Added annotation scheme in config & fixed authentication exceptions.

Change-Id: I19dd25b99f34c7aa51b2f1aea04837b2337838d8
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
index 6aa2d88..793b990 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/BasicAuthentication.java
@@ -4,8 +4,8 @@
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
index 60c3126..9c86533 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/KustvaktAuthenticationManager.java
@@ -20,11 +20,12 @@
 import com.unboundid.ldap.sdk.LDAPException;
 
 import de.ids_mannheim.korap.auditing.AuditRecord;
-import de.ids_mannheim.korap.authentication.framework.AuthorizationData;
+import de.ids_mannheim.korap.authentication.http.AuthorizationData;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.BeansFactory;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.config.URIParam;
 import de.ids_mannheim.korap.exceptions.EmptyResultException;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
@@ -67,13 +68,13 @@
 	private EntityHandlerIface entHandler;
 	private AdminHandlerIface adminHandler;
 	private AuditingIface auditing;
-	private KustvaktConfiguration config;
+	private FullConfiguration config;
 	private Collection userdatadaos;
 	private LoginCounter counter;
 	private ValidatorIface validator;
 
 	public KustvaktAuthenticationManager(EntityHandlerIface userdb, AdminHandlerIface admindb, EncryptionIface crypto,
-			KustvaktConfiguration config, AuditingIface auditer, Collection<UserDataDbIface> userdatadaos) {
+			FullConfiguration config, AuditingIface auditer, Collection<UserDataDbIface> userdatadaos) {
 		this.entHandler = userdb;
 		this.adminHandler = admindb;
 		this.config = config;
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/http/AuthorizationData.java b/full/src/main/java/de/ids_mannheim/korap/authentication/http/AuthorizationData.java
index 13715a7..14077e6 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/http/AuthorizationData.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/http/AuthorizationData.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.authentication.framework;
+package de.ids_mannheim.korap.authentication.http;
 
 import de.ids_mannheim.korap.config.AuthenticationType;
 import lombok.Getter;
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpAuthorizationHandler.java b/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpAuthorizationHandler.java
index 22bd096..f25bd96 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpAuthorizationHandler.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpAuthorizationHandler.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.authentication.framework;
+package de.ids_mannheim.korap.authentication.http;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
@@ -19,7 +19,7 @@
 
     @Autowired
     private TransferEncoding transferEncoding;
-
+    
     public String createAuthorizationHeader (AuthenticationType type,
             String username, String password) throws KustvaktException {
         ParameterChecker.checkStringValue(username, "username");
@@ -36,7 +36,7 @@
 
         String[] values = authorizationHeader.split(" ");
         if (values.length != 2) {
-            throw new KustvaktException(StatusCodes.CLIENT_AUTHORIZATION_FAILED,
+            throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
                     "Cannot parse authorization header value "
                             + authorizationHeader
                             + ". Use this format: [authentication "
@@ -51,13 +51,11 @@
         return data;
     }
 
-    public AuthorizationData parseToken (AuthorizationData data) throws KustvaktException {
+    public AuthorizationData parseToken (AuthorizationData data)
+            throws KustvaktException {
         String[] credentials = transferEncoding.decodeBase64(data.getToken());
         data.setUsername(credentials[0]);
         data.setPassword(credentials[1]);
         return data;
     }
-    
-    
-    
 }
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpUnauthorizedHandler.java b/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpUnauthorizedHandler.java
new file mode 100644
index 0000000..026b623
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/http/HttpUnauthorizedHandler.java
@@ -0,0 +1,31 @@
+package de.ids_mannheim.korap.authentication.http;
+
+import javax.ws.rs.core.HttpHeaders;
+import javax.ws.rs.core.Response;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import de.ids_mannheim.korap.config.FullConfiguration;
+
+/** Implementation of HTTP authentication scheme (see RFC 7253 and 7617)
+ *  for server creating responses with status 401 Unauthorized and 
+ *  WWW-Authenticate header to unauthenticated requests.
+ *    
+ * @author margaretha
+ *
+ */
+@Component
+public class HttpUnauthorizedHandler {
+    @Autowired
+    private FullConfiguration config;
+
+    public Response createUnauthenticatedResponse (String notification) {
+        return Response.status(Response.Status.UNAUTHORIZED)
+                .header(HttpHeaders.WWW_AUTHENTICATE,
+                        config.getAuthenticationScheme()
+                                + " realm=\"Kustvakt\"")
+                .entity(notification)
+                .build();
+    }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/authentication/http/TransferEncoding.java b/full/src/main/java/de/ids_mannheim/korap/authentication/http/TransferEncoding.java
index 70246d0..c4120df 100644
--- a/full/src/main/java/de/ids_mannheim/korap/authentication/http/TransferEncoding.java
+++ b/full/src/main/java/de/ids_mannheim/korap/authentication/http/TransferEncoding.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.authentication.framework;
+package de.ids_mannheim.korap.authentication.http;
 
 import org.apache.commons.codec.binary.Base64;
 import org.springframework.stereotype.Component;
diff --git a/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java b/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java
new file mode 100644
index 0000000..19ab495
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/config/FullConfiguration.java
@@ -0,0 +1,85 @@
+package de.ids_mannheim.korap.config;
+
+import java.io.IOException;
+import java.util.Properties;
+import java.util.regex.Pattern;
+
+import lombok.Getter;
+
+/** Configuration for Kustvakt full version including properties concerning
+ *  authentication and licenses. 
+ * 
+ * @author margaretha
+ *
+ */
+@Getter
+public class FullConfiguration extends KustvaktConfiguration{
+
+    private String ldapConfig;
+
+    private String freeOnlyRegex;
+    private String publicOnlyRegex;
+    private String allOnlyRegex;
+
+    private Pattern publicLicensePattern;
+    private Pattern freeLicensePattern;
+    private Pattern allLicensePattern;
+
+    private String authenticationScheme;
+
+    public FullConfiguration (Properties properties) throws IOException {
+        super(properties);
+    }
+
+    @Override
+    public void load (Properties properties) throws IOException {
+
+        super.load(properties);
+        // EM: regex used for storing vc
+        setLicenseRegex(properties);
+
+        // EM: pattern for matching availability in Krill matches
+        setLicensePatterns(properties);
+
+        authenticationScheme = properties.getProperty("authentication.scheme");
+        if (authenticationScheme == null) {
+            throw new NullPointerException(
+                    "authentication.scheme is missing in kustvakt.conf");
+        }
+        authenticationScheme = authenticationScheme.toLowerCase();
+        if (authenticationScheme
+                .equals(AuthenticationType.LDAP.displayName())) {
+            ldapConfig = properties.getProperty("ldap.config");
+            if (ldapConfig == null) {
+                throw new NullPointerException(
+                        "ldap.config is missing in kustvakt.conf");
+            }
+        }
+    }
+
+    private void setLicensePatterns (Properties properties) {
+        freeLicensePattern = compilePattern(freeOnlyRegex);
+        publicLicensePattern =
+                compilePattern(freeOnlyRegex + "|" + publicOnlyRegex);
+        allLicensePattern = compilePattern(
+                freeOnlyRegex + "|" + publicOnlyRegex + "|" + allOnlyRegex);
+    }
+
+    private void setLicenseRegex (Properties properties) {
+        freeOnlyRegex = properties.getProperty("availability.regex.free", "");
+        publicOnlyRegex =
+                properties.getProperty("availability.regex.public", "");
+        allOnlyRegex = properties.getProperty("availability.regex.all", "");
+    }
+
+
+    private Pattern compilePattern (String patternStr) {
+        if (!patternStr.isEmpty()) {
+            return Pattern.compile(patternStr);
+        }
+        else {
+            return null;
+        }
+    }
+
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java b/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
index 60402ac..57f92db 100644
--- a/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
+++ b/full/src/main/java/de/ids_mannheim/korap/rewrite/CollectionRewrite.java
@@ -1,4 +1,4 @@
-package de.ids_mannheim.korap.resource.rewrite;
+package de.ids_mannheim.korap.rewrite;
 
 
 import java.util.ArrayList;
@@ -12,10 +12,13 @@
 
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.query.object.KoralMatchOperator;
 import de.ids_mannheim.korap.query.object.KoralOperation;
+import de.ids_mannheim.korap.resource.rewrite.KoralNode;
 import de.ids_mannheim.korap.resource.rewrite.KoralNode.RewriteIdentifier;
+import de.ids_mannheim.korap.resource.rewrite.RewriteTask;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.user.User.CorpusAccess;
 import de.ids_mannheim.korap.utils.JsonUtils;
@@ -107,20 +110,22 @@
     public JsonNode rewriteQuery (KoralNode node, KustvaktConfiguration config,
             User user) throws KustvaktException {
         JsonNode jsonNode = node.rawNode();
+        
+        FullConfiguration fullConfig = (FullConfiguration) config;
 
         List<String> userAvailabilities = new ArrayList<String>();
         switch (user.getCorpusAccess()) {
             case PUB:
-                userAvailabilities.add(config.getFreeOnlyRegex());
-                userAvailabilities.add(config.getPublicOnlyRegex());
+                userAvailabilities.add(fullConfig.getFreeOnlyRegex());
+                userAvailabilities.add(fullConfig.getPublicOnlyRegex());
                 break;
             case ALL:
-                userAvailabilities.add(config.getFreeOnlyRegex());
-                userAvailabilities.add(config.getPublicOnlyRegex());
-                userAvailabilities.add(config.getAllOnlyRegex());
+                userAvailabilities.add(fullConfig.getFreeOnlyRegex());
+                userAvailabilities.add(fullConfig.getPublicOnlyRegex());
+                userAvailabilities.add(fullConfig.getAllOnlyRegex());
                 break;
             case FREE:
-                userAvailabilities.add(config.getFreeOnlyRegex());
+                userAvailabilities.add(fullConfig.getFreeOnlyRegex());
                 break;
         }
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java b/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java
new file mode 100644
index 0000000..c65d89f
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/rewrite/FullRewriteHandler.java
@@ -0,0 +1,21 @@
+package de.ids_mannheim.korap.rewrite;
+
+import de.ids_mannheim.korap.config.FullConfiguration;
+import de.ids_mannheim.korap.resource.rewrite.CollectionCleanRewrite;
+import de.ids_mannheim.korap.resource.rewrite.DocMatchRewrite;
+import de.ids_mannheim.korap.resource.rewrite.IdWriter;
+import de.ids_mannheim.korap.resource.rewrite.RewriteHandler;
+
+public class FullRewriteHandler extends RewriteHandler{
+
+    public FullRewriteHandler (FullConfiguration config) {
+        super(config);
+    }
+    
+    public void defaultRewriteConstraints () {
+      this.add(CollectionRewrite.class);
+      this.add(IdWriter.class);
+      this.add(DocMatchRewrite.class);
+      this.add(CollectionCleanRewrite.class);
+  }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java b/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
index c913e51..4952091 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/AnnotationService.java
@@ -15,7 +15,7 @@
 import de.ids_mannheim.korap.entity.AnnotationPair;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 
 @Service
 public class AnnotationService {
@@ -24,7 +24,7 @@
             LoggerFactory.getLogger(AnnotationService.class);
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    CoreResponseHandler kustvaktResponseHandler;
 
     @Autowired
     private AnnotationDao annotationDao;
diff --git a/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java b/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
index f866aeb..6064f9a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
+++ b/full/src/main/java/de/ids_mannheim/korap/service/VirtualCorpusService.java
@@ -8,7 +8,7 @@
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.JsonNode;
 
-import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.constant.VirtualCorpusType;
 import de.ids_mannheim.korap.dao.VirtualCorpusDao;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
@@ -34,7 +34,7 @@
     private SearchKrill krill;
 
     @Autowired
-    private KustvaktConfiguration config;
+    private FullConfiguration config;
 
     public void storeVC (VirtualCorpusFromJson vc, User user)
             throws KustvaktException {
@@ -42,7 +42,7 @@
         // EM: how about VirtualCorpusType.PUBLISHED?
         if (vc.getType().equals(VirtualCorpusType.PREDEFINED)
                 && !user.isAdmin()) {
-            throw new KustvaktException(StatusCodes.UNAUTHORIZED_OPERATION,
+            throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
                     "Unauthorized operation for user: " + user.getUsername(),
                     user.getUsername());
         }
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/FullResponseHandler.java b/full/src/main/java/de/ids_mannheim/korap/web/FullResponseHandler.java
new file mode 100644
index 0000000..dbd9ef5
--- /dev/null
+++ b/full/src/main/java/de/ids_mannheim/korap/web/FullResponseHandler.java
@@ -0,0 +1,64 @@
+package de.ids_mannheim.korap.web;
+
+import javax.ws.rs.WebApplicationException;
+import javax.ws.rs.core.Response;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import de.ids_mannheim.korap.authentication.http.HttpUnauthorizedHandler;
+import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
+import de.ids_mannheim.korap.interfaces.db.AuditingIface;
+
+/** KustvaktResponseHandler includes exceptions regarding authorization. 
+ * 
+ * @author margaretha
+ *
+ */
+public class FullResponseHandler extends CoreResponseHandler {
+
+    @Autowired
+    private HttpUnauthorizedHandler handler;
+
+    public FullResponseHandler (AuditingIface iface) {
+        super(iface);
+    }
+
+    @Override
+    public WebApplicationException throwit (KustvaktException e) {
+        Response r;
+        // EM: for all status codes > 2000?
+        if (e.getStatusCode() == StatusCodes.AUTHORIZATION_FAILED
+                || e.getStatusCode() >= StatusCodes.AUTHENTICATION_FAILED) {
+            String notification = buildNotification(e.getStatusCode(),
+                    e.getMessage(), e.getEntity());
+            r = handler.createUnauthenticatedResponse(notification);
+        }
+        else if (e.hasNotification()) {
+            r = Response.status(getStatus(e.getStatusCode()))
+                    .entity(e.getNotification()).build();
+        }
+        else {
+            r = Response.status(getStatus(e.getStatusCode()))
+                    .entity(buildNotification(e)).build();
+        }
+        return new WebApplicationException(r);
+    }
+
+    //    public WebApplicationException throwAuthenticationException (
+    //            String message) {
+    //        String notification =
+    //                buildNotification(StatusCodes.AUTHORIZATION_FAILED,
+    //                        "Authorization failed", message);
+    //        return new WebApplicationException(
+    //                handler.createUnauthenticatedResponse(notification));
+    //    }
+
+    //    public WebApplicationException throwAuthenticationException (
+    //            KustvaktException e) {
+    //        String notification = buildNotification(e.getStatusCode(),
+    //                e.getMessage(), e.getEntity());
+    //        return new WebApplicationException(
+    //                handler.createUnauthenticatedResponse(notification));
+    //    }
+}
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
index c12f5cf..532965a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AdminController.java
@@ -35,9 +35,9 @@
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.TimeUtils;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.filter.AdminFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * @author hanl, margaretha 
@@ -57,7 +57,7 @@
     private AuditingIface auditingController;
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    CoreResponseHandler kustvaktResponseHandler;
 
     // EM: not documented and tested, not sure what the purpose of the service is
     @GET
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AnnotationController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AnnotationController.java
index 46ffcd4..803936b 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AnnotationController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AnnotationController.java
@@ -23,10 +23,10 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.service.AnnotationService;
 import de.ids_mannheim.korap.utils.JsonUtils;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * Provides services regarding annotation related information.
@@ -44,7 +44,7 @@
             LoggerFactory.getLogger(AnnotationController.class);
 
     @Autowired
-    KustvaktResponseHandler responseHandler;
+    CoreResponseHandler responseHandler;
     
     @Autowired
     private AnnotationService annotationService;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
index 802a5b2..49f93ac 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/AuthenticationController.java
@@ -27,8 +27,8 @@
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ResourceFilters;
 
-import de.ids_mannheim.korap.authentication.framework.AuthorizationData;
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.AuthorizationData;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.BeansFactory;
@@ -40,11 +40,11 @@
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.KustvaktLogger;
 import de.ids_mannheim.korap.utils.ServiceInfo;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.BlockingFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 // import com.sun.xml.internal.messaging.saaj.util.Base64;
 
@@ -59,7 +59,7 @@
 public class AuthenticationController {
 
     @Autowired
-    private KustvaktResponseHandler kustvaktResponseHandler;
+    private FullResponseHandler kustvaktResponseHandler;
     
     @Autowired
     private HttpAuthorizationHandler authorizationHandler;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
index f60a91e..f1adb38 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/DocumentController.java
@@ -8,8 +8,9 @@
 import de.ids_mannheim.korap.server.KustvaktServer;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.KustvaktLogger;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.filter.AdminFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -34,7 +35,7 @@
 public class DocumentController {
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    CoreResponseHandler kustvaktResponseHandler;
     
     private static Logger jlog =
             LoggerFactory.getLogger(DocumentController.class);
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
index cf3cfaa..32663f5 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/KustvaktController.java
@@ -4,7 +4,7 @@
 import de.ids_mannheim.korap.server.KustvaktServer;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.ServiceInfo;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -26,7 +26,7 @@
 
     private static Logger jlog = LoggerFactory.getLogger(UserController.class);
     @Autowired
-    private KustvaktResponseHandler kustvaktResponseHandler;
+    private CoreResponseHandler kustvaktResponseHandler;
 
 
     @Path("info")
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
index 95d25cd..6616a12 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/OAuthController.java
@@ -12,12 +12,13 @@
 import de.ids_mannheim.korap.user.*;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.StringUtils;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.BlockingFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
 import de.ids_mannheim.korap.web.utils.FormRequestWrapper;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
+
 import org.apache.oltu.oauth2.as.issuer.MD5Generator;
 import org.apache.oltu.oauth2.as.issuer.OAuthIssuer;
 import org.apache.oltu.oauth2.as.issuer.OAuthIssuerImpl;
@@ -56,7 +57,7 @@
 public class OAuthController {
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    CoreResponseHandler kustvaktResponseHandler;
     
     private OAuth2Handler handler;
     @Autowired
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
index 4579947..5ab5a78 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/SearchController.java
@@ -1,7 +1,6 @@
 package de.ids_mannheim.korap.web.controller;// package
                                              // de.ids_mannheim.korap.ext.web;
 
-import java.io.IOException;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.HashSet;
@@ -32,8 +31,6 @@
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.RequestMapping;
 
-import com.fasterxml.jackson.core.JsonParseException;
-import com.fasterxml.jackson.databind.JsonMappingException;
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.core.util.MultivaluedMapImpl;
 import com.sun.jersey.spi.container.ResourceFilters;
@@ -41,16 +38,17 @@
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
 import de.ids_mannheim.korap.config.KustvaktConfiguration.BACKENDS;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.query.serialize.MetaQueryBuilder;
 import de.ids_mannheim.korap.query.serialize.QuerySerializer;
-import de.ids_mannheim.korap.resource.rewrite.RewriteHandler;
 import de.ids_mannheim.korap.resources.Corpus;
 import de.ids_mannheim.korap.resources.KustvaktResource;
 import de.ids_mannheim.korap.resources.ResourceFactory;
 import de.ids_mannheim.korap.resources.VirtualCollection;
+import de.ids_mannheim.korap.rewrite.FullRewriteHandler;
 import de.ids_mannheim.korap.security.ac.ResourceFinder;
 import de.ids_mannheim.korap.security.ac.ResourceHandler;
 import de.ids_mannheim.korap.user.DemoUser;
@@ -62,11 +60,11 @@
 import de.ids_mannheim.korap.utils.KustvaktLogger;
 import de.ids_mannheim.korap.utils.StringUtils;
 import de.ids_mannheim.korap.web.ClientsHandler;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.SearchKrill;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * EM: To Do: restructure codes regarding service and controller
@@ -87,7 +85,7 @@
             LoggerFactory.getLogger(SearchController.class);
 
     @Autowired
-    KustvaktResponseHandler responseHandler;
+    CoreResponseHandler responseHandler;
     @Autowired
     private SearchKrill searchKrill;
     private ResourceHandler resourceHandler;
@@ -95,9 +93,9 @@
     private AuthenticationManagerIface controller;
     private ClientsHandler graphDBhandler;
     @Autowired
-    private KustvaktConfiguration config;
+    private FullConfiguration config;
     @Autowired
-    private RewriteHandler processor;
+    private FullRewriteHandler processor;
 
 
     public SearchController () {
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
index cfe46ce..5f44f84 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/StatisticController.java
@@ -21,9 +21,9 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.utils.KoralCollectionQueryBuilder;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.SearchKrill;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * Web services related to statistics
@@ -44,7 +44,7 @@
     private static Logger jlog =
             LoggerFactory.getLogger(StatisticController.class);
     @Autowired
-    private KustvaktResponseHandler kustvaktResponseHandler;
+    private CoreResponseHandler kustvaktResponseHandler;
     @Autowired
     private SearchKrill searchKrill;
 
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
index bffe9d8..2bee6a4 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/UserController.java
@@ -52,11 +52,11 @@
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.StringUtils;
 import de.ids_mannheim.korap.utils.TimeUtils;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.BlockingFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * @author hanl, margaretha
@@ -69,7 +69,7 @@
 public class UserController {
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    private FullResponseHandler kustvaktResponseHandler;
     
     private static Logger jlog = LoggerFactory.getLogger(UserController.class);
     @Autowired
@@ -276,12 +276,6 @@
                 base_scope.retainAll(StringUtils.toSet(scopes));
             scopes = StringUtils.toString(base_scope);
             m = Scopes.mapScopes(scopes, data);
-        }
-        catch (KustvaktException e) {
-            throw kustvaktResponseHandler
-                    .throwAuthenticationException(ctx.getUsername(), ctx.getAuthenticationType());
-        }
-        try {
             return Response.ok(m.toEntity()).build();
         }
         catch (KustvaktException e) {
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java b/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
index 50eb392..18fc518 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/controller/VirtualCorpusController.java
@@ -23,11 +23,11 @@
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
 import de.ids_mannheim.korap.utils.ParameterChecker;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 import de.ids_mannheim.korap.web.filter.AuthenticationFilter;
 import de.ids_mannheim.korap.web.filter.DemoUserFilter;
 import de.ids_mannheim.korap.web.filter.PiwikFilter;
 import de.ids_mannheim.korap.web.input.VirtualCorpusFromJson;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 @Controller
 @Path("vc")
@@ -41,7 +41,7 @@
     @Autowired
     private AuthenticationManagerIface authManager;
     @Autowired
-    private KustvaktResponseHandler responseHandler;
+    private FullResponseHandler responseHandler;
     @Autowired
     private VirtualCorpusService service;
 
@@ -61,7 +61,7 @@
             TokenContext context =
                     (TokenContext) securityContext.getUserPrincipal();
             if (context.isDemo()) {
-                throw new KustvaktException(StatusCodes.UNAUTHORIZED_OPERATION,
+                throw new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
                         "Operation is not permitted for user: "
                                 + context.getUsername(),
                         context.getUsername());
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
index 12e24cd..582cf1a 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AdminFilter.java
@@ -8,24 +8,24 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
-import com.ctc.wstx.util.StringUtil;
+import com.sun.jersey.api.client.ClientResponse.Status;
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ContainerRequestFilter;
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
-import de.ids_mannheim.korap.authentication.framework.AuthorizationData;
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.AuthorizationData;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
-import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
+import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.user.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.StringUtils;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 import de.ids_mannheim.korap.web.utils.KustvaktContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
  * @author hanl, margaretha
@@ -39,29 +39,28 @@
     private AuthenticationManagerIface authManager;
 
     @Autowired
-    private KustvaktResponseHandler kustvaktResponseHandler;
-    
+    private FullResponseHandler kustvaktResponseHandler;
+
     @Autowired
     private TransferEncoding transferEncoding;
-    
+
     @Autowired
     private HttpAuthorizationHandler authorizationHandler;
-    
+
     @Override
     public ContainerRequest filter (ContainerRequest cr) {
         String authorization =
                 cr.getHeaderValue(ContainerRequest.AUTHORIZATION);
-        
+
         AuthorizationData data;
         try {
             data = authorizationHandler.parseAuthorizationHeader(authorization);
             data = authorizationHandler.parseToken(data);
         }
         catch (KustvaktException e) {
-            String authType = StringUtils.stripTokenType(authorization);
-            throw kustvaktResponseHandler.throwAuthenticationException(e, authType);
+            throw kustvaktResponseHandler.throwit(e);
         }
-        
+
         String host = cr.getHeaderValue(ContainerRequest.HOST);
         String agent = cr.getHeaderValue(ContainerRequest.USER_AGENT);
         Map<String, Object> attributes = new HashMap<>();
@@ -72,14 +71,14 @@
             User user = authManager.authenticate(data.getAuthenticationType(),
                     data.getUsername(), data.getPassword(), attributes);
             if (!user.isAdmin()) {
-                throw kustvaktResponseHandler.throwAuthenticationException(
-                        "Admin authentication failed.", data.getAuthenticationType());
+                throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
+                        "Admin authentication failed.");
             }
             Map<String, Object> properties = cr.getProperties();
             properties.put("user", user);
         }
         catch (KustvaktException e) {
-            throw kustvaktResponseHandler.throwAuthenticationException(e, data.getAuthenticationType());
+            throw kustvaktResponseHandler.throwit(e);
         }
 
         TokenContext c = new TokenContext();
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
index 2f57c6c..c3599d4 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/AuthenticationFilter.java
@@ -10,19 +10,19 @@
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
-import de.ids_mannheim.korap.authentication.framework.AuthorizationData;
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.AuthorizationData;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.interfaces.AuthenticationManagerIface;
 import de.ids_mannheim.korap.user.TokenContext;
-import de.ids_mannheim.korap.utils.StringUtils;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 import de.ids_mannheim.korap.web.utils.KustvaktContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 /**
- * @author hanl
+ * @author hanl, margaretha
  * @date 28/01/2014
+ * @last update 5/12/2017
  */
 @Component
 @Provider
@@ -36,13 +36,7 @@
     private AuthenticationManagerIface userController;
 
     @Autowired
-    private KustvaktResponseHandler kustvaktResponseHandler;
-
-    //    public AuthFilter () {
-    //        this.userController = BeansFactory.getKustvaktContext()
-    //                .getAuthenticationManager();
-    //    }
-
+    private FullResponseHandler kustvaktResponseHandler;
 
     @Override
     public ContainerRequest filter (ContainerRequest request) {
@@ -60,28 +54,38 @@
                 authData = authorizationHandler
                         .parseAuthorizationHeader(authorization);
                 context = userController.getTokenStatus(
-                        authData.getAuthenticationType(), authData.getToken(), host,
-                        ua);
+                        authData.getAuthenticationType(), authData.getToken(),
+                        host, ua);
+                checkContext(context, request);
             }
             catch (KustvaktException e) {
-                String authType = StringUtils.stripTokenType(authorization);
-                throw kustvaktResponseHandler
-                        .throwAuthenticationException(e, authType);
+                throw kustvaktResponseHandler.throwit(e);
             }
-            // fixme: give reason why access is not granted?
-            if (context != null && context.isValid()
-                    && ((context.isSecureRequired() && request.isSecure())
-                            | !context.isSecureRequired()))
-                request.setSecurityContext(new KustvaktContext(context));
-            else
-                throw kustvaktResponseHandler.throwAuthenticationException(
-                        new KustvaktException(StatusCodes.UNAUTHORIZED_OPERATION), 
-                        authData.getAuthenticationType());
+            
+            request.setSecurityContext(new KustvaktContext(context));
         }
         return request;
     }
 
 
+    private void checkContext (TokenContext context, ContainerRequest request)
+            throws KustvaktException {
+        if (context == null) {
+            throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
+                    "Context is null.");
+        }
+        else if (!context.isValid()) {
+            throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
+                    "Context is not valid: "
+                            + "missing username, password or authentication scheme.");
+        }
+        else if (context.isSecureRequired() && !request.isSecure()) {
+            throw new KustvaktException(StatusCodes.AUTHENTICATION_FAILED,
+                    "Request is not secure.");
+        }
+    }
+
+
     @Override
     public ContainerRequestFilter getRequestFilter () {
         return this;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java
index e0d1c02..6dc2bc2 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/BlockingFilter.java
@@ -1,5 +1,10 @@
 package de.ids_mannheim.korap.web.filter;
 
+import javax.ws.rs.ext.Provider;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ContainerRequestFilter;
 import com.sun.jersey.spi.container.ContainerResponseFilter;
@@ -8,12 +13,7 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.user.TokenContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
-
-import javax.ws.rs.ext.Provider;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 
 /**
  * @author hanl
@@ -27,7 +27,7 @@
 public class BlockingFilter implements ContainerRequestFilter, ResourceFilter {
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
+    private FullResponseHandler kustvaktResponseHandler;
 
     @Override
     public ContainerRequest filter (ContainerRequest request) {
@@ -38,12 +38,12 @@
         }
         catch (UnsupportedOperationException e) {
             throw kustvaktResponseHandler.throwit(new KustvaktException(
-                    StatusCodes.UNAUTHORIZED_OPERATION, e.getMessage(), e));
+                    StatusCodes.UNSUPPORTED_OPERATION, e.getMessage(), e));
         }
 
         if (context == null || context.isDemo()) {
             throw kustvaktResponseHandler.throwit(
-                    new KustvaktException(StatusCodes.UNAUTHORIZED_OPERATION,
+                    new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
                             "Operation is not permitted for user: "
                                     + context.getUsername(),
                             context.getUsername()));
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
index a30d589..40928d7 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoFilter.java
@@ -10,7 +10,7 @@
 import com.sun.jersey.spi.container.ContainerResponseFilter;
 import com.sun.jersey.spi.container.ResourceFilter;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.user.TokenContext;
@@ -24,7 +24,7 @@
 public class DemoFilter implements ContainerRequestFilter, ResourceFilter {
 
     @Autowired
-    HttpAuthorizationHandler handler;
+    private HttpAuthorizationHandler handler;
     
     @Override
     public ContainerRequest filter (ContainerRequest request) {
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
index de39c8b..106c180 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/DemoUserFilter.java
@@ -9,8 +9,8 @@
 import de.ids_mannheim.korap.user.TokenContext;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.TimeUtils;
+import de.ids_mannheim.korap.web.CoreResponseHandler;
 import de.ids_mannheim.korap.web.utils.KustvaktContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
 
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.UriInfo;
diff --git a/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java b/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java
index e5fa7f1..004d796 100644
--- a/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java
+++ b/full/src/main/java/de/ids_mannheim/korap/web/filter/NonDemoBlockingFilter.java
@@ -1,5 +1,10 @@
 package de.ids_mannheim.korap.web.filter;
 
+import javax.ws.rs.ext.Provider;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
 import com.sun.jersey.spi.container.ContainerRequest;
 import com.sun.jersey.spi.container.ContainerRequestFilter;
 import com.sun.jersey.spi.container.ContainerResponseFilter;
@@ -8,12 +13,7 @@
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.user.TokenContext;
-import de.ids_mannheim.korap.web.utils.KustvaktResponseHandler;
-
-import javax.ws.rs.ext.Provider;
-
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.stereotype.Component;
+import de.ids_mannheim.korap.web.FullResponseHandler;
 
 /**
  * @author hanl
@@ -24,12 +24,12 @@
  */
 @Component
 @Provider
-public class NonDemoBlockingFilter implements ContainerRequestFilter,
-        ResourceFilter {
+public class NonDemoBlockingFilter
+        implements ContainerRequestFilter, ResourceFilter {
 
     @Autowired
-    KustvaktResponseHandler kustvaktResponseHandler;
-    
+    private FullResponseHandler kustvaktResponseHandler;
+
     @Override
     public ContainerRequest filter (ContainerRequest request) {
         TokenContext context;
@@ -38,11 +38,11 @@
         }
         catch (UnsupportedOperationException e) {
             throw kustvaktResponseHandler.throwit(new KustvaktException(
-                    StatusCodes.UNAUTHORIZED_OPERATION, e.getMessage(), e));
+                    StatusCodes.UNSUPPORTED_OPERATION, e.getMessage(), e));
         }
 
-        if (context == null || context.isDemo()){
-            new KustvaktException(StatusCodes.UNAUTHORIZED_OPERATION,
+        if (context == null || context.isDemo()) {
+            new KustvaktException(StatusCodes.AUTHORIZATION_FAILED,
                     "Operation is not permitted for guest users");
         }
         return request;
diff --git a/full/src/main/resources/default-config.xml b/full/src/main/resources/default-config.xml
index c81bff5..625460f 100644
--- a/full/src/main/resources/default-config.xml
+++ b/full/src/main/resources/default-config.xml
@@ -58,7 +58,7 @@
 		p:configLocation='classpath:ehcache.xml' p:shared='true' />
 
 	<!-- props are injected from default-config.xml -->
-	<bean id="kustvakt_config" class="de.ids_mannheim.korap.config.KustvaktConfiguration">
+	<bean id="kustvakt_config" class="de.ids_mannheim.korap.config.FullConfiguration">
 		<constructor-arg name="properties" ref="props" />
 	</bean>
 
@@ -160,12 +160,17 @@
 		<constructor-arg value="${krill.indexDir}"/>
 	</bean>
 
+
+	<bean id="kustvakt_rewrite" class="de.ids_mannheim.korap.rewrite.FullRewriteHandler">
+		<constructor-arg ref="kustvakt_config" />
+	</bean>
+
 	<bean id="kustvakt_auditing" class="de.ids_mannheim.korap.handlers.JDBCAuditing">
 		<constructor-arg ref="kustvakt_db" />
 	</bean>
 
 	<bean id="kustvakt_response"
-          class="de.ids_mannheim.korap.web.utils.KustvaktResponseHandler">
+          class="de.ids_mannheim.korap.web.FullResponseHandler">
           <constructor-arg index="0" name="iface" ref="kustvakt_auditing"/>
     </bean>
     
diff --git a/full/src/main/resources/kustvakt.conf b/full/src/main/resources/kustvakt.conf
index 8f465e3..ea9af81 100644
--- a/full/src/main/resources/kustvakt.conf
+++ b/full/src/main/resources/kustvakt.conf
@@ -1,4 +1,4 @@
-## index dir
+#Krill
 krill.indexDir= ../sample-index
 
 krill.index.commit.count = 134217000
@@ -6,22 +6,27 @@
 krill.index.commit.auto = 500
 krill.index.relations.max = 100
 
-# default layers
+## LDAP
+ldap.config = file-path-to-ldap-config
+
+# Kustvakt
+## default layers
 default.layer.p = tt
 default.layer.l = tt
 default.layer.o = opennlp
 default.layer.d = mate
 default.layer.c = corenlp
 
-# availability regex
+## availability regex
 availability.regex.free = CC-BY.*
 availability.regex.public = ACA.*
 availability.regex.all = QAO.*
 
-kustvakt.management.registration=enable
+## authentication
+authentication.scheme = ldap
 
-#LDAP
-ldap.config = file-path-to-ldap-config
+
+kustvakt.management.registration=enable
 
 ## options referring to the security module!
 
diff --git a/full/src/test/java/de/ids_mannheim/korap/config/StringUtilsTest.java b/full/src/test/java/de/ids_mannheim/korap/config/StringUtilsTest.java
index aea4968..3edb434 100644
--- a/full/src/test/java/de/ids_mannheim/korap/config/StringUtilsTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/config/StringUtilsTest.java
@@ -8,9 +8,9 @@
 import org.springframework.beans.factory.annotation.Autowired;
 
 import de.ids_mannheim.korap.authentication.BasicAuthentication;
-import de.ids_mannheim.korap.authentication.framework.AuthorizationData;
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.AuthorizationData;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.utils.StringUtils;
 
diff --git a/full/src/test/java/de/ids_mannheim/korap/resource/rewrite/CollectionRewriteTest.java b/full/src/test/java/de/ids_mannheim/korap/resource/rewrite/CollectionRewriteTest.java
index 2e03b21..38cc04e 100644
--- a/full/src/test/java/de/ids_mannheim/korap/resource/rewrite/CollectionRewriteTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/resource/rewrite/CollectionRewriteTest.java
@@ -15,6 +15,7 @@
 import de.ids_mannheim.korap.config.TestVariables;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.query.serialize.QuerySerializer;
+import de.ids_mannheim.korap.rewrite.CollectionRewrite;
 import de.ids_mannheim.korap.user.User;
 import de.ids_mannheim.korap.utils.JsonUtils;
 
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/SearchKrillTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/SearchKrillTest.java
index f8e664a..c08c247 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/SearchKrillTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/SearchKrillTest.java
@@ -11,6 +11,7 @@
 import de.ids_mannheim.korap.KrillIndex;
 import de.ids_mannheim.korap.config.BeanConfigTest;
 import de.ids_mannheim.korap.config.KustvaktConfiguration;
+import de.ids_mannheim.korap.config.FullConfiguration;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
 import de.ids_mannheim.korap.query.serialize.QuerySerializer;
 import de.ids_mannheim.korap.utils.JsonUtils;
@@ -56,7 +57,7 @@
 
 	@Test
     public void testMatchInfo () throws KustvaktException {
-        KustvaktConfiguration config = helper().getContext().getConfiguration();
+	    FullConfiguration config = helper().getContext().getConfiguration();
         SearchKrill krill = new SearchKrill(config.getIndexDir());
         assertNotNull(krill);
 		String matchinfo = krill.getMatch("WPD/AAA.00002/p169-197", config.getFreeLicensePattern());
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/AuthServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/AuthServiceTest.java
index 1acf4c2..d2e31ed 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/AuthServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/AuthServiceTest.java
@@ -14,8 +14,8 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.TestHelper;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/FilterTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/FilterTest.java
index 765deb8..5083470 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/FilterTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/FilterTest.java
@@ -11,7 +11,7 @@
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.api.client.UniformInterfaceException;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.TestHelper;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/KustvaktServerTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/KustvaktServerTest.java
index 31248d8..d03cc9a 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/KustvaktServerTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/KustvaktServerTest.java
@@ -34,8 +34,8 @@
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.core.util.MultivaluedMapImpl;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.BeanConfigTest;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/MatchInfoServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/MatchInfoServiceTest.java
index 28318cf..85ecbdd 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/MatchInfoServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/MatchInfoServiceTest.java
@@ -11,7 +11,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/OAuth2EndpointTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/OAuth2EndpointTest.java
index 18bae77..1259dc2 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/OAuth2EndpointTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/OAuth2EndpointTest.java
@@ -13,8 +13,8 @@
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.api.client.UniformInterfaceException;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
-import de.ids_mannheim.korap.authentication.framework.TransferEncoding;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.TransferEncoding;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.TestHelper;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
index 58affbf..f94839e 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/PolicyServiceTest.java
@@ -12,7 +12,7 @@
 
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/QuerySerializationServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/QuerySerializationServiceTest.java
index 77bad19..a188073 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/QuerySerializationServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/QuerySerializationServiceTest.java
@@ -19,7 +19,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceInfoServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceInfoServiceTest.java
index b357adb..a806bc6 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceInfoServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceInfoServiceTest.java
@@ -12,7 +12,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceServiceTest.java
index 238e7ba..1146c66 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/ResourceServiceTest.java
@@ -17,7 +17,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchServiceTest.java
index ba2fb3c..468522d 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchServiceTest.java
@@ -18,7 +18,7 @@
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.ContextHolder;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchWithAvailabilityTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchWithAvailabilityTest.java
index cf19694..811f99d 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchWithAvailabilityTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/SearchWithAvailabilityTest.java
@@ -12,7 +12,7 @@
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.api.client.UniformInterfaceException;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.exceptions.KustvaktException;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserServiceTest.java
index 2c1d3fe..b787ff4 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/UserServiceTest.java
@@ -25,7 +25,7 @@
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.core.util.MultivaluedMapImpl;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.BeansFactory;
diff --git a/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java b/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
index 71a425a..2c7a8f7 100644
--- a/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
+++ b/full/src/test/java/de/ids_mannheim/korap/web/service/full/VirtualCorpusServiceTest.java
@@ -10,12 +10,13 @@
 import org.eclipse.jetty.http.HttpHeaders;
 import org.junit.Test;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 
 import com.fasterxml.jackson.databind.JsonNode;
 import com.sun.jersey.api.client.ClientResponse;
 import com.sun.jersey.spi.container.ContainerRequest;
 
-import de.ids_mannheim.korap.authentication.framework.HttpAuthorizationHandler;
+import de.ids_mannheim.korap.authentication.http.HttpAuthorizationHandler;
 import de.ids_mannheim.korap.config.Attributes;
 import de.ids_mannheim.korap.config.AuthenticationType;
 import de.ids_mannheim.korap.config.SpringJerseyTest;
@@ -23,23 +24,23 @@
 import de.ids_mannheim.korap.exceptions.StatusCodes;
 import de.ids_mannheim.korap.utils.JsonUtils;
 
-public class VirtualCorpusServiceTest extends SpringJerseyTest{
-    
+public class VirtualCorpusServiceTest extends SpringJerseyTest {
+
     @Autowired
-    HttpAuthorizationHandler handler;
-    
+    private HttpAuthorizationHandler handler;
+
     @Test
-//    @Ignore
+    //    @Ignore
     public void testStoreVC () throws KustvaktException {
         String json =
                 "{\"name\": \"new vc\",\"type\": \"PRIVATE\",\"createdBy\": "
                         + "\"test class\",\"collectionQuery\": \"corpusSigle=GOE\"}";
 
-        ClientResponse response = resource().path("vc").path("store")
-                .header(Attributes.AUTHORIZATION,
-                        handler.createAuthorizationHeader(AuthenticationType.BASIC,"kustvakt", "kustvakt2015"))
-                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32")
-                .entity(json)
+        ClientResponse response = resource().path("vc").path("store").header(
+                Attributes.AUTHORIZATION,
+                handler.createAuthorizationHeader(AuthenticationType.BASIC,
+                        "kustvakt", "kustvakt2015"))
+                .header(HttpHeaders.X_FORWARDED_FOR, "149.27.0.32").entity(json)
                 .post(ClientResponse.class);
         String entity = response.getEntity(String.class);
         System.out.println(entity);
@@ -53,20 +54,25 @@
 
         ClientResponse response = resource().path("vc").path("store")
                 .entity(json).post(ClientResponse.class);
+
+        assertEquals(HttpStatus.UNAUTHORIZED.value(), response.getStatus());
         
-        Set<Entry<String, List<String>>> headers = response.getHeaders().entrySet();
-        
-        for (Entry<String, List<String>> header: headers){
-            if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)){
-                assertEquals("Basic realm=\"Kustvakt\"", header.getValue().get(0));
+        Set<Entry<String, List<String>>> headers =
+                response.getHeaders().entrySet();
+
+        for (Entry<String, List<String>> header : headers) {
+            if (header.getKey().equals(ContainerRequest.WWW_AUTHENTICATE)) {
+                assertEquals("ldap realm=\"Kustvakt\"",
+                        header.getValue().get(0));
             }
         }
-//        System.out.println(header);
-        
+
         String entity = response.getEntity(String.class);
         JsonNode node = JsonUtils.readTree(entity);
-        assertEquals(StatusCodes.UNAUTHORIZED_OPERATION,
+        assertEquals(StatusCodes.AUTHORIZATION_FAILED,
                 node.at("/errors/0/0").asInt());
+        assertEquals("Operation is not permitted for user: guest",
+                node.at("/errors/0/1").asText());
     }
 
     @Test
@@ -78,7 +84,7 @@
         ClientResponse response = resource().path("vc").path("store")
                 .entity(json).post(ClientResponse.class);
         String entity = response.getEntity(String.class);
-                System.out.println(entity);
+//        System.out.println(entity);
 
         JsonNode node = JsonUtils.readTree(entity);
         assertEquals(StatusCodes.DESERIALIZATION_FAILED,
diff --git a/full/src/test/resources/kustvakt-test.conf b/full/src/test/resources/kustvakt-test.conf
index c87ecba..bfb35ee 100644
--- a/full/src/test/resources/kustvakt-test.conf
+++ b/full/src/test/resources/kustvakt-test.conf
@@ -6,27 +6,32 @@
 krill.index.commit.auto = 500
 krill.index.relations.max = 100
 
-# default layers
+#LDAP
+ldap.config = file-path-to-ldap-config
+
+# Kustvakt
+
+## server
+server.port=8089
+server.host=localhost
+
+## default layers
 default.layer.p = tt
 default.layer.l = tt
 default.layer.o = opennlp
 default.layer.d = mate
 default.layer.c = corenlp
 
-# availability regex
+## availability regex
 availability.regex.free = CC-BY.*
 availability.regex.public = ACA.*
 availability.regex.all = QAO.*
 
-# port&host added 06.02.17/FB
-server.port=8089
-server.host=localhost
+## authentication
+authentication.scheme = ldap
 
 kustvakt.management.registration=enable
 
-#LDAP
-ldap.config = /home/elma/.config/ldap.conf
-
 ## options referring to the security module!
 
 ## token expiration time in minutes!
diff --git a/full/src/test/resources/test-config.xml b/full/src/test/resources/test-config.xml
index 1ca00b0..b416f1c 100644
--- a/full/src/test/resources/test-config.xml
+++ b/full/src/test/resources/test-config.xml
@@ -50,7 +50,7 @@
 		p:configLocation='classpath:ehcache.xml' p:shared='true' />
 
 	<!-- props are injected from default-config.xml -->
-	<bean id="kustvakt_config" class="de.ids_mannheim.korap.config.KustvaktConfiguration">
+	<bean id="kustvakt_config" class="de.ids_mannheim.korap.config.FullConfiguration">
 		<constructor-arg name="properties" ref="props" />
 	</bean>
 
@@ -157,12 +157,17 @@
 		<constructor-arg value="${krill.indexDir}"/>
 	</bean>
 
+
+	<bean id="kustvakt_rewrite" class="de.ids_mannheim.korap.rewrite.FullRewriteHandler">
+		<constructor-arg ref="kustvakt_config" />
+	</bean>
+
 	<bean id="kustvakt_auditing" class="de.ids_mannheim.korap.handlers.JDBCAuditing">
 		<constructor-arg ref="kustvakt_db" />
 	</bean>
 	
 	<bean id="kustvakt_response"
-          class="de.ids_mannheim.korap.web.utils.KustvaktResponseHandler">
+          class="de.ids_mannheim.korap.web.FullResponseHandler">
           <constructor-arg index="0" name="iface" ref="kustvakt_auditing"/>
     </bean>