
     - enabled OAuth2 authorization without OpenID authentication using Nimbus library (margaretha)
     - implemented response handler for OpenID authentication errors in authorization requests (margaretha)
@@ -18,6 +18,7 @@
     - fixed RSA key configuration (margaretha)
     - merged OAuth2 client deregistration controllers (margaretha)
     - fixed OAuth2 client unique URL-hashcode (margaretha)
+    - migrated logging to log4j 2 and adapted java.util.logging to log4j(margaretha)
     
 version 0.60.3
 06/06/2018
diff --git a/full/pom.xml b/full/pom.xml
index db4c3e2..9f0b6cd 100644
--- a/full/pom.xml
+++ b/full/pom.xml
@@ -32,9 +32,6 @@
 		<testResources>
 			<testResource>
 				<directory>src/test/resources</directory>
-				<!-- <filtering>true</filtering> <includes> <include>**/*.key</include> 
-					<include>**/*.token</include> <include>**/*.xml</include> <include>**/*.conf</include> 
-					<include>**/*.info</include> <include>**/*.properties</include> </includes> -->
 			</testResource>
 			<testResource>
 				<directory>src/main/resources</directory>
@@ -86,9 +83,11 @@
 					<reuseForks>false</reuseForks>
 					<forkCount>2</forkCount>
 					<threadCount>4</threadCount>
-					<argLine>-Xmx512m -XX:MaxPermSize=256m</argLine>
+					<argLine>-Xmx512m -XX:MaxPermSize=256m 
+						-Djava.util.logging.manager=org.apache.logging.log4j.jul.LogManager</argLine>
 					<excludes>
 						<exclude>de/ids_mannheim/korap/authentication/*.java</exclude>
+						<exclude>de/ids_mannheim/korap/web/controller/TokenExpiryTest.java</exclude>
 					</excludes>
 					<includes>
 						<include>de/ids_mannheim/korap/**/*.java</include>
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
index 1c22fea..a399c5f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
@@ -12,8 +12,8 @@
 import javax.ws.rs.core.HttpHeaders;
 import javax.ws.rs.core.MultivaluedMap;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 
 // import com.novell.ldap.*; search() funktioniert nicht korrekt, ausgewechselt gegen unboundID's Bibliothek 20.04.17/FB
@@ -62,7 +62,7 @@
  */
 public class KustvaktAuthenticationManager extends AuthenticationManagerIface {
 
-	private static Logger jlog = LoggerFactory.getLogger(KustvaktAuthenticationManager.class);
+	private static Logger jlog = LogManager.getLogger(KustvaktAuthenticationManager.class);
 	private EncryptionIface crypto;
 	private EntityHandlerIface entHandler;
 	@Autowired
@@ -233,7 +233,7 @@
 	    {
 	    	// to be absolutely sure:
 	    	user.setCorpusAccess(User.CorpusAccess.FREE);
-	    	jlog.debug("setAccessAndLocation: DemoUser: location=%s, access=%s.\n", user.locationtoString(), user.accesstoString());
+	    	jlog.debug("setAccessAndLocation: DemoUser: location="+user.locationtoString()+" access="+ user.accesstoString());
 	     	return;
 	    }
 		
@@ -266,7 +266,7 @@
 			user.setLocation(location);
 			user.setCorpusAccess(corpusAccess);
 	    	
-	    	jlog.debug("setAccessAndLocation: KorAPUser: location=%s, access=%s.\n", user.locationtoString(), user.accesstoString());
+	    	jlog.debug("setAccessAndLocation: KorAPUser: location="+user.locationtoString()+", access="+ user.accesstoString());
 
 		}
 	} // getAccess
@@ -371,9 +371,9 @@
 				URIParam param = (URIParam) user.getField(URIParam.class);
 
 				if (param.hasValues()) {
-					jlog.debug("Account is not yet activated for user '{}'", user.getUsername());
+					jlog.debug("Account is not yet activated for user '"+user.getUsername()+"'" );
 					if (TimeUtils.getNow().isAfter(param.getUriExpiration())) {
-						jlog.error("URI token is expired. Deleting account for user {}", user.getUsername());
+						jlog.error("URI token is expired. Deleting account for user "+ user.getUsername());
 						deleteAccount(user);
 						throw new WrappedException(
 								new KustvaktException(unknown.getId(), StatusCodes.EXPIRED,
@@ -384,7 +384,7 @@
 							new KustvaktException(unknown.getId(), StatusCodes.ACCOUNT_NOT_CONFIRMED),
 							StatusCodes.LOGIN_FAILED, username);
 				}
-				jlog.error("ACCESS DENIED: account not active for '{}'", unknown.getUsername());
+				jlog.error("ACCESS DENIED: account not active for '"+unknown.getUsername()+"'");
 				throw new WrappedException(new KustvaktException(unknown.getId(), StatusCodes.ACCOUNT_DEACTIVATED),
 						StatusCodes.LOGIN_FAILED, username);
 			}
@@ -434,8 +434,7 @@
 			int ret = LdapAuth3.login(username, password, config.getLdapConfig());
 			System.out.printf("Debug: autenticationIdM: Ldap.login(%s) returns: %d.\n", username, ret);
 			if (ret != LdapAuth3.LDAP_AUTH_ROK) {
-				jlog.error("LdapAuth3.login(username='{}') returns '{}'='{}'!", username, ret,
-						LdapAuth3.getErrMessage(ret));
+				jlog.error("LdapAuth3.login(username='"+username+"') returns '"+ret+"'='"+LdapAuth3.getErrMessage(ret)+"'!");
 
 				// mask exception to disable user guessing in possible attacks
 				/*
@@ -448,7 +447,7 @@
 			}
 		} catch (LDAPException e) {
 
-			jlog.error("Error: username='{}' -> '{}'!", username, e);
+			jlog.error("Error: username='"+username+"' -> '"+e+"'!");
 			// mask exception to disable user guessing in possible attacks
 			/*
 			 * by Hanl: throw new WrappedException(new
@@ -540,11 +539,11 @@
 		try {
 			user = entHandler.getAccount(username);
 		} catch (EmptyResultException e) {
-			jlog.debug("user does not exist ({})", username);
+			jlog.debug("user does not exist: "+ username);
 			return false;
 
 		} catch (KustvaktException e) {
-			jlog.error("KorAPException", e.string());
+			jlog.error("KorAPException "+ e.string());
 			return false;
 			// throw new KustvaktException(username,
 			// StatusCodes.ILLEGAL_ARGUMENT,
@@ -590,7 +589,7 @@
 
 		KorAPUser u = (KorAPUser) user;
 		u.setAccountLocked(true);
-		jlog.info("locking account for user: {}", user.getUsername());
+		jlog.info("locking account for user: "+ user.getUsername());
 		entHandler.updateAccount(u);
 	}
 
@@ -628,7 +627,7 @@
 			validator.validateEntry(username, Attributes.USERNAME);
 			validator.validateEntry(newPassphrase, Attributes.PASSWORD);
 		} catch (KustvaktException e) {
-			jlog.error("Error: {}", e.string());
+			jlog.error("Error: "+ e.string());
 			throw new WrappedException(
 					new KustvaktException(username, StatusCodes.ILLEGAL_ARGUMENT, "password invalid", newPassphrase),
 					StatusCodes.PASSWORD_RESET_FAILED, username, newPassphrase);
@@ -649,14 +648,14 @@
 					new KustvaktException(username, StatusCodes.EXPIRED, "URI fragment expired", uriFragment),
 					StatusCodes.PASSWORD_RESET_FAILED, username, uriFragment);
 		else if (result == 1)
-			jlog.info("successfully reset password for user {}", username);
+			jlog.info("successfully reset password for user "+ username);
 	}
 
 	public void confirmRegistration(String uriFragment, String username) throws KustvaktException {
 		try {
 			validator.validateEntry(username, Attributes.USERNAME);
 		} catch (KustvaktException e) {
-			jlog.error("Error: {}", e.string());
+			jlog.error("Error: "+ e.string());
 			throw new WrappedException(e, StatusCodes.ACCOUNT_CONFIRMATION_FAILED, username, uriFragment);
 		}
 		int r = entHandler.activateAccount(username, uriFragment);
@@ -672,7 +671,7 @@
 			throw new WrappedException(new KustvaktException(user.getId(), StatusCodes.EXPIRED),
 					StatusCodes.ACCOUNT_CONFIRMATION_FAILED, username, uriFragment);
 		} else if (r == 1)
-			jlog.info("successfully confirmed user registration for user {}", username);
+			jlog.info("successfully confirmed user registration for user "+ username);
 		// register successful audit!
 	}
 
@@ -727,7 +726,7 @@
 			UserSettings settings = new UserSettings();
 			settings.read(safeMap, true);
 
-			jlog.info("Creating new user account for user {}", user.getUsername());
+			jlog.info("Creating new user account for user "+ user.getUsername());
 			entHandler.createAccount(user);
 //			if (user.isSystemAdmin() && user instanceof KorAPUser) {
 //				adminDao.addAccount(user);
@@ -744,7 +743,7 @@
 			assert dao != null;
 			dao.store(settings);
 		} catch (KustvaktException e) {
-			jlog.error("Error: {}", e.string());
+			jlog.error("Error: "+ e.string());
 			throw new WrappedException(e, StatusCodes.CREATE_ACCOUNT_FAILED, user.toString());
 		}
 
@@ -754,7 +753,7 @@
 
 	// todo:
 	private ShibbolethUser createShibbUserAccount(Map<String, Object> attributes) throws KustvaktException {
-		jlog.debug("creating shibboleth user account for user attr: {}", attributes);
+		jlog.debug("creating shibboleth user account for user attr: "+ attributes);
 		Map<String, Object> safeMap = validator.validateMap(attributes);
 
 		// todo eppn non-unique.join with idp or use persistent_id as username
@@ -841,7 +840,7 @@
 			try {
 				result = entHandler.updateAccount(user) > 0;
 			} catch (KustvaktException e) {
-				jlog.error("Error: {}", e.string());
+				jlog.error("Error: "+ e.string());
 				throw new WrappedException(e, StatusCodes.UPDATE_ACCOUNT_FAILED);
 			}
 		}
@@ -861,7 +860,7 @@
 			try {
 				result = entHandler.deleteAccount(user.getId()) > 0;
 			} catch (KustvaktException e) {
-				jlog.error("Error: {}", e.string());
+				jlog.error("Error: "+ e.string());
 				throw new WrappedException(e, StatusCodes.DELETE_ACCOUNT_FAILED);
 			}
 		}
@@ -906,7 +905,7 @@
 		try {
 			entHandler.updateAccount(user);
 		} catch (KustvaktException e) {
-			jlog.error("Error ", e.string());
+			jlog.error("Error "+ e.string());
 			throw new WrappedException(e, StatusCodes.PASSWORD_RESET_FAILED);
 		}
 		return new Object[] { uritoken, TimeUtils.format(param.getUriExpiration()) };
@@ -927,7 +926,7 @@
 						clazz.getSimpleName());
 			return data;
 		} catch (KustvaktException e) {
-			jlog.error("Error during user data retrieval: {}", e.getEntity());
+			jlog.error("Error during user data retrieval: "+ e.getEntity());
 			throw new WrappedException(e, StatusCodes.GET_ACCOUNT_FAILED);
 		}
 	}
@@ -942,7 +941,7 @@
 			if (dao != null)
 				dao.update(data);
 		} catch (KustvaktException e) {
-			jlog.error("Error during update of user data!", e.getEntity());
+			jlog.error("Error during update of user data! "+ e.getEntity());
 			throw new WrappedException(e, StatusCodes.UPDATE_ACCOUNT_FAILED);
 		}
 	}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/LoginCounter.java b/full/src/main/java/de/ids_mannheim/korap/authentication/LoginCounter.java
index 60289ce..7da50b6 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/LoginCounter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/LoginCounter.java
@@ -2,20 +2,21 @@
 
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
 import de.ids_mannheim.korap.utils.TimeUtils;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Map;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
 /**
  * @author hanl
  * @date 11/11/2014
  */
 public class LoginCounter {
 
-    private static Logger jlog = LoggerFactory.getLogger(LoginCounter.class);
+    private static Logger jlog = LogManager.getLogger(LoginCounter.class);
     private final Map<String, Long[]> failedLogins;
     private KustvaktConfiguration config;
 
@@ -45,7 +46,7 @@
         set[1] = expires;
 
         failedLogins.put(username, set);
-        jlog.warn("user failed to login ({}) ",
+        jlog.warn("user failed to login "+
                 Arrays.asList(failedLogins.get(username)));
     }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
index 23e83c3..1bb4c6d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionAuthentication.java
@@ -10,9 +10,10 @@
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.TimeUtils;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.util.Map;
 import java.util.concurrent.ScheduledThreadPoolExecutor;
@@ -27,7 +28,7 @@
  */
 public class SessionAuthentication implements AuthenticationIface {
 
-    private static final Logger jlog = LoggerFactory
+    private static final Logger jlog = LogManager
             .getLogger(SessionAuthentication.class);
     public static SessionFactory sessions;
     private ScheduledThreadPoolExecutor scheduled;
@@ -52,7 +53,7 @@
     @Override
     public TokenContext getTokenContext(String authenticationToken)
             throws KustvaktException {
-        jlog.debug("retrieving user session for user '{}'", authenticationToken);
+        jlog.debug("retrieving user session for user "+ authenticationToken);
         return this.sessions.getSession(authenticationToken);
     }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionFactory.java b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionFactory.java
index 7292ad0..6d425c2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/SessionFactory.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/SessionFactory.java
@@ -6,9 +6,10 @@
 import de.ids_mannheim.korap.user.DemoUser;
 import de.ids_mannheim.korap.utils.ConcurrentMultiMap;
 import de.ids_mannheim.korap.utils.TimeUtils;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.cache.annotation.CacheEvict;
 import org.springframework.cache.annotation.Cacheable;
 
@@ -31,7 +32,7 @@
 //todo: use simple ehcache!
 public class SessionFactory implements Runnable {
 
-    private static Logger jlog = LoggerFactory.getLogger(SessionFactory.class);
+    private static Logger jlog = LogManager.getLogger(SessionFactory.class);
 
     public static ConcurrentMap<String, TokenContext> sessionsObject;
     public static ConcurrentMap<String, DateTime> timeCheck;
@@ -42,7 +43,7 @@
 
 
     public SessionFactory (boolean multipleEnabled, int inactive) {
-        jlog.debug("allow multiple sessions per user: '{}'", multipleEnabled);
+        jlog.debug("allow multiple sessions per user: "+ multipleEnabled);
         this.multipleEnabled = multipleEnabled;
         this.inactive = inactive;
         this.sessionsObject = new ConcurrentHashMap<>();
@@ -62,7 +63,7 @@
     // todo: remove this!
     @Cacheable("session")
     public TokenContext getSession (String token) throws KustvaktException {
-        jlog.debug("logged in users: {}", loggedInRecord);
+        jlog.debug("logged in users: "+ loggedInRecord);
         TokenContext context = sessionsObject.get(token);
         if (context != null) {
             // fixme: set context to respecitve expiratin interval and return context. handler checks expiration later!
@@ -137,7 +138,7 @@
                 return true;
             }
             else
-                jlog.debug("user with token {} has an invalid session", token);
+                jlog.debug("user with token "+token+" has an invalid session");
         }
         return false;
     }
@@ -153,7 +154,7 @@
         for (Entry<String, DateTime> entry : timeCheck.entrySet()) {
             if (!isUserSessionValid(entry.getKey())) {
                 TokenContext user = sessionsObject.get(entry.getKey());
-                jlog.trace("removing user session for user {}",
+                jlog.trace("removing user session for user "+
                         user.getUsername());
                 inactive.add(user.getUsername());
                 removeSession(entry.getKey());
@@ -161,7 +162,7 @@
         }
         // fixme: not doing anything!
         if (inactive.size() > 0)
-            jlog.trace("removing inactive user session for users '{}' ",
+            jlog.trace("removing inactive user session for users "+
                     inactive);
     }
 
@@ -173,6 +174,6 @@
     public void run () {
         timeoutMaintenance();
         if (loggedInRecord.size() > 0)
-            jlog.debug("logged users: {}", loggedInRecord.toString());
+            jlog.debug("logged users: "+ loggedInRecord.toString());
     }
 }
diff --git a/full/src/main/java/de/ids_mannheim/korap/cache/ResourceCache.java b/full/src/main/java/de/ids_mannheim/korap/cache/ResourceCache.java
index da3e40f..8e5871c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/cache/ResourceCache.java
+++ b/full/src/main/java/de/ids_mannheim/korap/cache/ResourceCache.java
@@ -11,11 +11,12 @@
 import de.ids_mannheim.korap.user.User;
 import net.sf.ehcache.CacheManager;
 import net.sf.ehcache.Element;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import java.util.Collection;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+
 /**
  * @author hanl
  * @date 23/03/2014
@@ -31,7 +32,7 @@
 @SuppressWarnings("all")
 public class ResourceCache extends KustvaktCacheable {
 
-    private static Logger jlog = LoggerFactory.getLogger(ResourceCache.class);
+    private static Logger jlog = LogManager.getLogger(ResourceCache.class);
 
     public ResourceCache () {
         super("resources", "key:resources");
diff --git a/full/src/main/java/de/ids_mannheim/korap/encryption/KustvaktEncryption.java b/full/src/main/java/de/ids_mannheim/korap/encryption/KustvaktEncryption.java
index b73a524..2ae1a32 100644
--- a/full/src/main/java/de/ids_mannheim/korap/encryption/KustvaktEncryption.java
+++ b/full/src/main/java/de/ids_mannheim/korap/encryption/KustvaktEncryption.java
@@ -8,9 +8,9 @@
 import org.apache.commons.codec.EncoderException;
 import org.apache.commons.codec.binary.Base64;
 import org.apache.commons.lang.RandomStringUtils;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.mindrot.jbcrypt.BCrypt;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.interfaces.EncryptionIface;
@@ -18,7 +18,7 @@
 public class KustvaktEncryption implements EncryptionIface {
 
     private static final String ALGORITHM = "SHA-256";
-    private static Logger jlog = LoggerFactory
+    private static Logger jlog = LogManager
             .getLogger(KustvaktEncryption.class);
 
     private final FullConfiguration config;
@@ -83,7 +83,7 @@
                 hashString = bcryptHash(input, salt);
                 break;
             default:
-                jlog.warn("Invalid value: {}", config.getEncryption());
+                jlog.warn("Invalid value: "+ config.getEncryption());
                 break;
         }
         return hashString;
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/BatchBuilder.java b/full/src/main/java/de/ids_mannheim/korap/handlers/BatchBuilder.java
index 0a83118..bdc622d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/BatchBuilder.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/BatchBuilder.java
@@ -1,7 +1,7 @@
 package de.ids_mannheim.korap.handlers;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.dao.DataAccessException;
 import org.springframework.jdbc.core.JdbcOperations;
 import org.springframework.jdbc.core.RowMapper;
@@ -21,7 +21,7 @@
     private static final int SMALL_MEDIUM_BATCH = 6;
     private static final int MEDIUM_BATCH = 8;
     private static final int LARGE_BATCH = 12;
-    private Logger log = LoggerFactory.getLogger(BatchBuilder.class);
+    private Logger log = LogManager.getLogger(BatchBuilder.class);
 
     private JdbcOperations operations;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java b/full/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
index fd7fdc2..ffc35e5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/EntityDao.java
@@ -6,8 +6,8 @@
 import java.util.List;
 import java.util.Map;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.dao.DataAccessException;
 import org.springframework.dao.DuplicateKeyException;
 import org.springframework.dao.EmptyResultDataAccessException;
@@ -41,7 +41,7 @@
  */
 public class EntityDao implements EntityHandlerIface, KustvaktBaseDaoInterface {
 
-    private static Logger jlog = LoggerFactory.getLogger(EntityDao.class);
+    private static Logger jlog = LogManager.getLogger(EntityDao.class);
     private NamedParameterJdbcTemplate jdbcTemplate;
 
 
@@ -67,7 +67,7 @@
             return user;
         	}
         catch (EmptyResultDataAccessException ae) {
-            jlog.warn("No user found for name '{}'", username);
+            jlog.warn("No user found for name "+ username);
         	}
         catch (DataAccessException e) {
             jlog.warn("Could not retrieve user for name: " + username, e);
@@ -261,7 +261,7 @@
             user.setId(holder.getKey().intValue());
         }
         catch (DuplicateKeyException e) {
-            jlog.error("Could not create user account with username: {}",
+            jlog.error("Could not create user account with username: "+
                     user.getUsername());
             throw new DatabaseException(e, user.getUsername(), "korap_users",
                     StatusCodes.DB_ENTRY_EXISTS, "Username exists.",
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java b/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
index 04736b0..a1ae65c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/OAuthDb.java
@@ -1,36 +1,37 @@
 package de.ids_mannheim.korap.handlers;
 
-import de.ids_mannheim.korap.config.ClientInfo;
-import de.ids_mannheim.korap.constant.TokenType;
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.exceptions.DatabaseException;
-import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
-import de.ids_mannheim.korap.security.context.TokenContext;
-import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.user.User;
-import de.ids_mannheim.korap.utils.BooleanUtils;
-import de.ids_mannheim.korap.utils.TimeUtils;
-import edu.emory.mathcs.backport.java.util.Collections;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Timestamp;
+import java.util.List;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.dao.DataAccessException;
 import org.springframework.dao.EmptyResultDataAccessException;
 import org.springframework.jdbc.core.RowMapper;
 import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
 import org.springframework.jdbc.core.namedparam.NamedParameterJdbcTemplate;
 
-import java.sql.ResultSet;
-import java.sql.SQLException;
-import java.sql.Timestamp;
-import java.util.List;
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.ClientInfo;
+import de.ids_mannheim.korap.constant.TokenType;
+import de.ids_mannheim.korap.exceptions.DatabaseException;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.interfaces.db.PersistenceClient;
+import de.ids_mannheim.korap.security.context.TokenContext;
+import de.ids_mannheim.korap.user.User;
+import de.ids_mannheim.korap.utils.BooleanUtils;
+import de.ids_mannheim.korap.utils.TimeUtils;
+import edu.emory.mathcs.backport.java.util.Collections;
 
 /**
  * Created by hanl on 7/14/14.
  */
 public class OAuthDb {
 
-    private static final Logger jlog = LoggerFactory.getLogger(OAuthDb.class);
+    private static final Logger jlog = LogManager.getLogger(OAuthDb.class);
     private NamedParameterJdbcTemplate jdbcTemplate;
 
 
@@ -64,7 +65,7 @@
                     });
         }
         catch (EmptyResultDataAccessException ex) {
-            jlog.error("'{}' client found", clientid, ex.fillInStackTrace());
+            jlog.error(clientid+" client found "+ ex.fillInStackTrace());
             return null;
         }
     }
@@ -98,7 +99,7 @@
             this.jdbcTemplate.update(tokens, source);
         }
         catch (DataAccessException e) {
-            jlog.error("authorization could not be revoked for user '{}'",
+            jlog.error("authorization could not be revoked for user "+
                     user.getUsername());
             return false;
         }
@@ -126,7 +127,7 @@
         }
         catch (DataAccessException e) {
             e.printStackTrace();
-            jlog.error("token '{}' could not be added for user '{}'", token,
+            jlog.error("token "+token+" could not be added for user "+ 
                     userid);
             return false;
         }
@@ -144,11 +145,11 @@
             return this.jdbcTemplate.queryForObject(sql, s, String.class);
         }
         catch (EmptyResultDataAccessException ex) {
-            jlog.error("no token found for user '{}'", userid);
+            jlog.error("no token found for user "+ userid);
             return null;
         }
         catch (DataAccessException ex) {
-            jlog.error("token retrieval failed for user '{}'", userid);
+            jlog.error("token retrieval failed for user "+ userid);
             return null;
         }
     }
@@ -219,12 +220,12 @@
             return context;
         }
         catch (EmptyResultDataAccessException ee) {
-            jlog.error("no context found for token '{}'", token);
+            jlog.error("no context found for token "+ token);
             revokeToken(token);
             throw new KustvaktException(StatusCodes.EXPIRED, "token", token);
         }
         catch (DataAccessException e) {
-            jlog.error("token context retrieval failed for '{}'", token);
+            jlog.error("token context retrieval failed for "+ token);
             throw new KustvaktException(StatusCodes.ILLEGAL_ARGUMENT,
                     "invalid token", token);
         }
@@ -246,7 +247,7 @@
         }
         catch (DataAccessException e) {
             e.printStackTrace();
-            jlog.error("removing client '{}' failed", info.getClient_id());
+            jlog.error("removing client "+info.getClient_id()+" failed");
             throw new DatabaseException(new KustvaktException(user.getId(),
                     StatusCodes.ILLEGAL_ARGUMENT, "arguments given not valid",
                     info.toJSON()), StatusCodes.CLIENT_DEREGISTRATION_FAILED,
@@ -272,7 +273,7 @@
         }
         catch (DataAccessException e) {
             e.printStackTrace();
-            jlog.error("registering client '{}' failed", info.getClient_id());
+            jlog.error("registering client "+info.getClient_id()+" failed");
             throw new DatabaseException(new KustvaktException(user.getId(),
                     StatusCodes.ILLEGAL_ARGUMENT, "arguments given not valid",
                     info.toJSON()), StatusCodes.CLIENT_REGISTRATION_FAILED,
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/ResourceDao.java b/full/src/main/java/de/ids_mannheim/korap/handlers/ResourceDao.java
index 1bbabae..9cf7165 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/ResourceDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/ResourceDao.java
@@ -4,8 +4,8 @@
 import java.util.HashMap;
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.dao.DataAccessException;
 import org.springframework.dao.IncorrectResultSizeDataAccessException;
 import org.springframework.jdbc.core.namedparam.MapSqlParameterSource;
@@ -31,7 +31,7 @@
 public class ResourceDao<T extends KustvaktResource>
         implements ResourceOperationIface<T> {
 
-    private static Logger log = LoggerFactory.getLogger(ResourceDao.class);
+    private static Logger log = LogManager.getLogger(ResourceDao.class);
     protected final NamedParameterJdbcTemplate jdbcTemplate;
 
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/handlers/UserSettingsDao.java b/full/src/main/java/de/ids_mannheim/korap/handlers/UserSettingsDao.java
index dbd3c25..ba2f927 100644
--- a/full/src/main/java/de/ids_mannheim/korap/handlers/UserSettingsDao.java
+++ b/full/src/main/java/de/ids_mannheim/korap/handlers/UserSettingsDao.java
@@ -7,8 +7,9 @@
 import de.ids_mannheim.korap.interfaces.db.UserDataDbIface;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.user.UserSettings;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.dao.DataAccessException;
 import org.springframework.dao.EmptyResultDataAccessException;
 import org.springframework.jdbc.core.RowMapper;
@@ -26,7 +27,7 @@
  */
 public class UserSettingsDao implements UserDataDbIface<UserSettings> {
 
-    private static final Logger jlog = LoggerFactory
+    private static final Logger jlog = LogManager
             .getLogger(UserSettingsDao.class);
 
     private final NamedParameterJdbcTemplate jdbcTemplate;
@@ -52,7 +53,7 @@
             return id;
         }
         catch (DataAccessException e) {
-            jlog.error("couldn't store data in db for user with id '{}'",
+            jlog.error("couldn't store data in db for user with id "+
                     data.getUserId());
             return -1;
         }
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
index 638415b..ed47976 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2AuthorizationService.java
@@ -3,8 +3,8 @@
 import java.time.ZonedDateTime;
 import java.util.Set;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -21,7 +21,7 @@
 public class OAuth2AuthorizationService {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(OAuth2AuthorizationService.class);
+            LogManager.getLogger(OAuth2AuthorizationService.class);
 
     @Autowired
     protected OAuth2ClientService clientService;
diff --git a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
index 3f9cc6f..6d61e02 100644
--- a/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/oauth2/service/OAuth2ClientService.java
@@ -42,9 +42,6 @@
 @Service
 public class OAuth2ClientService {
 
-    // private Logger jlog =
-    // Logger.getLogger(OAuth2ClientService.class);
-
     @Autowired
     private OAuth2ClientDao clientDao;
     @Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java b/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
index 1ab70a3..08c252f 100644
--- a/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
+++ b/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
@@ -4,8 +4,8 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.google.common.collect.Lists;
@@ -49,7 +49,7 @@
 public class CollectionRewrite implements RewriteTask.RewriteQuery {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(CollectionRewrite.class);
+            LogManager.getLogger(CollectionRewrite.class);
 
     public CollectionRewrite () {
         super();
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java b/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
index a2acc05..bbe6850 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
@@ -3,8 +3,8 @@
 import java.util.ArrayList;
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -26,7 +26,7 @@
 public class AnnotationService {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(AnnotationService.class);
+            LogManager.getLogger(AnnotationService.class);
 
     @Autowired
     private AnnotationDao annotationDao;
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/MailService.java b/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
index 37b216d..7ad24dd 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/MailService.java
@@ -6,11 +6,11 @@
 import javax.mail.internet.InternetAddress;
 import javax.mail.internet.MimeMessage;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.apache.velocity.VelocityContext;
 import org.apache.velocity.app.VelocityEngine;
 import org.apache.velocity.context.Context;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.mail.javamail.JavaMailSender;
 import org.springframework.mail.javamail.MimeMessageHelper;
@@ -23,8 +23,10 @@
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.ParameterChecker;
 
-/** Manages mail related services, such as sending group member invitations 
- * per email.  
+/**
+ * Manages mail related services, such as sending group member
+ * invitations
+ * per email.
  * 
  * @author margaretha
  *
@@ -32,7 +34,7 @@
 @Service
 public class MailService {
 
-    private static Logger jlog = LoggerFactory.getLogger(MailService.class);
+    private static Logger jlog = LogManager.getLogger(MailService.class);
 
     @Autowired
     private AuthenticationManagerIface authManager;
@@ -49,7 +51,7 @@
         ParameterChecker.checkStringValue(inviteeName, "inviteeName");
         ParameterChecker.checkStringValue(groupName, "groupName");
         ParameterChecker.checkStringValue(inviter, "inviter");
-        
+
         MimeMessagePreparator preparator = new MimeMessagePreparator() {
 
             public void prepare (MimeMessage mimeMessage) throws Exception {
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/ResourceService.java b/full/src/main/java/de/ids_mannheim/korap/service/ResourceService.java
index b079e9c..ed68fc9 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/ResourceService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/ResourceService.java
@@ -2,8 +2,8 @@
 
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -21,7 +21,7 @@
 @Service
 public class ResourceService {
 
-    private static Logger jlog = LoggerFactory.getLogger(ResourceService.class);
+    private static Logger jlog = LogManager.getLogger(ResourceService.class);
 
     @Autowired
     private ResourceDao resourceDao;
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java b/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
index e8fc312..fdcc4ab 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/UserGroupService.java
@@ -8,8 +8,8 @@
 import java.util.List;
 import java.util.Set;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -43,7 +43,7 @@
 public class UserGroupService {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(UserGroupService.class);
+            LogManager.getLogger(UserGroupService.class);
     @Autowired
     private UserGroupDao userGroupDao;
     @Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java b/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
index 5835d92..5375aad 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
@@ -5,8 +5,8 @@
 import java.util.Iterator;
 import java.util.List;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Service;
 
@@ -50,7 +50,7 @@
 public class VirtualCorpusService {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(VirtualCorpusService.class);
+            LogManager.getLogger(VirtualCorpusService.class);
 
     @Autowired
     private VirtualCorpusDao vcDao;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
index 1b37937..f97356a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
@@ -11,9 +11,9 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.joda.time.DateTime;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 
@@ -44,7 +44,7 @@
 @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
 public class AdminController {
 
-    private static Logger jlog = LoggerFactory.getLogger(AdminController.class);
+    private static Logger jlog = LogManager.getLogger(AdminController.class);
     @Autowired
     private AuditingIface auditingController;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
index 6e7c012..9c01fa5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
@@ -8,7 +8,6 @@
 import java.util.Locale;
 import java.util.Map;
 
-import javax.servlet.http.HttpServletResponse;
 import javax.ws.rs.Consumes;
 import javax.ws.rs.GET;
 import javax.ws.rs.HeaderParam;
@@ -23,7 +22,8 @@
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
 
-import org.slf4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 
@@ -41,10 +41,8 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
-import de.ids_mannheim.korap.user.KorAPUser;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
-import de.ids_mannheim.korap.utils.KustvaktLogger;
 import de.ids_mannheim.korap.utils.ServiceInfo;
 import de.ids_mannheim.korap.web.KustvaktResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
@@ -75,7 +73,7 @@
     //todo: bootstrap function to transmit certain default configuration settings and examples (example user queries,
     // default usersettings, etc.)
     private static Logger jlog =
-            KustvaktLogger.getLogger(AuthenticationController.class);
+            LogManager.getLogger(AuthenticationController.class);
 
     @Autowired
     private AuthenticationManagerIface controller;
@@ -415,7 +413,7 @@
             controller.logout(context);
         }
         catch (KustvaktException e) {
-            jlog.error("Logout Exception: {}", e.string());
+            jlog.error("Logout Exception:"+ e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
         return Response.ok().build();
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
index 79ee0e3..1620d6c 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
@@ -11,8 +11,8 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 
@@ -43,7 +43,7 @@
     private KustvaktResponseHandler kustvaktResponseHandler;
 
     private static Logger jlog =
-            LoggerFactory.getLogger(DocumentController.class);
+            LogManager.getLogger(DocumentController.class);
     private DocumentDao documentDao;
 
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
index 32663f5..6619f0d 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
@@ -1,21 +1,20 @@
 package de.ids_mannheim.korap.web.controller;
 
-import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.server.KustvaktServer;
-import de.ids_mannheim.korap.utils.JsonUtils;
-import de.ids_mannheim.korap.utils.ServiceInfo;
-import de.ids_mannheim.korap.web.CoreResponseHandler;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
+import java.util.HashMap;
+import java.util.Map;
 
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.util.HashMap;
-import java.util.Map;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.server.KustvaktServer;
+import de.ids_mannheim.korap.utils.JsonUtils;
+import de.ids_mannheim.korap.utils.ServiceInfo;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 
 /**
  * Created by hanl on 29.04.16.
@@ -24,7 +23,6 @@
 @Produces(MediaType.APPLICATION_JSON + ";charset=utf-8")
 public class KustvaktController {
 
-    private static Logger jlog = LoggerFactory.getLogger(UserController.class);
     @Autowired
     private CoreResponseHandler kustvaktResponseHandler;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
index 830a76f..0b345cb 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
@@ -24,8 +24,8 @@
 import javax.ws.rs.core.SecurityContext;
 import javax.ws.rs.core.UriBuilder;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
@@ -54,7 +54,6 @@
 import de.ids_mannheim.korap.user.User.CorpusAccess;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.KoralCollectionQueryBuilder;
-import de.ids_mannheim.korap.utils.KustvaktLogger;
 import de.ids_mannheim.korap.utils.StringUtils;
 import de.ids_mannheim.korap.web.ClientsHandler;
 import de.ids_mannheim.korap.web.CoreResponseHandler;
@@ -79,7 +78,7 @@
 public class SearchController {
 
     private static Logger jlog =
-            LoggerFactory.getLogger(SearchController.class);
+            LogManager.getLogger(SearchController.class);
 
     @Autowired
     private CoreResponseHandler kustvaktResponseHandler;
@@ -401,11 +400,11 @@
         catch (KustvaktException e) {
             throw kustvaktResponseHandler.throwit(e);
         }
-        jlog.info("Serialized search: {}", jsonld);
+        jlog.info("Serialized search: "+ jsonld);
 
         String result = searchKrill.search(jsonld);
         // todo: logging
-        KustvaktLogger.QUERY_LOGGER.trace("The result set: {}", result);
+        jlog.trace("The result set: "+ result);
         return Response.ok(result).build();
     }
 
@@ -432,7 +431,7 @@
             //            System.out.printf("Debug: /search/: location=%s, access='%s'.\n", user.locationtoString(), user.accesstoString());
         }
         catch (KustvaktException e) {
-            jlog.error("Failed retrieving user in the search service: {}",
+            jlog.error("Failed retrieving user in the search service: "+
                     e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
@@ -448,7 +447,7 @@
         String query;
         try {
             query = this.processor.processQuery(serializer.toJSON(), user);
-            jlog.info("the serialized query {}", query);
+            jlog.info("the serialized query "+ query);
         }
         catch (KustvaktException e) {
             throw kustvaktResponseHandler.throwit(e);
@@ -486,7 +485,7 @@
         else {
             result = searchKrill.search(query);
         }
-        KustvaktLogger.QUERY_LOGGER.trace("The result set: {}", result);
+        jlog.trace("The result set: "+ result);
         return result;
 
     }
@@ -509,7 +508,7 @@
             return this.graphDBhandler.getResponse(map, "distKwic");
         }
         catch (KustvaktException e) {
-            jlog.error("Failed searching in Neo4J: {}", e.string());
+            jlog.error("Failed searching in Neo4J: "+ e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
 
@@ -534,7 +533,7 @@
             user = controller.getUser(c.getUsername());
         }
         catch (KustvaktException e) {
-            jlog.error("Exception encountered: {}", e.string());
+            jlog.error("Exception encountered: "+ e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
 
@@ -597,7 +596,7 @@
                     user.locationtoString(), user.accesstoString());
         }
         catch (KustvaktException e) {
-            jlog.error("Failed getting user in the matchInfo service: {}",
+            jlog.error("Failed getting user in the matchInfo service: "+
                     e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
index 65d30bd..f389ea5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
@@ -11,8 +11,8 @@
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 
@@ -42,7 +42,7 @@
 
 
     private static Logger jlog =
-            LoggerFactory.getLogger(StatisticController.class);
+            LogManager.getLogger(StatisticController.class);
     @Autowired
     private CoreResponseHandler kustvaktResponseHandler;
     @Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
index ed9f97a..00a852b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
@@ -26,8 +26,8 @@
 import javax.ws.rs.core.UriBuilder;
 import javax.ws.rs.core.UriInfo;
 
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 
@@ -73,7 +73,7 @@
     @Autowired
     private KustvaktResponseHandler kustvaktResponseHandler;
 
-    private static Logger jlog = LoggerFactory.getLogger(UserController.class);
+    private static Logger jlog = LogManager.getLogger(UserController.class);
     @Autowired
     private AuthenticationManagerIface controller;
 
@@ -113,7 +113,7 @@
                             uri.getUriFragment())
                     .queryParam(Attributes.QUERY_PARAM_USER,
                             user.getUsername());
-            jlog.info("registration was successful for user '{}'",
+            jlog.info("registration was successful for user "+
                     user.getUsername());
             Map<String, Object> object = new HashMap<String, Object>();
             object.put("confirm_uri", uriBuilder.build());
@@ -226,7 +226,7 @@
                     .append(username);
         }
         catch (KustvaktException e) {
-            jlog.error("Eoxception encountered!", e.string());
+            jlog.error("Eoxception encountered! "+ e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
 
@@ -364,7 +364,7 @@
                 result = data.serialize();
         }
         catch (KustvaktException e) {
-            jlog.error("Exception encountered: {}", e.string());
+            jlog.error("Exception encountered: "+ e.string());
             throw kustvaktResponseHandler.throwit(e);
         }
         return Response.ok(result).build();
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
index abf2eb9..4567896 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/PiwikFilter.java
@@ -1,5 +1,22 @@
 package de.ids_mannheim.korap.web.filter;
 
+import java.security.SecureRandom;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+import java.util.Random;
+
+import javax.ws.rs.core.MultivaluedMap;
+import javax.ws.rs.core.UriBuilder;
+import javax.ws.rs.ext.Provider;
+
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
 import com.sun.jersey.api.client.Client;
 import com.sun.jersey.api.client.WebResource;
 import com.sun.jersey.api.client.config.ClientConfig;
@@ -10,23 +27,15 @@
 import com.sun.jersey.spi.container.ContainerRequestFilter;
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
+
 import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.BeansFactory;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.security.context.TokenContext;
-import de.ids_mannheim.korap.user.*;
+import de.ids_mannheim.korap.user.User;
+import de.ids_mannheim.korap.user.UserSettings;
+import de.ids_mannheim.korap.user.Userdata;
 import net.minidev.json.JSONArray;
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
-
-import javax.ws.rs.core.MultivaluedMap;
-import javax.ws.rs.core.UriBuilder;
-import javax.ws.rs.ext.Provider;
-import java.security.SecureRandom;
-import java.util.*;
 
 /**
  * @author hanl
@@ -39,7 +48,7 @@
     private WebResource service;
     //    private static final String SERVICE = "http://localhost:8888";
     private static final String SERVICE = "http://10.0.10.13";
-    private static Logger jlog = LoggerFactory.getLogger(PiwikFilter.class);
+    private static Logger jlog = LogManager.getLogger(PiwikFilter.class);
     public static boolean ENABLED = false;
     private Map<String, String> customVars;
     @Autowired
diff --git a/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql b/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
index c55d659..d62e4df 100644
--- a/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
+++ b/full/src/main/resources/db/new-sqlite/V1.5__oauth2_triggers.sql
@@ -5,7 +5,7 @@
       WHERE rowid = new.rowid;
      END;
 
-CREATE TRIGGER insert_access_token_date BEFORE INSERT ON oauth2_access_token
+CREATE TRIGGER insert_access_token_date AFTER INSERT ON oauth2_access_token
      BEGIN
       UPDATE oauth2_access_token
       SET created_date = DATETIME('now', 'localtime')  
diff --git a/full/src/main/resources/log4j.properties b/full/src/main/resources/log4j.properties
deleted file mode 100644
index c747b68..0000000
--- a/full/src/main/resources/log4j.properties
+++ /dev/null
@@ -1,40 +0,0 @@
-
-# Root logger option
-#log4j.threshold=ALL
-log4j.rootLogger=ERROR, stdout, debugLog
-log4j.logger.log=ERROR, errorLog
-
-#log4j.logger.de.ids_mannheim.korap.web.controller.AuthenticationController = debug, debugLog, stdout
-#log4j.logger.de.ids_mannheim.korap.service.UserGroupService= debug, stdout, debugLog
-#log4j.logger.de.ids_mannheim.korap.rewrite.CollectionRewrite= debug, stdout, debugLog
-#log4j.logger.de.ids_mannheim.korap.service.MailService= debug, stdout, debugLog
-
-# Direct log messages to stdout
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.Target=System.out
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd, HH:mm:ss} %C{6} - %M%n %-5p: %m%n
-
-log4j.appender.errorLog=org.apache.log4j.RollingFileAppender
-log4j.appender.errorLog.layout=org.apache.log4j.PatternLayout
-log4j.appender.errorLog.layout.ConversionPattern=%d{MMM dd, yyyy HH:mm:ss} %C{6} - %M %n %-5p: %m%n
-log4j.appender.errorLog.File=./logs/errors.log
-
-log4j.appender.policyLog=org.apache.log4j.RollingFileAppender
-log4j.appender.policyLog.layout=org.apache.log4j.PatternLayout
-log4j.appender.policyLog.layout.ConversionPattern=%d{MMM dd, yyyy HH:mm:ss} %C{6} - %M %n %-5p: %m%n
-log4j.appender.policyLog.File=./logs/policies.log
-
-log4j.appender.authLog=org.apache.log4j.RollingFileAppender
-log4j.appender.authLog.layout=org.apache.log4j.PatternLayout
-log4j.appender.authLog.layout.ConversionPattern=%d{MMM dd, yyyy HH:mm:ss} %C{6} - %M %n %-5p: %m%n
-log4j.appender.authLog.File=./logs/auth.log
-
-log4j.appender.debugLog=org.apache.log4j.RollingFileAppender
-log4j.appender.debugLog.layout=org.apache.log4j.PatternLayout
-log4j.appender.debugLog.layout.ConversionPattern=%d{MMM dd, yyyy HH:mm:ss} %C{6} - %M %n %-5p: %m%n
-log4j.appender.debugLog.File=./logs/logging.log
-
-
-log4j.logger.de.ids_mannheim.korap.security.ac = ERROR, policyLog
-log4j.logger.de.ids_mannheim.korap.authentication = ERROR, authLog
\ No newline at end of file
diff --git a/full/src/main/resources/log4j2.properties b/full/src/main/resources/log4j2.properties
new file mode 100644
index 0000000..1038fe2
--- /dev/null
+++ b/full/src/main/resources/log4j2.properties
@@ -0,0 +1,29 @@
+appenders = console, file
+appender.console.type = Console
+appender.console.name = STDOUT
+appender.console.layout.type = PatternLayout
+appender.console.layout.pattern = %d{yyyy-MM-dd, HH:mm:ss} %C{6} - %M%n %-5p: %m%n
+
+appender.file.type = File
+appender.file.name = ERRORLOG
+appender.file.fileName=./logs/errors.log
+appender.file.layout.type=PatternLayout
+appender.file.layout.pattern= %d{yyyy-MM-dd, HH:mm:ss} %C{6} - %M%n %-5p: %m%n
+
+rootLogger.level = error
+rootLogger.appenderRefs = stdout
+rootLogger.appenderRef.stdout.ref = STDOUT
+
+#loggers=file
+#logger.file.name=de.ids_mannheim.korap
+#logger.file.level = error
+#logger.file.appenderRefs = file
+#logger.file.appenderRef.file.ref = ERRORLOG
+#logger.file.additivity=true
+
+#loggers=file
+#logger.file.name=com.sun.jersey.test.framework.spi.container
+#logger.file.level = info
+#logger.file.appenderRefs = file
+#logger.file.appenderRef.file.ref = ERRORLOG
+#logger.file.additivity=false
\ No newline at end of file
diff --git a/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigBaseTest.java b/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigBaseTest.java
index a625556..b69cecf 100644
--- a/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigBaseTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigBaseTest.java
@@ -2,7 +2,8 @@
 
 import static org.junit.Assert.assertNotNull;
 
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.junit.runner.RunWith;
 import org.junit.runner.notification.RunNotifier;
 import org.junit.runners.model.InitializationError;
@@ -26,7 +27,7 @@
 @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
 public abstract class BeanConfigBaseTest {
 
-    private static Logger jlog = Logger.getLogger(BeanConfigBaseTest.class);
+    private static Logger jlog = LogManager.getLogger(BeanConfigBaseTest.class);
     @Autowired
     protected ApplicationContext context;
     
diff --git a/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java b/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
index 7603c18..2268d87 100644
--- a/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/config/BeanConfigTest.java
@@ -2,7 +2,8 @@
 
 import static org.junit.Assert.assertNotNull;
 
-import org.apache.log4j.Logger;
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
 import org.junit.runner.RunWith;
 import org.junit.runner.notification.RunNotifier;
 import org.junit.runners.model.InitializationError;
@@ -25,7 +26,7 @@
 @DirtiesContext(classMode = DirtiesContext.ClassMode.AFTER_CLASS)
 public abstract class BeanConfigTest {
 
-    private static Logger jlog = Logger.getLogger(BeanConfigTest.class);
+    private static Logger jlog = LogManager.getLogger(BeanConfigTest.class);
     @Autowired
     protected ApplicationContext context;
 
diff --git a/full/src/test/java/de/ids_mannheim/korap/misc/CollectionQueryBuilderTest.java b/full/src/test/java/de/ids_mannheim/korap/misc/CollectionQueryBuilderTest.java
index 3142330..87469ac 100644
--- a/full/src/test/java/de/ids_mannheim/korap/misc/CollectionQueryBuilderTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/misc/CollectionQueryBuilderTest.java
@@ -227,7 +227,7 @@
         KoralCollectionQueryBuilder test = new KoralCollectionQueryBuilder();
         test.with("corpusSigle=WPD");
         String json = test.toJSON();
-        System.out.println(json);
+//        System.out.println(json);
         //JsonNode node = (JsonNode) test.rebaseCollection(null);
         //node = b.mergeWith(node);
         //assertNotNull(node);
@@ -249,7 +249,7 @@
         // operator is not supposed to be here!
         test.and().with("corpusSigle=WPD");
         String json = test.toJSON();
-        System.out.println(json);
+//        System.out.println(json);
         //JsonNode node = (JsonNode) test.rebaseCollection(null);
         //node = b.mergeWith(node);
         //assertNotNull(node);
@@ -335,7 +335,7 @@
         builder.setBaseQuery(resource.getData());
         builder.or().with("pubPlace=Mannheim");
 
-        System.out.println("query " + builder.toJSON());
+//        System.out.println("query " + builder.toJSON());
         // todo: assertions
     }
 
@@ -354,7 +354,7 @@
         builder.setBaseQuery(resource.getData());
         builder.or().with("pubPlace=Mannheim");
 
-        System.out.println("query " + builder.toJSON());
+//        System.out.println("query " + builder.toJSON());
         // todo: assertions
     }
 
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
index f9cd6e0..8126843 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2AccessTokenTest.java
@@ -24,28 +24,23 @@
 
 public class OAuth2AccessTokenTest extends SpringJerseyTest {
 
-    private String testAccessToken = null;
 
-    private String requestToken()
-            throws KustvaktException {
-        if (testAccessToken == null) {
-            MultivaluedMap<String, String> form = new MultivaluedMapImpl();
-            form.add("grant_type", "password");
-            form.add("client_id", "fCBbQkAyYzI4NzUxMg");
-            form.add("client_secret", "secret");
-            form.add("username", "dory");
-            form.add("password", "password");
+    private String requestToken () throws KustvaktException {
+        MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+        form.add("grant_type", "password");
+        form.add("client_id", "fCBbQkAyYzI4NzUxMg");
+        form.add("client_secret", "secret");
+        form.add("username", "dory");
+        form.add("password", "password");
 
-            ClientResponse response = resource().path("oauth2").path("token")
-                    .header(HttpHeaders.CONTENT_TYPE,
-                            ContentType.APPLICATION_FORM_URLENCODED)
-                    .entity(form).post(ClientResponse.class);
+        ClientResponse response = resource().path("oauth2").path("token")
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .entity(form).post(ClientResponse.class);
 
-            String entity = response.getEntity(String.class);
-            JsonNode node = JsonUtils.readTree(entity);
-            testAccessToken = node.at("/access_token").asText();
-        }
-        return testAccessToken;
+        String entity = response.getEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        return node.at("/access_token").asText();
     }
 
     @Test
@@ -97,24 +92,4 @@
         assertEquals("Access token is not found",
                 node.at("/errors/0/1").asText());
     }
-
-    @Test
-    public void testSearchWithExpiredToken ()
-            throws KustvaktException, IOException {
-        ClientResponse response = resource().path("search")
-                .queryParam("q", "Wasser").queryParam("ql", "poliqarp")
-                .header(Attributes.AUTHORIZATION,
-                        "Bearer fia0123ikBWn931470H8s5gRqx7Moc4p")
-                .get(ClientResponse.class);
-
-        String ent = response.getEntity(String.class);
-
-        assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(),
-                response.getStatus());
-
-        JsonNode node = JsonUtils.readTree(ent);
-        assertEquals(StatusCodes.EXPIRED, node.at("/errors/0/0").asInt());
-        assertEquals("Access token is expired",
-                node.at("/errors/0/1").asText());
-    }
 }
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
index 4f13ad9..c742d1d 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2ClientControllerTest.java
@@ -248,7 +248,6 @@
                 .delete(ClientResponse.class);
 
         String entity = response.getEntity(String.class);
-        System.out.println(entity);
         assertEquals(Status.BAD_REQUEST.getStatusCode(), response.getStatus());
 
         JsonNode node = JsonUtils.readTree(entity);
@@ -274,7 +273,6 @@
                 .entity(form).delete(ClientResponse.class);
 
         String entity = response.getEntity(String.class);
-        System.out.println(entity);
         assertEquals(Status.UNAUTHORIZED.getStatusCode(), response.getStatus());
 
         JsonNode node = JsonUtils.readTree(entity);
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
index 8caafdc..a5e84d3 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/OAuth2OpenIdControllerTest.java
@@ -13,10 +13,8 @@
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.MultivaluedMap;
 
-import org.apache.http.HttpStatus;
 import org.apache.http.entity.ContentType;
 import org.apache.oltu.oauth2.common.message.types.TokenType;
-import org.junit.Ignore;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.util.MultiValueMap;
@@ -42,7 +40,6 @@
 import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.config.SpringJerseyTest;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
-import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.oauth2.constant.OAuth2Error;
 import de.ids_mannheim.korap.utils.JsonUtils;
 
@@ -107,36 +104,7 @@
         assertEquals("thisIsMyState", params.getFirst("state"));
     }
 
-    @Ignore
-    // cannot be tested dynamically
-    public void testRequestAuthorizationCodeAuthenticationTooOld ()
-            throws KustvaktException {
-        MultivaluedMap<String, String> form = new MultivaluedMapImpl();
-        form.add("response_type", "code");
-        form.add("client_id", "fCBbQkAyYzI4NzUxMg");
-        form.add("redirect_uri", redirectUri);
-        form.add("scope", "openid");
-        form.add("max_age", "1");
-
-        ClientResponse response =
-                resource().path("oauth2").path("openid").path("authorize")
-                        .header(Attributes.AUTHORIZATION,
-                                "Bearer ")
-                        .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-                        .header(HttpHeaders.CONTENT_TYPE,
-                                ContentType.APPLICATION_FORM_URLENCODED)
-                        .entity(form).post(ClientResponse.class);
-
-        assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getStatus());
-        String entity = response.getEntity(String.class);
-        JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(StatusCodes.USER_REAUTHENTICATION_REQUIRED,
-                node.at("/errors/0/0").asInt());
-        assertEquals(
-                "User reauthentication is required because the authentication "
-                        + "time is too old according to max_age",
-                node.at("/errors/0/1").asText());
-    }
+    
 
     private void testRequestAuthorizationCodeWithoutOpenID (
             MultivaluedMap<String, String> form, String redirectUri)
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/TokenExpiryTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/TokenExpiryTest.java
new file mode 100644
index 0000000..3985fd6
--- /dev/null
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/TokenExpiryTest.java
@@ -0,0 +1,104 @@
+package de.ids_mannheim.korap.web.controller;
+
+import static org.junit.Assert.assertEquals;
+
+import java.io.IOException;
+
+import javax.ws.rs.core.MultivaluedMap;
+
+import org.apache.http.HttpStatus;
+import org.apache.http.entity.ContentType;
+import org.junit.Test;
+
+import com.fasterxml.jackson.databind.JsonNode;
+import com.google.common.net.HttpHeaders;
+import com.sun.jersey.api.client.ClientResponse;
+import com.sun.jersey.core.util.MultivaluedMapImpl;
+
+import de.ids_mannheim.korap.config.Attributes;
+import de.ids_mannheim.korap.config.SpringJerseyTest;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.utils.JsonUtils;
+
+public class TokenExpiryTest extends SpringJerseyTest {
+
+    @Test
+    public void requestToken ()
+            throws KustvaktException, InterruptedException, IOException {
+        MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+        form.add("grant_type", "password");
+        form.add("client_id", "fCBbQkAyYzI4NzUxMg");
+        form.add("client_secret", "secret");
+        form.add("username", "dory");
+        form.add("password", "password");
+
+        ClientResponse response = resource().path("oauth2").path("token")
+                .header(HttpHeaders.CONTENT_TYPE,
+                        ContentType.APPLICATION_FORM_URLENCODED)
+                .entity(form).post(ClientResponse.class);
+
+        String entity = response.getEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        String token = node.at("/access_token").asText();
+
+        Thread.sleep(1000);
+
+        testRequestAuthorizationCodeAuthenticationTooOld(token);
+        
+        Thread.sleep(1500);
+        testSearchWithExpiredToken(token);
+    }
+
+    // not possible to store expired token in the test database,
+    // because sqlite needs a trigger after INSERT to
+    // oauth_access_token to store created_date. Before INSERT trigger
+    // does not work.
+    private void testSearchWithExpiredToken (String token)
+            throws KustvaktException, IOException {
+        ClientResponse response = resource().path("search")
+                .queryParam("q", "Wasser").queryParam("ql", "poliqarp")
+                .header(Attributes.AUTHORIZATION, "Bearer " + token)
+                .get(ClientResponse.class);
+
+        String ent = response.getEntity(String.class);
+
+        assertEquals(ClientResponse.Status.UNAUTHORIZED.getStatusCode(),
+                response.getStatus());
+
+        JsonNode node = JsonUtils.readTree(ent);
+        assertEquals(StatusCodes.EXPIRED, node.at("/errors/0/0").asInt());
+        assertEquals("Access token is expired",
+                node.at("/errors/0/1").asText());
+    }
+
+    // cannot be tested dynamically
+    private void testRequestAuthorizationCodeAuthenticationTooOld (String token)
+            throws KustvaktException {
+        MultivaluedMap<String, String> form = new MultivaluedMapImpl();
+        form.add("response_type", "code");
+        form.add("client_id", "fCBbQkAyYzI4NzUxMg");
+        form.add("redirect_uri",
+                "https://korap.ids-mannheim.de/confidential/redirect");
+        form.add("scope", "openid");
+        form.add("max_age", "1");
+
+        ClientResponse response =
+                resource().path("oauth2").path("openid").path("authorize")
+                        .header(Attributes.AUTHORIZATION, "Bearer " + token)
+                        .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
+                        .header(HttpHeaders.CONTENT_TYPE,
+                                ContentType.APPLICATION_FORM_URLENCODED)
+                        .entity(form).post(ClientResponse.class);
+
+        assertEquals(HttpStatus.SC_UNAUTHORIZED, response.getStatus());
+        String entity = response.getEntity(String.class);
+        JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(StatusCodes.USER_REAUTHENTICATION_REQUIRED,
+                node.at("/errors/0/0").asInt());
+        assertEquals(
+                "User reauthentication is required because the authentication "
+                        + "time is too old according to max_age",
+                node.at("/errors/0/1").asText());
+    }
+}
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
index 70fd51f..2af5234 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/controller/UserGroupControllerAdminTest.java
@@ -120,6 +120,8 @@
         assertEquals(Status.OK.getStatusCode(), response.getStatus());
         String entity = response.getEntity(String.class);
         JsonNode node = JsonUtils.readTree(entity);
+        assertEquals(4, node.size());
+
         boolean containsHiddenStatus = false;
         for (int i = 0; i < node.size(); i++) {
             if (node.get(i).at("/status").asText().equals("HIDDEN")) {
diff --git a/full/src/test/resources/kustvakt-test.conf b/full/src/test/resources/kustvakt-test.conf
index b135ca7..8416b6a 100644
--- a/full/src/test/resources/kustvakt-test.conf
+++ b/full/src/test/resources/kustvakt-test.conf
@@ -81,8 +81,8 @@
 
 ## token expiration time
 security.longTokenTTL = 1D
-security.tokenTTL = 9S
-security.shortTokenTTL = 5S
+security.tokenTTL = 2S
+security.shortTokenTTL = 1S
 
 ## specifies the user data field that is used to salt user passwords
 security.passcode.salt=salt
diff --git a/full/src/test/resources/test-expired.token b/full/src/test/resources/test-expired.token
deleted file mode 100644
index 5d49da3..0000000
--- a/full/src/test/resources/test-expired.token
+++ /dev/null
@@ -1 +0,0 @@
-eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJ0ZXN0VXNlciIsImlzcyI6Imh0dHA6XC9cL2tvcmFwLmlkcy1tYW5uaGVpbS5kZSIsImV4cCI6MTUyODMwMzE5OX0.rmEFpdm8-_iyHGb2tEaJbKBoceiZwnyodixWhyLrU9w
\ No newline at end of file